AA Dec23

WHYZELL?
AtZel l
,ourmi ssi
oni st obeIndi a’
sforemostt r
aini
ngcenter
,
revol
ut i
onizingcar eer sbymaki ngitaffordableandaccessibletoal l
.
Ourpr imar yobjectivei st
opr ovidetop-notcheducat i
onandski l
l
upgradat i
ont hroughpar t
nershipswithi ndustryexpert
sandby
i
ncor porati
ngt hebesteducat ionalpractices.Wear ecommi t
tedt o
deli
ver i
nghi gh-qual i
tylearni
ngexper iencest hatempowerindividuals
tothriveint heirprofessionaljourneys.
OUR PROGRESS
STUDENTSLI
FEI
MPACTED HOURSOFR&D ON EXPERTS I
NDUSTRYEXPERTASFACULTY CORPORATETRAI
NINGS
I
N EXPERI
ENTI
ALMETHOD AND MENTORS
OUR ACHI
EVEMENTS
STUDENTSATISFACTI
ON ASSI
STED FOR PLACEMENT STUDENTCERTI
FIED STUDENTSJOIN USBASI
S
RATI
O RECOMMENDATION
Chapter 1: Introduction to Auditing 1
Table of Contents
Chapter 1: Introduction to Auditing ................................................................................................... 12

Chapter 2: Rules and Regulation ........................................................................................................ 25
Chapter 3: Governance ...................................................................................................................... 31
Chapter 4A: Ethics ............................................................................................................................. 38
Chapter 4B: Client Acceptance by Auditor/Audit Firm......................................................................... 52
Chapter 5: Risk .................................................................................................................................. 61
Chapter 6: Audit Planning .................................................................................................................. 82
Chapter 7: Audit Evidence.................................................................................................................. 97
Chapter 8: Systems and Controls....................................................................................................... 130
Chapter 9: Internal Audit .................................................................................................................. 152
Chapter 10: Procedures .................................................................................................................... 164
Chapter 11: Completion and Review ................................................................................................. 203
Chapter 12: Reporting ...................................................................................................................... 220
Foreword
‘By the ACCA, for the ACCA’
These notes are designed with a simple mission, to fill the gap for Indian students who don’tfind comfort
in studying from notes that are framed in a complex manner. Our priority at Zell is to improve the
results our students achieve by providing all that they need, be it quality education, state of the art
infrastructure and techniques or the next step, the content that perfectly fits in making the trifecta or
the winning formula.
Here at Zell, we don’t worry about the background, prior knowledge or preferencessomeone has. The
aim is simple, by the time a student is done with a paper, they are on thesame page as anyone else and
that for us, should be enough knowledge to be able to call them a professional truly.
Keeping all this in mind, we bring to you these notes, created by us, for you, to truly help make the
difference and turn your journey of ACCA into an even better one. This is just the beginning; there is
more in store.
Thank you
Credits
Authored by:
Ishitha Raichura
Designed by:
Rushil Shah
Ayushi Bhatia
For June 2023 to March 2024 examination sittings

Planning how to study

Before starting the preparation for any paper, you should always make a macro level planon how to
go about preparing for the exam. Understand what is expected of you to be ableto clear the exam with
high scores. It is important to set targets and stick to them, to ensurethat you stay on track and progress
in your ACCA journey.
Have a plan from the beginning about where you want to be at the end of the month or two months,
then work backwards and understand what you must do to stay on track. Then, at the start of every
week, make a brief plan about how much needs to be covered every day, resulting in the timely
completion of the exam.
Break your macro plan intro studying along with the professor/recordings, examination month and
final revision. Plan how many hours can you give every day and make a scheduleaccordingly. Ensure that
you can give quality hours without distractions. The quantity of hours doesn’t matter.
How to approach the exam
Knowing how much importance ACCA places on application-based learning is important. You must
understand that rote learning in any exam for any concept will mostly amount to zero marks being
scored.
Students leave minimal time to their core exam preparation and directly jump into mock exams
without finishing the exam kit. Leave the exam month for core practice of questions available to you,
ensure you finish the conceptual understanding before starting to do so.
The ideal approach is to watch/attend lectures and keep up with the pace, practicing 40% of the
question bank alongside, to cement conceptual understanding. Once classes conclude, ensure the
remaining 60% of the question bank is solved, followed by at least three mock examinations before
attempting the main exam.
Exam month
• In the exam month, ensure that you finish the portion as soon as possible and shift all focus
to completing the question bank. Remember, completing thetextbook alone is not enough,
whereas completing the question bank gives you ahigher chance of clearing the exam.
• If you are done with your question bank, repeat the question bank or key questions you
marked before the exam. Only 40% of your total time should be allocated to building a
conceptual understanding, the remaining 60% to solve questions.
• You must practice newly launched past exam questions available on the ACCA website at the
end to ensure you can solve questions of the rigour expected fromyou.
• Ensure you do not get into the habit of reading a question and then reading the answer. This
approach will make you seek answers in the exam and not seek solutions on your own. Read
a question, solve it on your own, check the answer. If it is incorrect, solve the question again
to get another answer, rather than reading the explanation to understand what you did
wrong. That should always bethe last resort.
• For subjective questions, do not simply read the answer and make notes. Type theanswer or
solve it on a spreadsheet before checking the solution. Practicing on a computer for a
computer-based exam can make the difference for you in finishingthe exam.
• Familiarise yourself with the scientific calculator, the CBE exam platform and other tools to
ensure you are comfortable with the same in the actual exam.
• Ensure you complete 100% of the portion. Do not skip anything as the exam will test youon a
range of interconnected topics, and leaving parts of the portion will guarantee you are losing
certain marks.
Exam strategy
There are certain things to be kept in mind before attempting the main exam.
1. Remain calm before the exam. Do not study at the last moment, as going into the exam with
a fresh mind will allow you to tackle the questions more easily.
2. There is no negative marketing in the exams. Ensure that you attempt 100% of the paper to
ensure that some of your educated guesses score some marks even in the worst case.
3. The examination is 3 hours 15 minutes long, which means you have 195 minutesfor 100marks,
or simply 1.95 minutes per mark. Ensure you don’t get overboardwith the time you take to
solve a question at hand.
4. Ensure you read the question very carefully. Don’t assume that you faced a similar question
in the past and jump to solving it as the requirements can varyeven in small concepts causing
you to lose easy marks.
5. Read the requirements carefully. Pay attention to the verb used, Define, explain, calculate,
evaluate etc., to understand what the examiner is seeking to ensure youanswer on those lines.
6. Do not go for quantity when you are answering subjective questions. The examiner will award
one mark per valid statement and one mark only per valid point. Do not elaborate on points
to simply write more.
7. The options are set up so that even answers derived using the wrong steps are available as
options. Do not jump to the conclusion that your answer has to be correct because it is
available as an option.
8. If there is a tricky question that you can’t solve, make an educated guess by eliminating the
one’s you definitely know are wrong, flag the question and moveahead. If you finish the paper
and have remaining time, revisit the flag questions to score full marks.
9. Do not sit and recalculate the answer you got more than twice, as you are likely tocalculate it
in the same way you did previously, by repeating the same mistake if any. This is a massive
waste of your crucial time. Rather move faster and revisit key questions at the end,
recalculating your answers at that point will possibly reveal mistakes and allow you to rectify
them, thus scoring more marks.
Elements
Syllabus wise study material
The study material is curated in a manner where the syllabus provided by ACCA has been covered in
vast depth, and the order is set in a way that the flow of concepts within the material suits a student.
Apply Your Knowledge
Various AYK style questions test the student on their ability to remember and understand concepts
thoroughly before moving to analytical questions.
Quiz
Further, there are primarily application-based quiz questions, introducing the student to analytical
and evaluative questions to bring the student one step closer to actual exam-style questions.
Recap
After the end of every main chapter, there is a recap page summarising all the important topics,
formulae etc., to enable ease of revision for the student.
Mind Maps
Mind maps are flowcharts that summarise the information visually, making it more likely for a
student to retain the knowledge and build upon it. These are present at the end of the book toenable
last-minute revision by simply spending time on those pages.
Nimbus™ Preparation tools
Interactive notes with gamification
The articulated version of the notes is available on the platform, allowing students to get
fully immersed in their learning and complete more in less or equivalent time they spend
reading the book.
Case studies
Case studies are specifically tailored to address the audience commonly using these notes.
Having interesting case studies based on current affairs, covering key organisations etc.,
contribute to further professional development.
Technical articles
ACCA’s technical articles are placed strategically in the material, allowing students to understand
when to go through these all-important technical articles.
Exam experience
The system mimics the exam experience to ensure that the student has conceptually
and technically mastered the paper before appearing for the exam. This includes
various objective questions, live spreadsheets and word processors to practice typing,
presentation and most importantly, time management.
Question Bank & Test Series
The students have access to unit tests, half portion tests, progressive tests, mock tests
and unlimited practice tests with all performance data allowing them to know where they
stand, the improvements required before the exam day arrives.
Flashcards and Interactive mind maps for revision
Flashcards help students quiz themselves, which is more effective as a revision

technique than simply reading through pages. Interactive mind maps allow the student
the power to take a detailed glance through a whole chapter or large concept in minutes
while revising at the same time.
Check the last page of this book for more information on Nimbus™ LMS by Zell
ACCA support
Examining team guidance/Exam technique & reports
The examiners’ reports are an essential study resource. Read them to learn about mistakes
that students commonly make in exams and how to avoid them.
Practice tests
Practice Tests are an interactive study support resource that will replicate the format of all
the exams available as on-demand computer-based exams (CBEs). They will help you to
identify your strengths and weaknesses before you take an exam.
As well as giving you an insight into a live exam experience, Practice Tests will also provide
feedback on your performance. Once you complete the test, you will receive a
personalized feedback diagram showing how you have performed across the different
areas of the syllabus.
Specimen exams
The specimen exam indicates how the exam will be assessed, structured and the likely style
and range of questions that could be asked. Any student preparing to take this exam should
familiarize themselves with the exam style.
Technical articles
There is a range of technical articles available on ACCAs website under ‘Study support
resources’. These include a range of simplified articles on complex topics, study support
videos, articles on exam technique etc. making it an important tool to be practised when
nearing the exam.
FAQs
Various commonly asked questions about the style of the examination, the coverage,
computer- based exam setup etc., are covered here to allow a student to stay up to date
and ensure their understanding is aligned with that of the ACCA body.
Question practice – ACCA practice platform
Question practice is a vital part of exam preparation. Practising in the CBE environment
provides a fantastic opportunity to get fully prepared for the real exam.
The ACCA Practice Platform contains a range of content that allows you to attempt
questions to time and then mark and debrief your answers. It also contains a blank
workspace that allows you to answer constructed response questions from other sources
in the CBE environment.
Past Exam library
Past exams are made available to view and become familiar with the styles of questions
that you may face in your exam.
Make sure you log into the ACCA Practice Platform early in your studies - completing your
practice in the CBE environment is the only way to prepare for your exam fully.
CBE Support
Getting ready for your CBE includes getting familiar with the CBE functionality and how to
use it to your advantage in the exam. You should be thinking about your exam approach
well before exam day itself.
There are series of videos that will help you get ready for your exam. It includes what to
think about before your exam day, exam strategy, how to manage your CBE workspace
effectively and techniques you could use to plan and complete your answers.
Syllabus
Introduction to the syllabus
The Audit and Assurance syllabus is essentially divided into six areas. The syllabus starts
with the nature, purpose and scope of assurance engagements, including the statutory
audit, its regulatory environment, and introduces governance and professional ethics
relating to audit and assurance. It then leads into planning the audit and performing risk
assessment.
The syllabus then covers a range of areas relating to an audit of financial statements
including the scope of internal control and the role and function of internal audit. These
include, evaluating internal controls, audit evidence, and a review of the financial
statements.
In addition to final review procedures, the syllabus concentrates on reporting, including
the form and content of the independent auditor’s report.
Finally, the syllabus contains outcomes relating to the demonstration of appropriate digital
and employability skills in preparing for and taking the AA examination. This includes being
able to interact with different question item types, manage information presented in digital
format and being able to use the relevant functionality and technology to prepare and
present response options in a professional manner. These skills are specifically developed by
practicing and preparing for the AA exam, using the learning support content for computer-
based exams available via the practice platform and the ACCA website and will need to be
demonstrated during the live exam.
Main capabilities
On successful completion of this exam, candidates should be able to:
a. Explain the concept of audit and assurance and the functions of audit, corporate
governance, including ethics and professional conduct.
b. Demonstrate how the auditor obtains and accepts audit engagements, obtains an
understanding of the entity and its environment, assesses the risk of material
misstatement (whether arising from fraud or other irregularities) and plans an audit
of financial statements
c. Describe and evaluate internal controls, techniques and audit tests, including IT
systems to identify and communicate control risks and their potential
consequences, making appropriate recommendations. Describe the scope, role and
function of internal audit.
d. Identify and describe the work and evidence obtained by the auditor and others
required to meet the objectives of audit engagements and the application of the
International Standards on Auditing (ISAs)
e. Explain how consideration of subsequent events and the going concern principle can
inform the conclusions from audit work and are reflected in different types of
auditor’s report, written representations and the final review and report.
f. Demonstrate employability and technology skills
Exam Structure
The syllabus is assessed by a three-hour computer-based examination. All questions are

compulsory. The exam will contain both computational and discursive elements. Some
questions will adopt a scenario/case study approach. Prior to the start of the exam
candidates are given an extra 10 minutes to read the exam instructions.
Section A
Section A of the exam comprises three 10-mark case-based questions. Each case has five
objective test questions worth 2 marks each.
Section B
Section B of the exam comprises one 30-mark question and two 20-mark questions.
Section B of the exam will predominantly examine one or more aspects of audit and
assurance from planning and risk assessment, internal control or audit evidence, although
topics from other syllabus areas may also be included.
Total 100 marks

International accounting standards
It is appreciated when answering audit risk and response questions to mention the IAS
applicable.
IAS 1 Presentation of financial statements
IAS 2 Inventories
IAS 7 Statement of cash flows
IAS 8 Accounting policies, changes in accounting
estimates and errors
IAS 10 Events after the reporting period
IAS 12 Income taxes
IAS 16 Property, plant and equipment

IAS 19 Employee benefits
IAS 20 Accounting for government grants and

disclosure of government assistance
IAS 21 The effects of changes in foreign exchange
rates
IAS 23 Borrowing costs
IAS 24 Related party disclosures
IAS 33 Earnings per share
IAS 36 Impairment of non-current assets
IAS 37 Provisions, contingent liabilities and
contingent assets
IAS 38 Intangible assets
IAS 40 Investment property
IAS 41 Agriculture
IFRS 5 Non-current assets held for sale and
discontinued operations
IFRS 15 Revenue from contracts with customers
IFRS 16 Leases
Chapter 1: Introduction to Auditing
Table of Contents:
1. Users of financial information

2. What is assurance
3. Objectives of auditors
4. Types of audit
5. Advantages of audit
6. Inherent limitations of audit
7. Materiality
8. Expectation Gap
9. Performing and audit – the difference between audit and investigation.
Users of Financial Information
The very strand of thinking that only the owners and shareholders are concerned with financial
information that is communicated via the financial statements has now been changed in its entirety.
Financial information derived from financial statements is used and applied in decision making by
various classes of persons deeply intertwined and concerned with the performance of the company.
These persons expect more than just profits from the company. They hold stakes in a company
beyond just financial holdings and are imperative to the very existence and functioning of a company.
These persons are called stakeholders. Every class of stakeholders is an essential element for the
company in its existence and functioning and the interest of each such class has to be safeguarded
by the company.
The decisions taken by each class of stakeholder are driven by inferences made from reported
financial information and hence the information that is reported must be “true and fair” enabling
their decision making and interest protection. Classes of stakeholders and their respective decisions
and concerns have been summarized below:
Class of stakeholder Decision to be taken

Shareholders and Whether to:
Investors a. Hold their investment in the company
b. Invest further in the company
c. Liquidate/sell their investment
Lenders and providers • Ability of the company to repay current debt within contractually
of debt finance defined timeframes
• Soundness and safety in further lending to the company
Vendors and • Ability of the company to repay operating credit within the
Operational lenders contractually defined timeframes
• Soundness and safety in further operational dealings with the
company
Employees • Ability of the company to provide personal financial enrichment
in terms of increased salaries
• Potential of the company to provide better quality of work
thereby supplementing professional growth
Government Categorizing the company as a compliant taxpayer and as a regulation
abiding entity with respect to other laws and regulations
Customers Whether to continue association with company or opt for other service
provider/vendor.
Society at large Whether to place trust in the corporation as socially beneficial in terms of
overall transparency in operations, quality of work life provided to
employees, quality of products and services provided, etc.
What is assurance?
Being assured is a feeling of security and safety and providing that feeling of assurance is a
responsibility.
Assurance results in companies gaining the confidence and trust of stakeholders, who are connected
with these companies financially, operationally, legally or even as beneficiaries. Assurance is
provided by an independent expert’s opinion about specific information so that the stakeholders,
who rely on the financial information of the company are able to make confident decisions. These
decisions are made knowing that the risk of this financial information being incorrect or manipulated
is reduced. Hence, assurance is a confidence booster in reducing the financial and operational risk of
the users of financial information.
The international framework for assurance engagements, defines assurance as “An engagement in
which a practitioner obtains sufficient appropriate evidence in order to express a conclusion designed
to enhance the degree of confidence of the intended users ither than the responsible party about the
outcome of the evaluation or measurement of a subject matter against criteria”.
Auditors – The providers of assurance
Assurance is provided by performing “audit” and the auditor is hence the provider of that assurance
An audit is defined as the independent examination of and expression of opinion on financial
statements of an entity by a duly appointed auditor in pursuit of that appointment.
Objectives of an auditor
The objectives of an auditor have been clearly laid down in ISA 200- Overall Objective of the.
Independent Auditor, and the Conduct. of an Audit in Accordance with. International Standards on
Auditing. There are two fore-most objectives that an auditor has to achieve in the process of
conducting audit are obtaining evidence and presenting audit findings based on the evidence
gathered in the form of an auditor’s report
1. Obtaining reasonable assurance based on the evidence gathered and audit procedures
followed and applied:
The auditor has to be obtain reasonable assurance about whether the financial statements
as a whole are free from material misstatement, whether due to fraud or error.
This enables the auditor to express an opinion on whether the financial statements are
prepared in all material respects, in accordance with the applicable financial reporting
framework.
2. Reporting audit findings:
The auditor’s report on the financial statements is the primary deliverable in any audit
assignment/engagement. The audit findings have to be communicated via the auditor’s
report to the management and the shareholders of the company. The report shall be drawn
as per all applicable ISAs.
Types of audits
For the purposes of our academic understanding, audit as a function is divided into two categories
of action as under:
A. Audits required under law or regulation:
Corporate laws and allied regulations mandate a company to submit audited financial
information to regulators and stakeholders on a timely basis. The audits prescribed under
any law or regulation for the time being in force are called “Statutory Audits”. These audits
require an auditor to perform an independent examination of the financial statements of the
company and certify whether the information communicated in these financial statements
is true and fair in all material aspects.
An independent examination entails the examiner to be independent of the entity and not
be influenced by it either financially or operationally. Statutory audits essentially require the
auditor to be a person from outside the organization or external to it. Hence, these audits
are also called External audits.
The certification of financial statements requires the external auditor to attest i.e. sign and
certify whether the financial statements are true and fair- thereby enabling the stakeholders
to rely or not rely upon the financial information communicated therein.
• Audits required to be conducted under corporate laws

• Audits requires to be conducted under taxation and transfer pricing laws
• Audits required to be conducted under stock exchange regulations
B. Voluntarily performed audits:
Audited information and findings serve as a key input for managerial decision making. The
management of a company may choose to analyse selected areas of operations closely or
microscopically like revenue and sales, manufacturing, cost control, employee benefits, etc.
The purpose of this kind of audit is purely internal decision making such as process correction
and improvement, bonus and reward mechanisms for star performers, etc. These voluntary
audits do not require certification or attestation and are called “Internal audits” or non-attest
audits. The core focus areas of such audits is generally the givernance, risk and compliance
of a company.
Advantages of Audit
1. Audit safeguards the interests of stakeholders. Protection of minority interests is one of the
key benefits of audit as a function.
2. Audit promotes a culture of transparency and accountability in an organization and acts as
an automated moral check on employees and management.
3. Audited figures of income and expenses prove crucial in the settlement of tax liabilities
towards the exchequer. Also, tax deductions made for various payments need to be
deposited in a timely manner adherent to deadlines, this compliance too is naturally carried
out owing to audit.
4. Audit helps in checking internal revenue leakages and expenditure controls. Audit results in
a thorough examination of internal control by analysing the effectiveness of internal
control measures and processes.
5. Audit brings about an increased degree of transparency in financial reporting and an overall
increased quality in the accounting function of an enterprise.
6. Audited financial statements are naturally trusted and considered reliant hence supporting
in raising loans and increasing the overall confidence that society has in the business.
Inherent Limitations of audit
Most of the audit evidence from which the auditor draws conclusions and bases his professional
opinion on, is persuasive in nature rather than being conclusive. This simply means that the evidence
is never assertive, rather it requires the auditor to apply his professional judgement on matters and
issues that can be extremely subjective or grey. The unconclusive nature of auditor evidence is the
foremost inherent limitation for an audit.
Inherent limitations of an audit arise from:
1. The nature of financial reporting:

Preparation of financial statements is driven by the judgement of the management who are
the primary makers and shapers of financial reporting. Management judgement forms the
basis of how applicable financial reporting framework is adopted in the preparation of
financial statements. Facts, circumstances, events and transactions are reported and viewed
from the management lens. Gaps may arise between how the management interprets and
applies a particular accounting framework and how the framework has to be applied in its
true substance.
Many areas of accounting are subject to management estimates which are subjective in
nature, such as:
a. Useful lives of assets employed by the organization which impacts depreciation

calculations
b. Payment potential of account receivables which impact provisions recognized for
doubtful debts
c. Amount/Quantum of warranty obligations materializing which impacts revenue
recognition
2. Nature of audit procedures:

There are practical and legal limitations on the auditor’s ability to obtain audit evidence
owing to reasons such as:
a. Resistance from the management – wherein the management and others do not provide
complete information either intentionally or unintentionally.
b. Sophisticated attempts at concealment – Companies attempting to camouflage existing
malpractices or frauds may have a well devised web of concealing the relevant financial
information where in the auditor would be unable to unearth misdoings owing to
limitations of scope, time and other resources.
c. Scope Limitations – Audit is a process to oversee if the financial statements present a
true and fair view of the enterprise and not an official investigation into alleged
misdoings. The auditor does not have specific legal powers such as the power of search
which may be necessary for such an investigation. Primarily the audit and investigation
are two distinct exercises, often misconstrued to be similar to one another.
3. Balancing costs and benefits:

The auditor is expected to form an opinion on the financial statements within a reasonable
period of time with limited resources at his disposal and at a reasonable cost. This
automatically results in the auditor applying a degree of materiality and test checking. This
results in most efforts being concentrated on areas which the auditor in his professional
judgement believes to have a risk of material misstament. Other areas with lower risk of
material misstatements automatically receive lesser audit efforts. In case there are instances
of camouflaging malpractices and these instances fall into areas categorized as having lower
risk of material misstatement owing to sophisticated concealment, there are meagre to no
chances of their detection.
4. Inconclusive nature of audit evidence:

The quality and quantum of audit evidence can often be inconclusive i.e., the auditor will not
be able for an opinion based on it. This happens due to evidence not being available in the
quantum/quantity that the auditor needs to draw a conclusion. Also, in cases where the
management of the auditee imposes limitations the auditor will not be able to acquire
sufficient evidence. At its best evidence can be persuasive. Whether or not it is conclusive,
depends on the professional judgement of the auditor.
5. Risk based approach to audit:

Audit does not encompass a check of all the transactions and events that occur during the
course of the reporting period. Audit only covers an assessment and check of material events
and transactions with a special focus on material events that pose a risk of misstatement.
Hence, only the risky transactions and events that could lead to misleading financial
statements are subjected to a rigorous audit as per the professional judgement of the
auditor. A complete or 100% check per se is not feasible owing to the limitations of the timing
and extent for the audit assignment.
Materiality
All classes of stakeholders base their decisions pertaining to their involvement and association with
an enterprise based on the information that is communicated via its financial statements. These
decisions have been generically summarized as under:
Class of Decision to be taken What impacts this decision?

stakeholder
Shareholders and Whether to: Figures of:
Investors a. Hold their investment in the • Net Profit after tax
company • Market price per share
b. Invest further in the derived based on Earning per
company share data
c. Liquidate/sell their • Earnings before interest,
investment depreciation, tax and
amortization (EBITDA)
Lenders and • Ability of the company to Figures of:
providers of debt repay current debt within • Earnings before interest and
finance contractually defined tax (EBIT)
timeframes • Reported and/or subsisting
• Soundness and safety in loans and defaults
further lending to the Official statements pertaining to
company borrowings released in the annual
report by company leadership.
Vendors and • Ability of the company to Figures of:
Operational repay operating credit a. Cash and cash equivalents
lenders within the contractually b. Short term liquid
defined timeframes investments
• Soundness and safety in c. Credit purchases and sales
further operational d. Inventory levels
dealings with the company
Employees • Ability of the company to • Employees have access to
provide personal financial company financial
enrichment in terms of information.
increased salaries • Employees also feel the pulse
• Potential of the company of the happenings and
to provide better quality occurrences within the
of work thereby company and its immediate
supplementing environment.
professional growth • Figures of operating profit
before tax, deposits made
with Provident Fund
authorities, deductions of
professional tax are crucial
for employees.
Government Categorizing the company as a Figures of Net Profit before tax are
compliant taxpayer and as a crucial for taxation departments with
regulation abiding entity with a government.
respect to other laws and
regulations
Customers Whether to continue association For customers quality is vital and

with company or opt for other qualitative factors such as future
service provider/vendor. planning, novel modes of production
and operations are the prime focus
of information. However financial
data on planned capital expenditure
and internal controls within a
company are also vital decision-
making inputs.
Society at large Whether to place trust in the Reported CSR numbers and social
corporation as socially beneficial initiatives disclosed in financial
in terms of overall transparency in statements and sustainability reports
operations, quality of work life
provided to employees, quality of
products and services provided,
etc.
The accuracy of reported information is crucial for stakeholders basing their decisions. Here it must
be appreciated that although automated, all accounting systems are operated by people, thus leaving
this reported information vulnerable to human error. These errors can be caused by a host of reasons
like calculation mistakes, application of inaccurate rates, casting errors, etc. Erroneous financial
information may lead to some or many stakeholders basing decisions in a direction that could be
detrimental to their own personal interests as well the interests of the company. It needs to be
accepted that human error can never be completely eliminated no matter how perfectly executed
any system is or can be. Furthermore, the risk of fraud or misstatement occurring in any company
heightens the risk of inaccurate numbers being reported in the financial statements.
We have already determined in the section of inherent limitations of audit, that an absolute degree
of assurance is never a possibility. Hence, while the auditor strives to provide a degree of reasonable
assurance, it must be accepted that errors are likely to persist. But, just “how much” of these errors
can we “tolerate” in a way that improper or inaccurate decisions are not taken based on reported
numbers?
The answer to this lies in materiality.
Materiality is considered to be a level or rather a threshold below which even if there exists errors,
decisions and opinions on the financial statements are not impacted. For instance, if we say that the
level of materiality determined for the area of revenue from sale of goods is say $500, any revenues
reported below the figure of $500 can be passed off as immaterial by the auditor as they do not
impact decision making. However, there must be a degree of caution as immaterial items when
aggregated could very well end up being material.
• Misstatements, including omissions, are considered to be material if they, individually or in

the aggregate, could reasonably be expected to influence the economic decisions of users
taken on the basis of the financial statements;
• Judgments about materiality are made in the light of surrounding circumstances, and are
affected by the size or nature of a misstatement, or a combination of both;
• Judgments about matters that are material to users of the financial statements are based on
a consideration of the common financial information needs of users as a group. The
possible effect of misstatements on specific individual users, whose needs may vary widely,
is not considered.
Determination of Performance Materiality:

Performance materiality means the amount or amounts set by the auditor at less than materiality for
the financial statements as a whole to reduce to an appropriately low level the probability that the
aggregate of uncorrected and undetected misstatements exceeds materiality for the financial
statements as a whole. If applicable, performance materiality also refers to the amount or amounts
set by the auditor at less than the materiality level or levels for particular classes of transactions,
account balances or disclosures.
Establishing what is “Clearly Trivial”:
It is one of the foremost duties of the auditor to ensure that all financial information above the
materiality threshold is true, fair and free of any error and misstatements. The auditor may designate
an amount below which misstatements would be clearly trivial and would not need to be
accumulated because the auditor expects that the accumulation of such amounts clearly would not
have a material effect on the financial statements.
“Clearly trivial” is not another expression for “not material”. Matters that are “clearly trivial” will be
of a wholly different (smaller) order of magnitude than materiality determined in accordance with
ISA 320 Audit Materiality, and will be matters that are clearly inconsequential, whether taken
individually or in aggregate and whether judged by any criteria of size, nature or circumstances.
Hence, the information communicated in the financial statements of the company results in being
accurate enough to ensure informed and appropriately based decision making.
Stepwise approach to materiality:
1. Obtain preliminary financial data

2. Choose an appropriate benchmark
3. Determine the percentage to be applied to chosen benchmark
4. Determine the % to be applied on overall materiality to arrive at performance materiality
5. Set clearly trivial threshold
6. Identify areas which may require setting up of specific materiality
7. Determine the nature, timing and extent of audit procedures to be performed based on
performance materiality
8. Perform audit procedures and identify misstatements which exceed the clearly trivial
threshold
9. Accumulate misstatements which exceeds the clearly trivial threshold
10. Compare the amount of uncorrected misstatement with the performance materiality.
11. Evaluate impact on audit opinion on FS
The concept of tolerable misstatement has been defined in the section of audit evidence.
Exception Gap
Audit does not provide a 100% guarantee that the financial statements are accurate or correct.
Owing to the inherent limitations of audit, only a reasonable assurance can be provided that the
financial statements are true and fair i.e. they are not misleading.
The auditor’s opinion is not a certified guarantee that the financial statements are correct. Here the
users of financial information need to understand:
1. Audit as a process is risk based and materiality driven hence all transactions are not
covered but specific events and transactions that can result in misleading financial
information if not checked are subjected to audit.
2. The auditor may not be able to detect all fraudulent activities as frauds are committed and
concealed throughout the year where as audit is conducted for a limited period. The
auditor is not responsible for the effectiveness of internal controls, he is merely a critic of
the effectiveness of internal controls.
3. It is not the responsibility of the auditor to prepare the financial statements – the auditor’s
responsibility is to assess the financial statements for material misstatements and issue an
opinion on whether they truly and fairly present the position of the business.
Performance of the audit and distinction of audit from an investigation

The primary purpose of an audit is to certify whether the financial statements convey information
that can be considered as true and fair in the professional judgement of the auditor. Here it must be
highlighted that the auditor is not engaged to investigate into the affairs and functioning of the
company. The auditor does not perform the audit to detect frauds and investigate misdemeanours.
The auditor performs audit merely to assure stakeholders and potential users of financial information
that the company they are involved with has reported true and fair numbers and their respective
decisions can now be based on these numbers.
The persuasive nature of audit evidence coupled with the inherent limitations of audit result in an
audit being performed on a test check basis depending on materiality thresholds. This simply means
that the auditor does not analyse all transactions and events a cent per cent rather on a basis that
best covers and represents all transactions and occurrences. For this the auditor is required to obtain
audit evidence that best represents the entire class of transactions, account balances and
occurrences that are to be analysed. This is called the sample-based or test check approach to audit
which is followed across all industries today.
The purpose of the auditor is not to microscopically detect fraud but to provide an overall assurance
that financial statements are free from fraud, misstatements and errors.
Think of the auditor as a watch dog and not a blood hound. A watch dog merely escalates the
presence of an intruder while a blood hound sniffs an intruder out. The auditor is sceptical in his
approach and not pessimistically investigative to find flaws.
How an audit is to be planned and performed has been discussed in further chapters in great detail,
this cursory explanation is meant to merely provide a flavour of how and with what purpose an audit
is conducted.
Chapter 2: Rules and Regulation 25
Chapter 2: Rules and Regulation
Table of contents:
1. The three-fold initiative

2. Coverage of entities for the purposes of audit
3. Appointment of auditor
4. Resignation of the auditor
5. Rights and duties of the auditor
6. International regulation
7. Role of professional bodies
The three-fold initiative

The above-mentioned corporate mishaps have clearly indicated that – damage to an exponential
degree is unavoidable when the auditor decides to be hand-in-glove with unethical perpetrators. The
role of auditors has since been microscopically scrutinized. Protective legislation like Sarbanes Oxley,
the Indian Companies Act, 2013 and a similar host have been enacted by nations across the world to
ensure that such corporate mishaps be detected and corrected in a timely manner before innocent
stakeholders succumb as casualties.
Auditors and their respective national regulators like the ICAI, ACCA, ICAEW, etc., have individually
and collectively tried to regain the trust of society at large in the auditing profession and function as
overseers of truthful and fair financial reporting. This process has seen the introduction of a three-
fold initiative graphically illustrated as under:
To achieve these three- fold initiatives, adherence to regulatory compliances plays the role of natural
control mechanism. For the purposes of our examination, the following regulatory compliances are
referred to in this lesson:
Corporate Laws Auditing and Assurance Ethics

• The UK Companies Act, Standards on auditing and IESBA and ACCA Code of
2006 assurance complied based on Professional Ethics
• The Sarbanes Oxley the International Standards
Act, 2002 on Auditing
Coverage of Entities for the purposes of Audit
Entities that have a large participation of public stakeholders and public funds are naturally
necessitated to undergo audit to ensure a safeguard is put in place for their funds as well as other
interests. This makes it imperative for public and listed entities to undergo audit as they operate
using publica savings and investments.
Small Private companies, sole traders and owner managed companies do not have an exposure to
public funds and hence audit for such entities may be a burdening compliance as well as cost.
However, such entities can easily gain exposure to public funds in the form of bank loans and
borrowings. In such cases even smaller organizations that have relied on borrowed funds from public
financial institutions are meant to undergo audit to ensure a safeguard of public money that has been
lent to them.
Small private companies, sole traders and other owner managed forms of organization that only rely
on personal or group equity for operations and financing are generally exempt from audit. This comes
in light of risk being concentrated in the hands of owners who themselves are managers of these
businesses.
Appointment of Auditor – Membership with Recognized Supervisory Bodies

Individuals gaining membership:
Individuals need to seek membership with Recognized Supervisory Bodies (RSB) such as ICAI, ACCA,
ICAEW, etc to be eligible to be appointed as auditors. This is the first step for an individual to enter
the sphere of auditing and assurance.
In certain select cases, the Government of the respective country can appoint individuals as auditors
irrespective of their membership with RSBs.
For instance, in India, to be appointed as an auditor an individual must be a Chartered Accountant in

practice by virtue of being a member of ICAI. However, the Central government can appoint
individuals who hold Certificate under Restricted Auditors Certificate Rules, 1956.
Individuals on becoming members of their respective RSBs can practice as auditors in the capacity of:
• Sole practitioners
• Members in partnership in a partnership firm
• Members in partnership in a limited liability partnership
• Directors of an audit service company
Appointment as a company auditor:

Generally, across all nationalities, the auditor of a company is appointed by either or all of the
following:
• The Board of Directors of the company

• The members of the company based on suggestions from the Board of Directors
• The Audit Committee of a company can recommend an individual or firm or LLP or audit
service company to be appointed as an auditor to the Board of Directors
• Government agencies and authorities such as heads of state, heads of Government
departments and ministries appoint the auditors of Government concerns and companies.
The appointment of an individual or a firm as an auditor of a company is a watertight process that

takes into account factors such as:
• Professional capacity and experience of the individual or partners in case of a firm/LLP

• Independence of the individual or partners in case of a firm/LLP
Independence takes into account whether the individual auditor or firm under consideration
are free of any monetary or fiduciary relationship with the company, its directors, TCWG,
members of management and employees. Independence is the most crucial factor in
determining the appointment of an auditor. In case the conditions of being independent are
not met, the professional in question is automatically disqualified from being appointed as
an auditor of the company in question.
Restrictions on Appointment as auditor under corporate laws:
The Corporate laws of a country for the time being in force automatically exclude individuals or firms,
whose partners are not independent of a financial or fiduciary relationship with the company, from
being appointed as auditors.
Over and above the independence condition, there are specific services that cannot be provided by
auditors. Also, if these services are provided by other service providers, they are ineligible to be
appointed as auditors. This restriction is a blanketed restriction the world over and not just in the UK.
These services are listed down as under:
a. Accounting and book keeping services

b. Internal audit
c. Design and implementation of financial information systems
d. Actuarial services
e. Investment advisory services
f. Investment banking services
g. Rendering of outsourced financial services
h. Management services
Restrictions on Appointment as auditor under codes of professional ethics:
The Codes of Professional Ethics in every country too prescribe disqualifications for being
appointed as auditors. These disqualifications are driven by:
• Independence of the auditor

• Professional competence and experience
• Confidentiality conditions
Removal of auditor:
The removal of an incumbent auditor is a legal process that requires the auditee entity to show just
and reasonable cause. Generally, the world over the following reasons are the primary drivers of
an auditor’s removal from office:
• Inability to execute the audit under given circumstance

• Lack of professional or technical capability
• Independence of the auditor being compromised
• Doubts about the continuing ability to carry out duties effectively
Resolution of shareholders:
The removal of an auditor is a process that requires the assent and approval of shareholders taken in
a shareholders General / Extra-ordinary meeting. Depending on the corporate laws in the country,a
simple/ordinary majority (more than 50%) of shareholders voting in favour of removal of the auditor
is a must. Some countries like India need a special majority resolution (more than 75%) of the
shareholders for removal of the auditor from office.
Auditor’s right of being heard:
The auditor has a right of being represented and heard at the meeting where a resolution for
removal is being moved.
Regulatory Compliances:
The company has to ensure that the concerned regulatory authority is appraised of auditor’s
removal and all requisite compliances such as those listed below are filed in a timely manner as
prescribed in the regulations:
• Forms
• Notices
• Resolutions
• Board minutes
• Statement of circumstances
Resignation by the auditor

In events and circumstances where the auditor is unable to acquire SAAE despite continued requests
and follow-ups with the management, resignation is the path chosen. The resignation comes in light
of being incapacitated in expressing an accurate audit opinion due to the lack of SAAE.
On general terms, the auditor tenders in his resignation owing to disagreements with the
management or inability to work with them. This arises on account of reasons listed below:
a. Resignation owing to rotational provisions

b. Voluntary resignation on personal grounds.
c. The management imposing an unreasonable time frame within which to complete the audit
d. Reluctance on the part of the management to correct highlighted misstatements
e. Restrictions imposed by the management:

- To observe crucial processes like inventory counts and verifications
- To acquire external confirmation from the company’s customers, vendors, legal
counsel, etc.
- To observe the process, procedures and systems of internal control
f. Non-responsiveness of management and TCWG on crucial matters
g. High risk of material misstatement owing to fraud
h. Lack of ethical integrity of the management and TCWG
Specific circumstances can result in reasons beyond those listed above which may cause an auditor
to resign from his position. The auditor too has to comply with specifically applicable regulations in
the process of resignation. The reason of resignation has to be filed with the regulatory authorities
overseeing the audit.
Notifying ACCA:
Auditor’s resignation or removal from office before the conclusion of the term must be notified to
the ACCA.
Under UK laws, the auditor is required to deposit the following at the company’s registered office:
• A statement of the circumstances connected with the removal/resignation

• A statement that there are no such circumstances and the resignation is purely
voluntary in nature
In the spirit of professional co-operation, the auditor is required to promptly comply with requests
for clearance from new auditors.
Rights and Duties of the auditor
Rights of the auditor – on appointment and Duties of the auditor

resignation
• Access to the company’s books and • To perform an audit of the financial
records statements and express an opinion on
• To receive information and whether the financial statements
explanations necessary for the audit provide a true and fair view
• To attend the General meeting of the • Comply with additional reporting
members of the company and be responsibilities required by
heard at such meeting local/national laws w.r.t preparation
• To receive a copy of all written and presentation of financial
resolutions passed by the company statements.
On Resignation:
• To request for a general meeting of the
company to explain the circumstance
of resignation
• To require the company to circulate
the notice of circumstances relating to
resignation
International Regulation
The International Federation of Accountants (IFAC):
The International Federation of Accountants (IFAC) is the global organization for the accountancy
profession. IFAC promotes international regulation of the accountancy profession. IFAC helps to
being about greater public confidence in the accountancy profession by:
a. Ensuring minimum requirements for accountancy qualification

b. Providing continuous professional development post qualification to accountants
c. Provides guidance on accounting and assurance for accountants around the world
International Standards on Auditing (ISAs)
One of the subsidiary boards of the IFAC is the International Audit and Assurance Standards Board
(IAASB). It is the responsibility of the IAASB to develop and promote International Standards on
Auditing. (ISAs). Currently there are 37 ISAs and 2 International Standards on Quality management.
The main features of these 37 ISAs are:
• ISAs are professional guidance that the auditor must follow to ensure consistency and quality
in audit
• ISAs are not legal requirements. If local law and ISAs are in contradiction or conflict, the local
law shall prevail
• ISAs are written in the context of an audit of financial statements.
• ISAs can be applied to historical financial data
• ISAs must be applied in all but exceptional cases where the auditor deems it necessary to
depart from the ISAs to achieve the overall aim of audit.
Role of Professional Bodies

Professional bodies such as the ICAI, ICAEW, ACCA are regulators and overseers of the audit
profession in their respective geographical jurisdiction. The promote quality within the audit
profession through provision of:
• Rigorous qualifications to acquire the knowledge and skills needed to provide competent
service
• Support members to demonstrate high professional and ethical values
• Technical expertise to governments on accounting and business matters thereby shaping the
introduction of new laws and regulations.
To obtain membership to professional body, a person must:
• Successfully complete the exams provided by that body

• Be able to demonstrate appropriate practical experience
• Complete ethical assessment.
To maintain membership a member must demonstrate continuous professional
development. For instance, The ICAI requires that its members undergo mandatory
continuous professional education every year.
Chapter 3: Governance 31
Chapter 3: Governance
Table of Contents
1. Objective and importance of corporate governance

2. Corporate governance code
3. Relevance of corporate governance to the external auditor
Objective and importance of corporate governance

Corporate governance is the means by which a company is operated and controlled. It is defined by
the “tone at the top.” If the tone at the top is one of ethical and transparent behaviour, the degree
of effectiveness of governance in the organization shall be quite high. Corporate governance is the
omni present code of conduct that the company abides by. The aim of corporate governance is:
a. To ensure that companies are run well in the interests of their shareholders, employees and
other key stakeholders
b. To try to prevent company directors from abusing their power which may adversely affect
any stakeholder group.
Directors drawing mammoth salaries obviously leaves behind a smaller sum to allocate ot the
middle and low level employees.
Advantages of effective corporate governance are listed as under:
a. Greater transparency
b. Greater accountability
c. Efficiency of operations
d. Better ability to respond to risks
e. A higher degree amongst all classes of shareholders
Corporate Governance Code

Corporate governance as a concept has immense importance in corporates today however, definitive
law overseeing regulation is yet to be pronounced in an iron clad manner. International bodies have
pronounced guidance on corporate governance and various nations across the world draw reference
from this guidance for implementing corporate governance in their respective geographies.
One such international body is The Organization for Economic Co-operation and Development
(OECD). OECD has pronounced 6 principles of corporate governance. These principles have listed as
under:
The UK corporate governance code is derived from the above OECD principles. This code is split into
5 parts as under:
✓ Board leadership and company purpose

✓ Division of responsibilities
✓ Composition, succession and evaluation
✓ Audit, risk and internal control
✓ Remuneration
These 5 parts shall now be discussed in greater depth as under:
Board Leadership and Company purpose:
1. Purpose, value and strategy:

The company’s purpose, value and strategy should be established by the Board of Directors
who leaders of the company. They define the tone at the top and the purpose and design of
an entity.
2. Long term sustainable success:
The board of directors shall be considered to be effective only when they create long term
sustainable success for the shareholders of the organization. The board that helps maximize
the wealth of the shareholders guides the company towards long term sustainable success.
3. Internal controls and resource management:
One of the primary responsibilities of the Board is to establish a system of effective internal
control in the organization to insulate it from risk.
4. Building corporate culture:
The workforce policies and practices should be consistent with company’s values. Matters of
concern, escalations and whistle blowing should be sensitively handled.
In this light, the Board shall be led by a chairman whose role shall be:
a. Enable flow of information and discussion at board meeting.

b. Ensure satisfactory channels of communication with the auditors.
c. Ensure the effective operation of all the board’s committees.
d. Lead the Board of directors.
Non-executive (independent directors):
• Will act as trustees of the stakeholders

• Will oversee how the Chief Executive Director manages and oversees the company
• They are not full-time employees and are independent of any financial and/or fiduciary
relationship with the company.
• They will participate in Board meetings with the intent to guide and assist the CEO
• They will lead sub-committees like the Audit Committee and The Nomination and
Remuneration committee to ensure transparency and fairness in financial reporting, audit
and remuneration of leaders and employees.
To understand who is Independent, first, let’s understand who isn’t. The following cases will be
deemed not to be independent:
If a director:
• Is, or has been an employee of the company or group within the last five years
• Has or has had within the last three years a material business relationship with the company
either directly, or as a partner, shareholder, director or senior employee of a body that has
such a relationship with the company.
• Has received or receives remuneration from the company in addition to a director’s fee,
participates in the company’s share option or a performance related pay scheme, or is a
member of the company’s pension scheme.
• Has close family ties with any of the company’s advisers, directors or senior employees
• Holds cross-directorships or has significant links with other directors through involvement in
other companies or bodies
• Represents a significant shareholder
• Has served on the board for more than 9 years form the date of his/her first appointment.
All individuals other than those covered above are Independent and hence qualify to be
appointed as NEDs.
Division of responsibilities:
Chairman CEO + All Levels of NEDs

Management
• Leads the board and is • Frame policies, • Act as independent
responsible for its processes and oversee overseers of the
overall effectiveness finance, technology, management of the
• Ensure effective compliance, company
contribution of all operations and risk • Ensure fairness,
board members. management transparency and
• Ensure that all • Manage time, governance are
directors receive resources, costs maintained
accurate, timely and • Execute the vision of • Guide and direct CEO
clear information the promoters and
drive the organization
towards its goals
Composition, succession and evaluation:
• Composition, succession and evaluation are overseen under the aegis of the Nomination and
Remuneration Committee (NRC).
• The NRC is a sub-committee of the Board of Directors comprising of a majority of NEDs.
• The appointment to the Board of Directors is a formal and rigorous procedure that is
transparently executed by the NRC
• Appointment and succession to the Board should be driven purely by merit
• An annual evaluation of the members of the Board should be conducted by the NRC
• All directors should be subject to annual re-election.
• There must be an appraisal and evaluation of the Chairman every 3 years. This evaluation
should be conducted by an external evaluator and the finds should be published in the annual
report to the shareholders.
• NRC must ensure that the Board is evenly balanced in terms of gender.
• The Annual report should transparently describe the work done by the NRC which covers:
a. Process of making appointments to the Board
b. Conduct of Board evaluation
c. Inclusion, gender balance and diversity in appointment to Senior Management positions
Audit, Risk and Internal Control
Financial statements of any entity are accepted by shareholder only when they are audited. The
function of audit is critical to the success and sustenance of a company. Hence, it is imperative that
this function be overseen by independent directors to ensure that:
• It is not unduly influenced by executive/full time directors

• Financial reporting is carried out in a fair and transparent manner
The task of overseeing the audit function is handled by the Audit Committee – a sub-committee of
the Board of directors comprising of NEDs. (3 NEDs for medium to large companies; 2 NEDs for small
companies)
The audit committee shall comprise of at least one independent director with the ability to read and
understand financial statements.
The Audit Committee can appoint a chairman amongst its members.
The Chairman of the company is expressly prohibited from being a part of the audit committee
The audit committee shall carry out the following:
1. Recommend individual practitioners/ firms for being appointed as the auditor of the
company. Recommend on the matter of removal of the auditor as well.
2. Oversee the remuneration and terms of appointment of the auditors
3. Review and monitor the auditor’s independence, performance, effectiveness as well as the
effectiveness of the audit process
4. Examine the financial statements and the auditor’s opinion thereon
5. Determine whether the auditor can provide non-audit services
6. Monitor the integrity of the financial statements
7. Oversee the external audit process and its effectiveness.
8. Approve and oversee transparent reporting and disclosure of transactions with related
parties
9. Scrutinize inter corporate loans and investments
10. Oversee the valuation of the company’s undertakings wherever necessary
11. Evaluate the effectiveness of internal controls in the company, specifically internal controls
over financial reporting
12. Evaluate and review the company’s risk management systems
13. In case the company does not have an internal audit function, the audit committee will
consider if there is the need to have the same. In case there is, this shall be communicated
to the Board.
14. Monitor the end use of publicly raised funds
The annual report of the company shall summarize the work done by the audit committee including:
a. Significant issues considered relating to the financial statements

b. Assessment of auditor’s independence and the effectiveness of the external audit process
c. Explain how the auditor’s integrity, objectivity and independence are maintained.
d. Explain whether or not the company has an effectively functioning internal control system
Benefits of appointing an audit committee:
• Increased public confidence in the audit opinion

• Improved credibility of the financial statements
• Stronger control environment
• Easier to arrange funds as an audit committee provides the perception of good corporate
governance
• The audit committee will act as a bridge between the external auditor and the management
• The audit committee will oversee the internal audit function, this will result in an effective
control environment as the end result.
Risk management:
Every business no matter how secure and established is vulnerable to:
a. Technological risk -Its products becoming technologically obsolete

b. Human resource risk – Loss of key staff
c. IT Risk – The risk of failure of IT system
d. Physical risks to assets due to natural/ man-made disaster
The Board of directors have to ensure that they have mechanisms in place to Identify risk when it
arises but before it impacts the business. However, given the ever-changing nature of risk, a collision
with business may not be avoidable. In such cases the management must have an effective risk
management mechanism in place to:
• Transfer risk – Pass the burden of risk to a third party by the means of insurance
• Avoid risk – Cease risky activity
• Reduce risk – implement corrective mechanism which will reduce the impact of risk
• Accept risk as a cost of doing business.
Internal Controls
Risk identification, minimization and avoidance are by-products of an effectively functioning internal
control environment. It is the responsibility of the Board of Directors to implement an effectively
functioning internal control mechanism that evolves into an effective control environment for the
entity.
The auditor is not responsible for minimizing risk. The responsibility of the auditor is to assess if the
internal controls are effectively functioning and accordingly gauge the impact of risk on the audit as
a whole.
Here, the audit committee can support the Board by helping to institute an internal audit function
with the organization or help appoint a service provider as an internal auditor. An internal audit
function is tasked with overseeing the implementation and effective functioning of internal controls.
Remuneration
• Remuneration should be designed to promote long term sustainability and retain valuable
human resource.
• The Board of directors in conjunction with the NRC should institute fair and transparent
mechanisms for developing an effective remuneration policy.
• No director should be authorized to set his/her own remuneration and benefits
• An impartial view that takes into account individual performance, company performance and
external circumstances should be applied in authorizing remuneration.
Relevance of corporate governance to the external auditor

Corporate governance is an implemented best practice. The impact of corporate governance on
audit has been summarized as under:
Corporate Internal Controls Inherent Risk Control risk Audit Risk

Governance
mechanism
Effectively in Will function Under control Reduced Low / Under
place effectively control
Ineffective Ineffective High Exponential Very High
Chapter 4A: Ethics 38
Chapter 4A: Ethics
Table of contents:
1. The IESBA and ACCA codes and conceptual framework:

2. Threats to ethical behaviour
3. Conflict of interest
The IESBA and ACCA codes and conceptual framework

The International Federation of Accountants (IFAC), through the International Ethics Standard Board
for Accounts (IESBA) has issued a code of ethics for accountants globally.
The IESBA develops and issues in the public interest high-quality ethical standards and other
pronouncements for professional accountants for use around the world. The IESBA Code of Ethics for
Professional Accountants applies to all professional accountants, whether in public practice, in
business, education, or the public sector. The IESBA Code serves as the foundation for codes of ethics
developed and enforced by members of the International Federation of Accountants (IFAC). No
member body of IFAC or firm issuing reports in accordance with International Auditing and Assurance
Standards is allowed to apply less stringent standards other than those stated in the IESBA code.
A rigorous due process followed by the IESBA is critical to ensure that the views of those affected by
its standards and interpretations are thoroughly considered. The process outlined below is applicable
to the development of all IESBA pronouncements.
• Research and consultation—A project task force is ordinarily established with the
responsibility to develop a draft standard or interpretation. The task force develops its
positions based on appropriate research and consultation.
• Transparent debate—A proposed standard or interpretation is presented as an agenda
paper for discussion and debate at an IESBA meeting, which is open to the public.
• Exposure for public comment—Exposure drafts are placed on the IESBA website (www.
ethicsboard.org) and are widely distributed for public comment. The exposure period is
ordinarily no shorter than 90 days.
• Consideration of comments received on exposure—The comments and suggestions
received as a result of exposure are considered at an IESBA meeting, which is open to the
public, and the exposure draft is revised as appropriate. If the changes made after exposure
are viewed by the IESBA to be so substantive as to require re-exposure, the document is
reissued for further comment.
• Affirmative approval—Approval of exposure drafts, re-exposure drafts, standards and
interpretations is made by the affirmative vote of at least twelve of the members in person
or by simultaneous telecommunications link.
Public Interest Oversight:
The Public Interest Oversight Board (PIOB) oversees the public interest activities of IFAC. The
objective of the PIOB is to increase confidence of investors and others that such activities, including
the setting of standards by the IESBA, are properly responsive to the public interest. PIOB members
are nominated by international institutions and regulatory bodies
Both the IESBA and ACCA follow a conceptual framework which identifies:
• Fundamental principles of ethical behaviour

• Potential threats to compliance with the fundamental principles of ethical behaviour
• Possible safeguards which can be implemented to eliminate threats identified, or reduce
them to an acceptable level.
This conceptual framework relies on a rule-based approach. Here it is imperative for you to
understand the basic lines of demarcation between a principle-based approach to ethical behaviour
and a rule-based approach to ethical behaviour:
Principle based approach Rule based approach

• Requires compliance with the spirit of the • Seemingly easier to follow as rules are
guidance clearly defined
• Requires the accountant to use • Needs to be frequently updated to
professional judgement ensure that guidance applies to new
• Flexible in nature, so it can be applied to situations
new, unusual or rapidly changing • May encourage accountants to interpret
situations requirements narrowly in order to get
• Principles maybe applied across national round the spirit of the requirements
boundaries where local laws may not be • Virtually impossible to be able to deal
applicable with every situation that may arise,
• Can incorporate specific rule for ethical particularly across national boundaries
situations like to affect many firms where the local laws and regulations do
not apply.
The consequence of not adhering to the code of ethics, invites disciplinary hearing which could
result in:
• Fines
• Suspension of membership
• Disqualification of license to practice
• Disqualification of membership.
The reputational loss that follows is irreparable.
The IESBA requires accountants to 5 fundamental principles which have been discussed in the
following section.
Fundamental principles of professional behaviour:
The IESBA prescribes 5 fundamental principles of ethical behaviour to accounts globally, these are
given as under:
1. Objectivity:
The accountant must not allow the following to compromise professional or business
judgements:
• Bias
• Conflicts of interest
• Undue influence of management, those charged with governance or any other
party.
2. Professional behaviour:
A professional accountant must comply with:
• All applicable laws and regulations for the time being in force
• All the pronouncements of the applicable standards on auditing
• Applicable financial reporting framework in the course of assessing the financial
statements.
3. Professional competence and due care:

The following must be attained and maintained by the professional auditor:
• Professional knowledge and skill to provide services diligently to the reporting
entity
• Diligence in accordance with applicable technical and professional standards
• Update the reporting entity wherever necessary with all applicable amendments
that impact financial reporting.
4. Integrity:
The accountant must be straightforward and honest in all professional and business
relationships.
5. Confidentiality:
The accountant must not disclose any information acquired in the course of the audit of the
client without the consent of the client that has engaged him.
The only exception to this rule is where the law or regulation for the time being in force
require that the auditor make disclosures as per its directives.
Threats to ethical behaviour
“On the path of truth and righteousness, one may often come across temptations that test virtue.
Stay strong.”
Being ethical is a difficult task when personal gains seem easily attainable at the cost of small
compromises. Factors that can pose threats in the auditor transparently and ethically fulfilling his
duty are threats to objectivity. These threats have been discussed as under:
A. Self Interest Threats:
Wherever the auditor has a financial or other professionalinterest in the auditee entity – this interest
leads to inappropriately influencing the auditor’s judgement and behaviour.
Factors driving self-interest threats have been enumerated as under:
1. Fee dependency:
If the audit fees of the client in question comprise a large proportion of the auditor’s
revenue, it can lead to the auditor automatically ignoring adjustments and corrections
required in the financial statements.
The following factors play a key role in determining the existence of self-interest threats:
a. Operating structure of the firm
b. Significance of the client to the firm – as an existing source of business and as a
multiplier for future opportunity.
c. How well established is the firm, a newer firm could easily develop a self-interest threat
owing to a small portfolio of clients.
Measures to counter:
• Increase client base to reduce dependency on a single client

• Review the audit work done by an independent reviewer who did not take part in the audit
• In case of listed clients:
a. If total fees from a listed audit client exceed 15% of the firm’s total fees for two
consecutive years this matter should be disclosed to those charged with governance at
the client.
b. The audit of such clients should be subjected to a quality review by an independent
professional who is not a part of the audit firm or by the professional body that
regulates auditing in that country or region.
c. The above review can be carried out as:

➢ Pre-issuance review: Before the 2nd year’s audit opinion is issued.
➢ Post-issuance review on the 2nd year: Before the 3rd year audit opinion is issued.
2. Loans and guarantees:

Loans given to and received from the client can easily lead to a culture of compromise and
overlooking misstatements.
In case the auditor has stood as a guarantor for a loan raised by the client, there is a
pressing need to ensure that the client presents profitable financial statements.
In the opposite case where the client has guaranteed loans for the auditor, the client has a
domineering position over the auditor forcing the auditor to overlook certain questionable
transactions and events.
• Loans and guarantees should be permitted only if they are immaterial to the firm/individual
making the loan/guarantee and the client receiving the same.
• Loans and guarantee between a bank and its auditor or any of the auditor’s immediate
family members is not permitted.
• Immaterial loans from banks or financial institutions who are audit clients under normal
lending procedures will result in a thorough review of the audit work done.
• Only immaterial loans are permitted from clients who are not banks or financial
institutions.
3. Overdue Fees:
In substance overdue fees from the client to the auditor can be looked at as a loan given by
the auditor to the client. Here the auditor can trat the client leniently to ensure recovery of
the overdue sum.
• Obtain a partial or full recovery of fees

• Review the audit work from an independent professional who did not take part in the audit.
4. Gifts and hospitality:

Acceptance of gifts and hospitality from the client can leads to a rapport that can result in
the auditor overlooking certain misstatements which can prove to be materially impacting in
the overall scheme of the audit.
• Only trivial gifts should be accepted.

• Trivial gifts intended to influence the client should not be accepted
5. Ownership of shares and investment in the client:

The auditor being financially involved with the client can lead to the auditor striving to
achieve personal profits. This can result in the auditor being motivated to ensure that the
client reports higher profits resulting a higher return on investment for the auditor at the
cost of transparency and fairness in reporting.
• A direct financial interest or an indirect financial interest in the client should not be held by:
a. The auditor/ audit firm
b. Members of the audit firm
c. Relative of both a,b above.
• Immediate family members of the auditor a member of the audit team holding interest in
the auditee client must forego their interest. The auditor or member of audit team will not
be permitted to perform the audit so long as such a share has not been foregone. Further,
there will be an appropriate review of the audit work performed by an independent
professional.
• Any financial interest received indirectly must be foregone (Inheritance/ gift)
6. Potential employment with the audit client:

A newer auditor can see personal gain in being employed with a large established company
and may act leniently by overlooking misstatements in exchange for an employment
opportunity.
• Audit firms must establish practices whereby individuals would be required to inform the
firm of the possibility of employment with the client.
• The individuals seeking potential employment with the client should be replaced on the
audit assignment
• The audit work performed should be subjected to a review from an independent
professional.
7. Business Relationships with clients:

Audit firms entering into business relationships with clients such as a joint venture,
marketing /distribution arrangement etc. Would lead to a self-interest threat as the auditor
would have an interest in the successful operation of the client.
• No such business relationship should be entered into unless clearly trivial or immaterial.
8. Contingent Fees:
In case of contingent fees, the auditor would have incentive to ensure that a particular
outcome is achieved.
• Contingent fees should be disallowed for assurance engagements.
• Contingent fees for non-assurance engagements will be allowed only in case such fees are
immaterial to the firm.
9. Actual or threatened litigation:

This could represent a breakdown of trust between the auditor and the client. This leads to
a clear self-interest threat as the management will not permit disclosure of information to
the auditor.
• Discuss the matter for resolving the same

• If the matter pertains to a member from the engagement team, such member should be
removed
• The audit work performed should be subjected to a review from an independent
professional.
• The firm should consider withdrawal from such engagements if any of the above measures
is not working.
10. The avenue of providing non-attest services which can be more rewarding:
A self-interest threat can be created if the auditor identifies personal gain in providing non-
attest / non-audit services like portfolio management or financial consulting to the client.
Here the auditor would position these supplementary services to the client by cultivating
favour, obviously by overlooking questionable events and transactions.
B. An attest professional should not provide non-attest services to the client.
C. Familiarity Threats:
A long-standing relationship with the client may lead to a report resulting in the auditor becoming
too sympathetic or trusting of a client. This can result in the auditor losing the edge of professional
scepticism and unbiased judgement.
Long association with senior management personnel:
A long-standing association with the management and those charged with governance can result in
the auditor becoming too trusting of their motives which may ultimately offer such senior personnel
the leeway to exploit the organization and the stakeholders.
Family and personal relationships:

If familial and personal bonds are formed between the auditor and the leaders/representatives of
the auditee entity – this can result in such leaders and representatives exerting undue influence over
the auditor leading to compromises in the ultimate quality of audit service delivered.
The auditor acting as a recruitment support for the reporting entity:
The auditor supporting the reporting entity in recruiting accounting and senior financial staff can
result in familiarity threats.
Employment with audit client or directorship with audit client:

(This point is a self-review threat as well and can be included as it is in the self-review threat
section.)
A self- interest, familiarity and self-review threat will be created in case an individual serves an officer
or director of the audit client.
Measures to safeguard:
• A partner or employee of the audit firm shall not serve as an employee or director of the
client organization unless permitted by the local legislation.
Safeguards against familiarity threats for all clients:
• Rotation of engagement’s leading partners after a defined period of time

• Rotation of audit staff
• Appointment of an independent reviewer
• Performing independent quality control tests and checks.
Safeguards against familiarity threats for listed clients:
• The engagement partner, Engagement Quality Reviewer, or other key audit partner should
not act as a the auditor for a period of more than 7 cumulative years.
• The following cooling off periods will be applicable during which the individual cannot be an
engagement team member for the client in question, cannot consult with the engagement
team and the client, provide any services to the client:
• Engagement partner – 5 years
• Engagement Quality Reviewer- 3 years
• Other key audit partner- 2 years (Will be allowed to serve and extension for 1 year in
exceptional circumstances pertaining to quality of the audit assignment.)
D. Self-Review threats:
Great is the artiste who honestly critiques the work of another, even greater is the one who
honestly critiques his own.
Self-review threats occur when the auditor performs non-audit tasks such as accounting and
booking for the reporting entity which are ultimately audited by the auditor himself.
Performing such tasks results in the auditor invariably auditing his own work which would result in
errors, if any, not being identified. The following services result in self-review threats:
a. Accounting and book-keeping services:
Auditing the accounting services provided by himself/itself is a clear self-review threat for the
auditor/audit firm. These services include:
• Determining accounting policies

• Formulating journal entries
• Determining account classification of transactions
1. Only non-listed clients to be provided with accounting and booking services which are routine
and mechanical, this includes:
• Payroll calculations
• Recording recurring transactions
• Depreciation related calculations and workings
• Posting transactions to be client ledger
• Preparing Financial statements based on a client approved trial balance.
2. In case of listed clients, accounting and book keeping services of any nature, including trivial
cannot be performed. However, accounting services can be provided for divisions or related
parties of the listed entity in case:
• A separate team than the audit team provides the accounting and book keeping
services
• The division or related party are immaterial to the listed entity.
b. Internal audit services:

Maintaining a requisite degree of internal control is a core management responsibility. An
internal auditor can help execute and oversee this core management responsibility.
However, assessing the effectiveness of controls that the auditor has himself designed is a
clear self-review threat. The auditor should consider the following:
• The materiality of the related financial statement amounts
• The risk of misstatement of the assertion’s related to the financial statement
amounts
• The degree of reliance that the audit team will place on the internal audit service
• Members who are not audit team members can be used to perform internal audit for non-
listed entities
• An auditor cannot provide internal audit services to a listed client, where the services
would relate to internal controls over financial reporting, financial accounting systems or
be related to amounts or disclosures that are material to the financial statements.
c. Tax Services:
Providing tax planning and tax management services may create a self-review threat in case
the client also avails audit services from the audit firm/auditor. These tax services include:
• Tax return preparation
• Tax calculations for preparing accounting entries
• Tax planning and advisory services
• Tax services involving valuations
• Assistance in the resolution of tax disputes
The following should be considered:
✓ The characteristics of the engagement

✓ The level of tax expertise of the client’s employees
✓ The complexity of the tax regime
• Members who are not audit team members can be used to perform tax services for non-
listed entities
• An auditor cannot provide tax preparation services to a listed client, where the services
would relate to calculations of deferred tax, current tax and advance tax.
d. IT services
Adjudicating the effectiveness of the IT systems that the auditor has himself set up is a clear
self-review threat.
The firm should consider:
• The nature of the service
• The nature of the IT systems and the extent to which they impact or interact with
the client’s accounting records or financial statements
• The degree of reliance that the audit team will place on the IT systems.
The firm can provide IT services which involve:
• Design or implementation of IT systems unrelated to internal controls or

financial reporting
• Implementation of off-the shelf accounting software that was not developed
by the audit firm and does nor require significant customization
• Evaluating and making recommendations on a system designed or operated by
another service provider or by the entity.
• Members who are not audit team members can be used these services
• An auditor cannot provide IT services to a listed client, where the services would relate to
internal controls over financial reporting or generation of information that is significant
to the financial statements.
e. Valuation services
Providing valuation for assets of the entity the balances of which are later to be audited by
the auditor himself is a clear self-review threat.
The auditor should consider the following:
• The use and purpose of the valuation report, including whether the report will be
made public.
• The extent of the client’s involvement in determining matters of judgement.
• The degree of subjectivity
• Whether the valuation will have a material effect in the financial statements
• The degree of dependence on future events that might create significant volatility
in the amounts involved.
• Valuation services will not be provided to audit clients if the valuation involves a
significant degree iof subjectivity and the valuation will have a material effect on the
financial statements.
• An auditor cannot provide valuation services to a listed client, where the valuation
pertains to assets or liabilities that are material to the financial statements.
• In case such services are to be provided, professionals who are not members of the audit
team shall be deployed.
• An appropriate independent reviewer will review the audit work performed.
f. Corporate Finance services

These services are both a self-review as well as advocacy threat. These threats arise in case
the firm:
1. Assists an audit client in developing corporate strategies
2. Identifies possible targets for the client to acquire
3. Advices on disposal transactions
4. Assists in raising finance
5. Provides structuring advice.
Factors affecting the existence and significance of any threat include:
• Degree of subjectivity involved

• Whether the outcome will have a material impact on the financial statements
• Whether the effectiveness of the corporate finance advice depends on a particular
accounting treatment.
• The auditor is strictly prohibited from promoting, dealing and underwriting the audit
client’s shares.
• Corporate financial services where:
• The effectiveness of the advice depends on a particular accounting treatment od
presentation in the financial statements
• The audit team has reasonable doubt as to the appropriateness of the accounting
treatment
• The outcome will have a material effect on the financial statements.
Shall be prohibited
g. Legal Services
Providing legal services to a client result in both a self-review as well as advocacy threat.
Legal services should be provided by members of the BAR.
The auditor should consider:
• The materiality of the matter in relation to the financial statements.
• Complexity of the legal matter and level of interpretation and judgement involved.
• A partner or employee of the firm will not act as general counsel to for the audit client
• No advocacy roles to be performed when the amounts involved are material in nature.
h. Body Shopping/Outsourcing:
Outsourcing personnel from the audit firm to the reporting entity and then assessing their
work is a clear self-review, advocacy and familiarity threat.
However, staff can be body shopped in case:
• The outsourcing duration is less
• The staff does not assume management responsibilities
• The auditee is responsible for directing and supervising the staff.
• Perform an additional review of the work performed by the personnel who have been
loaned to the client.
• The outsourced personnel will not be given an audit responsibility.
i. Client staff joins audit firm:

Client staff joining the audit firm will result in self-interest, self-review and familiarity
threat. The significance of the threat will depend on:
• The position held by the individual with the client
• Length of time since the individual left the employment of the client.
• Role to be performed as an audit team member.
• Audit team shall not include individual who for the period covered under the audit report
worked as employees of the client entity.
E. Advocacy Threats:
If the auditor:
a. Promotes the position of the client; or

b. Represents the client in capacity beyond simply being the auditor
It can be seen that the auditor is “advocating” for the client.
The following activities if carried out by the auditor would amount to advocacy threats:
a. Negotiating interest rates on borrowings with bankers/lenders on behalf of the client
b. Outsourcing audit firm staff to the reporting entity for financial reporting closure
c. Providing non-attest services like portfolio management, accounting advisory, investment
banking, project report formulation
d. Vouching for the effectiveness of internal controls in a quality control check performed by
large customers prior to offering business contracts.
Advocacy threats are not limited to the above.

F. Intimidation threats:
The following cases are considered as instances of intimidation threats when the client:
a. Exerts pressure on the auditor not to modify the opinion pertaining to a materially
misstated set of financial statements;
b. Attempts to exercise undue influence;
c. Attempts to leverage gifts given for overlooking inconsistencies
d. Intimidates the auditor with verbal or physical threats
Confidentiality
• External auditors are in a unique position of having a legal right of access to all information
about their client.
• The client must be able to trust the auditor not to disclose anything about its business to
third parties as it could be detrimental to its operations.
• Confidential information may be obtained from:
• Firm or employing organization
• Current or previous clients
• Prospective clients and employers.
Conflict of interest
A conflict of interest arises when the same audit firm is appointed for two companies that interact
with each other, for example:
• Companies which compete in the same market

• Companies which trade with each other.
A conflict of interest may create a threat to the fundamental principles of objectivity and
confidentiality. It may be perceived that the auditor cannot provide objective services and advice to
a company where it also audits a competitor.
Professional accountants should always act in the best interests of the client. However, where
conflicts of interest exist, the firm's work should be arranged to avoid the interests of one being
adversely affected by those of another and to prevent a breach of confidentiality.
In order to ensure this, the firm must disclose the nature of the conflict to the relevant parties and
obtain consent to act. The following additional safeguards should be implemented:
• Separate engagement teams (with different engagement partners and team members) who
are provided with clear guidance on maintaining confidentiality.
• Review of the key judgments and conclusions by an independent person of appropriate
seniority.
Measures which should be taken to reduce the threat of disclosure include:
• Procedures to limit access to client files

• Physical separation of confidential information including separate practice areas
• Signed confidentiality agreements by the engagement team
• Specific training and communication.
If adequate safeguards cannot be implemented (i.e. where the acceptance/ continuance of an

engagement would, despite safeguards, materially prejudice the interests of any clients), or if
consent is refused, the firm must end or decline to perform professional services that would result
in the conflict of interest.
Chapter 4B: Client Acceptance by Auditor/Audit
52
Firm
Chapter 4B: Client Acceptance by Auditor/Audit Firm
Table of Contents:
1. Understanding the client and its environment

2. Seeking work by adhering to the code of ethics
3. Compliances and communications to be adhered to prior to accepting audit engagements
4. Understanding the environment of the client
5. Preconditions for an audit
6. Situations and factors that will result in the audit engagement being rejected by the
auditor:
7. Acceptance of change in the terms and conditions of an audit engagement
Understanding the client and its environment
The acceptance of an audit engagement has impacts that are far reaching not just for the auditor
but for the stakeholders too. Engagement acceptance confers upon the auditor, the responsibility
to conduct and conclude the audit in a manner that provides reasonable assurance to the users
of financial statements about whether the information contained therein is - true and fair. To
conclude on the quality of financial information, the auditor has to meticulously plan the audit
engagement such that all material areas and aspects have been examined and analysed.
A first hand understanding of the entity under audit can be sought by:
a. Inquiries of management and others within the entity.

b. Analytical procedures.
c. Observation and inspection.
It is undisputable, that the auditor must have a thorough understanding of the auditee entity
and the environment it functions in. This understanding entails having sufficient knowledge
about:
a. Relevant industry, regulatory and other external factors including applicable financial
reporting framework
b. Nature of the entity, including:
• Its operations
• Its ownership and governance structures
• The types of investments that the entity is making and plans to make
• The way the entity is structure and how it is financed
c. The entity’s selection and application of accounting policies, including the reasons for
change thereto.
d. The entity’s objectives and strategies, and those related business risks that may result in
the risk of material misstatement
e. The measurement and review of the entity’s financial performance.
53
Firm
Let’s deviate from the jargon here, for just one bit. Shouldn’t you as an auditor know what you’re
getting into and committing to attest and certify?
Yes, of course it is. The above understanding enables the auditor to gauge and map the level of
inherent risk in the audit engagement.
This risk is the sole determining factor of whether or not an engagement is to be accepted. There
arises no doubt that risky audit engagements too are accepted by auditors and executed well.
However, the social impact of accepting a risky assignment and being unable to provide the
necessary degree of honest assurance, can be catastrophic. Stakeholders can be impacted to
levels beyond comprehension in such cases.
The long ques outside the Punjab National Bank after loan defaults by Nirav Modi and Mehul
Choksi, exposed one painful truth – the cost of auditor negligence and high engagement risk
impacted tens of thousands of innocent depositors who lost their valuable life savings and are still
seeking redressal.
Seeking work by adhering to the code of ethics
In the chapter on Ethics, we have already discussed how members are bound by the ethical
code and must act within its sacrosanct boundaries. Professional engagements must be
carried out by adhering to the highest standards of professional integrity and ethics. Members
must seek professional work assignments, abiding by:
1. The ACCA code of ethics and conduct; and

2. IESBA code of ethics
Here it must be appreciated that members shall engage in advertising their attainments and
services in a manner that is approved by the above ethical codes. Members are required to adhere
to “pull marketing” rather than “push marketing.”
It is a fact that member firms compete with one another to secure professional assignments.
This competition should be healthy and not unfairly played out by using unethical tactics like
unduly influencing existing clients or using price negative tactics like charging fees below market
rates.
(The codes of ethics have been discussed in detail in the chapter “Ethics”)
54
Firm
Compliances and Communications to be adhered to prior to accepting auditengagements
A new auditor is appointed when:
a. A company is required to appoint an external auditor as per law/regulation.

b. The existing practitioner has been removed by the auditee; or
c. The existing practitioner resigns from his office as auditor
In b and c above, the incoming auditor is required to have a formal chain communication with the
outgoing auditor.
Communication with outgoing auditor
Prior to accepting the audit engagement, the incoming auditor is required to communicate with
the outgoing auditor. This enables the incoming auditor to know the reasons switching audit
practitioners, cited by the auditee company. Knowledge of these reasons shall enable the
incoming auditor to:
a. Safeguard his own interests.

b. Safeguard the interests of stakeholders relying on audited financial information of the
company
c. Ensure independence throughout the audit engagement.
In the spirit of transparency, the incoming auditor must communicate with the outgoing auditor
only after obtaining the permission of the auditee entity. In case the auditee entity is reluctant to
provide this permission or refuses to provide this permission, the auditor must refuse the audit
engagement. Such refusal or reluctance is displayed only when the auditee entity is attempting to
conceal some material facts that the outgoing auditor is/maybe aware of which the auditee would
prefer to conceal from the incoming auditor. Such concealment of facts will add into the inherent
limitations of audit and will greatly cripple the auditor’s efforts to acquire reliable audit evidence
on which to base his opinion.
Adherence of compliances by the auditee entity
Appointment, reappointment, and removal of auditor are significant events that require a
company to abode by applicable corporate law compliances that govern these events. Be it the:
• Appointment of the first auditor,

• Re-appointment via continuance of the existing auditor
• Resignation of existing auditor and appointment of new auditor
• Appointment of joint auditor
All of the above cases have defined processes and compliances (Board and shareholder
resolutions, regulatory approvals, the auditor’s opportunity of being heard, etc.) that the auditee
entity must abide by. Non-compliance is punishable by fine and raises questions about the quality
of governance that the company adheres to in its functioning.
55
Firm
For the appointment of the auditor to be considered legally valid, these compliances must be
adhered to. The spirt of following these compliances is to enable stakeholders to understand and
appreciate the process by which the auditor is appointed by the company. The adherence to such
compliances emphasizes transparent behaviour on the part of the company with regard to a
function as sensitive and crucial as audit.
Preconditions for an Audit
In the process of accepting or continuing an audit engagement, the basis of performance of the
engagement must be agreed upon between the auditor and the auditee. The basis of performance
is agreed through:
a. Establishing whether the preconditions for an audit are present; and

b. Confirming that there is a common understanding between the auditor and
management and those charged with governance, of the terms of audit
engagement.
Basis of performance in simple terms entails an implied basis of cooperation between the
auditor and auditee wherein its is assumed that the auditee shall:
a. Provide all required information that is necessary for the auditor to be applied as evidence
in the course of the engagement. (Vouchers, account balances, board resolutions and
minutes, draft financial statements, etc.)
b. Cooperate in acquiring information from third parties like vendors, lenders, creditors, etc
of the auditee to be used as external confirmations in the course of the engagement
c. Answer all pertinent questions and queries regarding treatment of transactions, events
and occurrences and whether these have been accounted for as per the applicable
financial reporting framework.
In conjunction with the above, it is implied that the auditor shall:
a. Conclude the audit engagement within the defined and agreed timelines;
b. Maintain highest levels of integrity, objectivity and independence; and
c. Adhere to ethical and professional behaviour throughout the course of the audit
engagement.
56
Firm
In the process of accepting or continuing an audit engagement it is important to determine if

pre-conditions for an audit are present. Pre-conditions for an audit are three-fold:
57
Firm
Preconditions for an audit include:
a. Determining whether the financial reporting framework to be applied in the preparation

of the audit of financial statements is acceptable.
For instance, Cohn Reznik an American audit firm is in talks to sign over as the auditor of
Infosys, a company listed on both Indian and American stock bourses. A lot of data that Infosys
has, uses Indian accounting and hence there are several areas of reporting that undergo a
GAAP conversion exercise from Indian GAAP to US GAAP. In case Cohn Reznik is not well-
versed with Indian GAAP, a pre-condition for undertaking the audit of Infosys is not met.
b. Obtain the agreement of management that it acknowledges and understands the

responsibilities for:
i. Preparation of financial statements as per the applicable financial reporting framework.
ii. Exercising necessary internal control to enable the preparation of financial statements that
are free from material misstatement, whether due to fraud or error.
c. Obtain the agreement of management that it acknowledges and understand the
responsibilities of providing the auditor with:
i. Access to all relevant information such as records, documentation and other matters;
ii. Additional information that the auditor may request from management for the purpose of
audit.
iii. Unrestricted access to persons within the entity from whom the auditor determines it
necessary to obtain necessary evidence.
Situations and factors that will result in the audit engagement being rejected by the auditor
If the management or those charged with governance of the entity impose limitations on the scope of
the auditor’s work in terms of a proposed audit engagement which leads the auditor to believe that
finding the relevant quantum and quality of evidence maybe hampered, the auditor will not accept
such an engagement.
If preconditions are not present, the auditor shall discuss the engagement and its nuances with the
management. The auditor shall not accept the proposed audit engagement if:
a. It has been determined that the financial reporting framework to be applied in the
preparation of the financial statements is unacceptable; and/or
58
Firm
b. The management does not agree with its responsibilities prescribed above.
Summarized process of engagement acceptance:

59
Firm
The audit engagement letter:
The process of audit engagement acceptance reaches its logical conclusion when the audit
engagement has been accepted by the auditor. The acceptance of the audit engagement is
communicated by the auditor to the management of the auditee entity via the engagement
letter.
The engagement letter is a structured communication touching upon the vital aspects of the
audit. It defines the expectations from the management, summarizes the auditor’s
responsibilities and pronounces the audit fees for the assignment.
The agreed upon terms of an audit engagement are recorded in the audit engagement letter. This
shall include:
a. The objective and scope of the audit of the financial statements.

b. The responsibilities of the auditor.
c. The responsibilities of management.
d. Identification of the applicable financial reporting framework for the
preparation of the financial statements; and
e. Reference to the expected form and content of any reports to be issued by the
auditor and a statement that there may be circumstances in which a report may
differ from its expected form and content.
Form and Content of an audit engagement letter:

The form and content of an audit engagement letter may vary for each entity. The
audit engagement letter contains all of the items listed above and it shall make
reference to the following:
a. Elaboration of the scope of the audit:

Reference to applicable legislation, regulations, Standards on Auditing, ethical and
other pronouncements of relevant professional bodies to whom the audit requires
adherence.
b. Form of any other communication of results in the audit engagement
c. Mention of unavoidable risk:
The inherent limitations of an audit coupled with the inherent limitations of
internal control result in the unavoidable risk of material misstatement going
undetected despite the audit being planned and performed meticulously.
d. Audit arrangements:
The planning and performance of the audit along with the composition of the audit
team that will execute the assignment.
e. Management agreement to provide and/or make available the following on a timely
basis:
a. Written representations
b. Draft financial statements and accompanying information
c. Any information that may affect the audit of financial statements
f. Audit fees and the basis of their computation and any billing arrangements
g. A request for the management to accept the engagement letter.
60
Firm
Acceptance of change in the terms of the audit engagement
Auditor shall not agree to any changes in the terms of the audit engagement laid down in the
engagement letter, unless there is a reasonable justification for doing so. Changes in the terms
of audit engagement are proposed prior to the completion of the audit.
If the change requested results in the auditor conveying a lower level of assurance, the auditor
shall apply his professional judgement in determining the risks that the users of financial
statements may be subjected to by providing them a level of lower assurance. The auditor shall
accept the change if there is reasonable justification in doing so without severely impacting the
interests of stakeholder relying on audited financial information.
If changes to the engagement are justified and the said justification is accepted by the
auditor, the new terms of engagement shall be laid down in a new engagement letter or
other suitable form of written agreement.
The following are considered to be acceptable and justified reasons of change:
1. Major changes in the size, nature or composition of the entity.

2. Changes in the legal or regulatory requirements that are applicable to the company
3. Any changes in the applicable financial reporting framework requiring the company
to modify the financial statements to suit the new regulation.
Rejection of changes in the terms of the audit engagement:
In case the auditor is unable to accept the changes proposed to the audit engagement for
ethical, operational or other reasons, the auditor shall convey his rejection to the proposed
changes. If the management does not accept the auditor’s rejection of the changes in terms
of the audit engagement, the auditor shall:
a. Withdraw from the audit engagement; and

b. Determine whether there is any obligation (contractual or otherwise) to report the
circumstances to other parties such as owners, regulators, etc.
Chapter 5: Risk 61
Chapter 5: Risk
Table of contents:
1. Understanding the entity and its environment
2. Misstatements, Risk of Material Misstatements (ROMM)
3. Inherent Risk, Control Risk, Detection Risk:
i. The relationship between ROMM and Inherent Risk, Control Risk
ii. Audit Risk as a product of Inherent Risk, Control Risk and Detection Risk
iii. Risk Matrices
4. Materiality and Audit Risk
i. Materiality by size
ii. Materiality by nature
iii. Performance Materiality
iv. The relationship between Materiality and Audit Risk
5. Analytical Procedures:
i. Application
ii. Utility
iii. Chronology
iv. A stepwise approach to applying analytical procedures.
v. The use of ratio analysis
vi. Technology and tools in analytical procedures
Chapter 5: Risk 62
Understanding the entity and its environment
To identify and assess the risk of material misstatement, whether due to fraud or error, the auditor
is required to gain an understanding of the entity and its environment, including the entity’s internal
control. This understanding will help the auditor to design and implement responses to the assessed
risk of misstatement.
In simple terms, before assessing and evaluating the financial statements of an entity it is
imperative that the auditor gain an understanding of the entity itself. This understanding entails
how the entity functions, the applicable accounting norms, regulatory norms, the trends and
patterns of the entity business in conjunction with the industry in which is functions, etc.
An understanding of an entity and its environment is derived by:
a. Understanding the entity and its environment; and

b. Understanding the internal control process and procedures that have been installed to
ensure the entity functions seamlessly on a day-to-day basis.
Understanding the entity and its environment entails of gaining an insight into:
a. Relevant industry, regulatory and other external factors including appliable financial
reporting framework
b. The nature of the entity including:
i. Its operations
ii. Its ownership and governance structures
iii. The types of investments that the entity is making and planning to make
iv. The way the entity is structured and how it is financed
c. The financial reporting framework that is applicable to the entity and the entity’s selection
and application of accounting policies, including the reasons for changes thereto.
d. The entity’s objectives and strategies. And those related business risks that may result in
risks of material misstatement
e. The measurement and review of the entity’s financial performance
f. The entity’s business model including the extent to which the business model integrates
the use of IT.
g. Industry factors that have a specific bearing on the entity
h. Regulatory factors and applicable regulatory compliances
Chapter 5: Risk 63
Once the auditor has a cursory understanding the entity’s environment, a scrutiny of the inner
workings of the company is a must. For this, the auditor must gain an understanding of how the
entity functions and operates. The processes and procedures that result in the entity
functioning and operating its day to day require the auditor to gauge and gain an understanding
of the entity’s internal control by:
• The auditor shall obtain an understanding of internal control relevant to the audit.
• Although most controls relevant to audit are likely to relate to financial reporting, not all
controls that relate to financial reporting are relevant to audit.
• While obtaining understanding of controls that are relevant to audit, the auditor should
evaluate the design of those controls and determine whether they have been
implemented.
Once the auditor has gained an understanding of the entity and its structure, the auditor can assess
what can actually go wrong or prove to be misleading in the entity’s financial reporting. This enables
the auditor to assess the risk that the entity’s financial statements can have an exposure to.
Misstatements, when they are/become material, Risk of material misstatement
A Misstatement is defined as, “A difference between the reported amount, classification,

presentation, or disclosure of a financial statement item and the amount, classification,
presentation, or disclosure that is required for the item to be in accordance with the applicable
financial reporting framework. Misstatements can arise from:
a. Error; or
b. Fraud.
While there is no hint of a doubt that the company accountant has made a misstatement, the
curious and sceptical mind of the auditor begins to analyse whether the misstatement was a mere
error or whether it is the tip of the iceberg lying low – fraud.
Misstatements occur due to risk. And the auditor is required to conduct a thorough assessment of
risk that the financial statements of the entity are subject to. In the process of conducting this risk
assessment, the audit will be able to:
Chapter 5: Risk 64
This process will result in the risk of reputational and punitive damage for the entity and the
auditor.
Misstatements can be categorized as under:

Chapter 5: Risk 65
As discussed earlier, a misstatement is considered material when it is so large that it impacts the
decisions that are to be taken by the users of financial information.
Material misstatement occurs due to:
a. Inherent risk
b. Control risk
• Risk of Material Misstatement (ROMM) is the possibility that material misstatements will
impact the financial statements.
• ROMM is a product of Inherent risk and Control Risk. It can be expressed as:
ROMM = Inherent Risk X Control Risk
Inherent Risk, Control Risk and Detection Risk

Chapter 5: Risk 66
Inherent Risk
The essential characteristic of deep-sea diving, bungee jumping, paragliding, highlining, base
jumping, etc. is that risk and thrill is essentially embedded in them and they are not for the faint
hearted. No matter what one does to secure himself while participating in these activities they
remain inherently risky. Something could always, go wrong.
The same goes with some transactions, account balances or disclosures – no matter how
elaborately presented in the financial statements – their inherently complex nature or the
inherently complex method of their structuring or execution makes them “inherently risky.” No
matter how carefully calculated or cautiously reported, there could always be a misstatement.
Inherent risk is the susceptibility of a management assertion pertaining to transactions, account

balances or disclosures to misstatement that could be material, before consideration of any
related controls.
Inherent risk can be operational and/or financial in nature. It is driven by inherent risk factors, which
can be qualitative or quantitative, and have been graphically illustrated as under:
➢ Inherent risk cannot be eliminated. It can however be reduced/controlled.

➢ The responsibility to control the inherent risk lies solely in the hands of the
management.
➢ The auditor is not expected to control or reduce inherent risk as it is related to the inner
workings of the company. The quantum of inherent risk will impact the audit plan and
procedures to be performed.
➢ ROMM will always exist for any given audit as Inherent risk can never be eliminated.
➢ Hence, control risk plays a crucial role in reducing or regulating ROMM
Chapter 5: Risk 67
Control Risk
In the simplest of terms, a control is a protective mechanism or standardized process/procedure

that safeguards an entity against risk.
Control risk can best be illustrated by an example of human behaviour. An individual suffering with
a condition of diabetes is required to control or avoid the consumption of certain food products,
most notably sweets and confectionery that can lead to a spike in his/her blood sugar levels. The
willpower to “control” the consumption of such foods is the primary determinant in how healthy
the individual himself/herself endeavours to be. The diabetic health risk can be prevented in case
the individual controls his/her urges to consume something sweet.
The same goes for financial statements and financial reporting. A risk that a misstatement could
occur and that it can be material can very well be prevented if the entity’s own internal control
mechanisms and process are operating effectively.
Control risk is defined as “The risk that a misstatement could occur and that could be material, will
not be prevented or detected and corrected on an timely basis by the entity’s controls.”
Types of Controls:
Controls can help prevent, detect, correct or compensate for misstatements. Generally internal
controls are of 4 types, namely:
1. Preventive controls
2. Detective controls
3. Corrective controls
4. Compensatory controls
Chapter 5: Risk 68
The nature of the above-mentioned controls and their purpose can be summarized as under:
Preventive Detective Corrective Compensatory

Controls Controls Controls Controls
Descriptio These controls These controls These controls are These controls are
n of are designed to are designed to designed to designed to reduce
control prevent detect and reduce the impact the probability of
incidents like report errors, or correct an error the occurrence of
error, omission, omission, when it has been incidents that can
misappropriation 68isappropriati detected. cause risk of material
and fraud that onn and fraud misstatements
result in the risk once they have
of material occurred.
misstatements.
What does Such controls Such controls Such controls Such controls have
the control have been have been have been been designed with a
do? designed with a designed with a designed with a clear mandate to:
clear clear clear mandate to: 1. Improve
understanding understanding 2. Minimize the upon
of: of: impact of the preventive
1. Risks and 1. Lawful threat that controls as it
vulnerabilitie activities has been is not entirely
s that maybe and what detected possible to
posed to an deviates 3. Identify the envisage all
organization from the cause of the probable
same threat/ risks.
2. Preventive problem
controls and
Chapter 5: Risk 69
what can 3. Providing 5. Protect

surpass such corrective organizationa
controls remedies to l assets like
2. What needs detected fixed assets,
to be done to issues inventory
minimize 4. Applicable and data.
such risks financial 4. Modifying
and reporting the exiting
vulnerabilitie and process to
s from compliance minimize
manifesting, framework the
to ensure occurrenc
detection e of such
oferror and incidents
deviation, in future.
wilfully or
otherwise
Example of The use of Check points in Contingency Physically locking
control restricted access the financial planning inventory and cash
using passwords reporting Backing up of data and ensuring CCTV
and process where Investigative surveillance of the
authentication the work done checks on same.
for authorized by one financial
personnel to individual is statements and
have access to checked by budgeted
sensitive another to variances
financial or ensure
operational data independent
verification of
input.
Chapter 5: Risk 70
Risk Co-relations
The degree of effectiveness of internal control is inversely related to the control risk. This has been
tabulated as under:
Effectiveness of Internal Controls Control Risk

High Low
Low High
The degree of control risk coupled with inherent risk has a directly proportional bearing on ROMM.
This has been tabulated as under:
Inherent Risk Control Risk ROMM
High Low Medium
Low Low Low
Low High High
High High High
From the above, we can gather that the effectiveness of internal controls is inversely proportional
to ROMM. Higher the ROMM, higher/more audit procedures will have to be performed to analyse
the impact of misstatement on the financial statements. A high degree of ROMM will have to be
evidenced by larger quantum of audit evidence. Always remember higher the quantum of audit
evidence required, higher will be the quantum of audit procedures to be performed and vice versa.
This has been tabulated as under:
Effectiveness of Control Risk of material Quantum of Quantum

Internal Controls Risk misstatement Audit Procedures samples to be
acquired
Low High High High High
High Low Low Low to Medium Low to Medium
Controls are Very High Very High Auditor to decide Highest possible
absent whether or not to under the
accept the inherent
engagement limitations of
timing and
extent.
• For entities with absolutely no sign of internal controls, the auditor will have to determine
whether or not to accept such a risky engagement.
• In cases where the auditor is expected to play an active role with the management to help
install and design controls and where the auditor’s professional judgement shall be
respected and opinions adhered, then certainly the auditor can play the role of an architect
of control design in such entities.
• However, this role should be permitted as per the code of professional ethics which the
auditor has to mandatorily abide by.
Chapter 5: Risk 71
Detection Risk:
The phrase “looking for a needle in a haystack” probably best describes detection risk. Imagine
having to look for a single book through in a vast library of similarly coloured and bound books –
this search may prove to be an optical maze for the looker.
Similarly, a collection of account balances and transactions is a maze for the auditor who faces the
risk of not being able to detect that one incorrect or erroneous entry that has put the entire set of
financial statements at a risk of being inaccurate or misleading.
With limited time and resources at hand, the auditor is required to perform procedures that enable
him to express his opinion on the financial statements.
In this entire exercise chances are high that the auditor is unable to detect a misstatement that
actually is material. The failure of detecting such a misstatement is called detection risk.
Detection risk is defined as “the risk that the procedures performed by the auditor to reduce audit
risk to an acceptably low level will not detect a misstatement that exists and that could be material.
Chapter 5: Risk 72
Detection risk stems from:

Sampling Risk Non-Sampling Risk
Sampling risk is the risk that the auditor’s Non sampling risk is the risk that the auditor’s
conclusion based on a sample is different conclusion is inappropriate for reasons other
from the conditions that would be reached if than sampling.
the whole population was tested. For instance-
This risk is reminiscent of the fact that the As per GAAP, depreciation ceases only when
sample chosen is not representative if the the asset is:
population from which it was chosen. a. Fully depreciated; or
b. Held for sale rather than application in
For instance: the regular course of business.
• The auditor chooses one particular Suppose an entity stops using an asset and
sample from a population that is contends that stoppage in usage is reason
erroneously misstated by a newly enough to cease depreciation. In case the
recruited accountant and concludes auditor agrees to this reasoning, there is risk
that the entire population is of misstatement due to erroneous application
misstated, while in reality it is just of accounting principles and failure on the
that one sample worked on by the part of the auditor to detect the same. This
new accountant that is misstated misstatement is not related to sampling as it is
while the rest of the population is derivative of an inaccurately interpreted
accurately reported and presented by accounting principle by both the reporting
the old existing accounting staff. entity and the auditor.
• The auditor chooses one particular

sample that is accurately reported and
presented by the old existing staff
accountant and concludes that the
entire population is fairly reported,
while the rest of the population is
inaccurately reported and presented
due to errors of omission made by a
newly recruited accountant.

Chapter 5: Risk 73
The following methods can be used to avoid detection risk:

Chapter 5: Risk 74
Detection risk combined with ROMM is the expression of audit risk. Detection risk is dependent on
efficiency in planning and merit in execution of audit procedures. Out of inherent risk, control and
detection risk, detection risk is the only risk that is under the control of the auditor.
Inherent Risk Control Risk Detection Risk

Dependent on the nature of Dependent on the Dependent on the efficiency
the industry and business of effectiveness of internal in planning and execution of
the client controls of the client the audit process
Cannot be influenced or Cannot be influenced or Influenced and controlled by
controlled by the auditor controlled by the auditor the auditor
In cases where the inherent risk and control risk result in a high ROMM, the auditor automatically
is required to acquire more audit evidence which naturally requires more
comprehensive/additional audit procedures.
However, where ROMM is low, the quantum of audit evidence required is lower which
automatically results in a lesser quantum or magnitude of audit procedures. Where the quantum
of audit procedures is lower/lesser automatically the risk of not being able to detect the existence
of misstatement i.e., Detection risk becomes higher. Detection risk is inversely proportional to
ROMM.
The relationship between inherent risk, control risk, detection risk and audit risk has been tabulated
as under:
Audit Risk = ROMM X Detection Risk
Where, ROMM = Inherent Risk X Control Risk
Inherent Risk Control Risk ROMM Detection Audit Risk

Risk
High High High Low High owing to ROMM not
due to Detection Risk
High Low Medium Medium Medium to High due to
both ROMM and Detection
Risk
Low High High Low Medium to high owing to
ROMM not due to
detection risk
Low Low Low High High owing to Detection
risk
Detection risk can be mitigated/avoided by varying the nature, timing and extent of audit
procedures.
Chapter 5: Risk 75
Materiality and Audit Risk
Imagine having to run a few errands for the household. Picking up groceries, vegetables, fruits,
dropping off the laundry and buying a new pair of shoelaces for your sneakers. You have a
meticulously complied list of every item to be picked up and you go along getting everything as per
that list. Finally, you arrive at the sports shop and find them to be short stocked on shoe laces. Well,
with everything else apart from the laces in tow the shopping trip has been a success because you
know somewhere that you can do without the shoelaces because all though you “want” the laces,
they aren’t as “essential” as the groceries and the veggies that you simply cannot do without. The
laces do not impact the success of your shopping trip simply because they are not as important, in
terms of audit they are not material.
Similarly in the course of the audit of financial statements there are certain class or classes of
transactions or account balances that maybe one-off or non-recurring or so miniscule in their very
nature that they do not impact the quality and transparency of the financial statements. These
transactions or account balances are not material in determining whether the financial statements
are true and fair because whether or not these items be reported, the accuracy of the financial
statements will not be impacted.
Take for instance:
• A one-off water tank cleaning charge paid to a service provider by an I.T company or
• A purchase of sundry items like chips and cola by the local newspaper company for
celebrating the local team’s success in the Metropolitan Football Shield.
These items are petty in their dollar value and they do not impact the truthfulness or fairness of
the financial statements of these entities.
Material information is “information if omitted, misstated or obscured could be expected to

influence the decisions that the primary users of general-purpose financial statements make on the
basis of these financial statements, which provide financial information about a specific reporting
entity.
Significance of Materiality:
If material information in the financial statements is misstated, the financial statements cannot be
deemed to show a true and fair view.
Materiality drives the design of audit procedures as these procedures are designed and executed
to detect misstatements that are immaterial.
Determining Materiality:
A dollar value that serves as a threshold of materiality is determined by the auditor’s professional
judgement. The auditor must consider the following while determining materiality:
1. Does the misstatement affect the economic decision of the users of financial statements?
2. The size and nature of the misstatement
3. The information needs of users as a group and the impact the misstatements have on these
groups.
Chapter 5: Risk 76
The determination of materiality is made by:
• Size
• Nature
• Performance
Materiality is subjective and has to considered in the light of the client’s circumstances.
Chapter 5: Risk 77
Materiality by size:
Based on the auditor’s professional judgement a financial threshold can be determined to guide the
audit plan and audit procedures. The rates of materiality thresholds are distinct for each audit
engagement undertaken This threshold can be based on benchmarks such as (These are generalized
rates, and not mandatorily replicated for all audits):
• ½% - 1% of Revenue
• 1% - 2% of Total Assets
• 5% - 10% of Gross Profit
These benchmarks vary from practitioner to practitioner.

For academic/exam purposes, while calculating the materiality threshold, use the lower end of the range
i.e., 3% to 5% of revenue, use 3% to calculate materiality.
Materiality by nature:
Materiality is driven not just by the amount involved but also by the impact that the item has on
the financial statements and their fair presentation.
For instance,
a. Non-compliances with income tax and corporate filings are considered to be material and
the financial statements of such a non-compliant enterprise are deemed to be misleading.
b. Non-compliance with debt covenants
c. Misstatements with items such as closing inventory that can turn a gross profit to gross loss
or vice versa.
d. Misstatements with items such as current assets that can turn a working capital surplus to
working capital deficit.
e. Transactions with related parties like group entities, directors, key managerial persons, etc.
f. Disclosures of contingent liabilities such as litigations that can have a bearing on future cash
flows and asset position.
Performance Materiality
You must be familiar with the phrase “Many drops make an ocean.” Why and in what context is
that phrase relevant in a discussion about materiality?
Imagine leaving home for a shopping trip, you budget for the things you need to buy. Maybe it’s
clothing or gadgetry or something else. You budget the price of the commodity you want to buy.
What you don’t factor into your budget is that you have to travel to the location of the bazaar or
store, you end up having a nice meal while on the go and top it off with an evening’s snacks after a
successful day at shopping. These smaller costs of travelling, the packaged water, the early
afternoon lunch, the late evening snack coupled with a host of other things you never budgeted
that you will need to buy – result in you spending far exceeding what you originally budgeted.
The smaller immaterial items that were overlooked, when accumulated becoming material is what
performance materiality is. The small drops of inconsequence suddenly become an ocean of
material risk.
Chapter 5: Risk 78
Performance materiality is “the amount or amounts set by the auditor at less than materiality for
the financial statements as a whole to reduce to an appropriately low level the probability that the
aggregate of uncorrected and undetected misstatements exceeds materiality for the financial
statements as a whole.”
Chapter 5: Risk 79
Performance Materiality and Tolerable Error:
Items below the level of performance materiality are those that do not impact the audit opinion
and are referred to as clearly trivial.
There arises no doubt that there is room for human error in the process of drawing up the financial
statements. This always leaves the financial statements vulnerable to misstatements owing to
error. However if the quantum of these errors can be reduced to a level which does not impact the
fairness of the financial statements, risk of material misstatement is avoided.
The errors that individually or in aggregated do not impact audit opinion and do not result in the
financial statements presenting a misleading picture are called tolerable errors.
Audit risk is minimized when errors are below the threshold of auditor’s tolerance.
Materiality and Audit Risk:
The lower the level of materiality, the lesser the margin for error there is in reporting and higher is
the degree of audit risk and vice versa. This relationship between materiality levels and audit risk is
tabulated as under:
Materiality Margin for Degree of Level of Quantum of Quantum of

Threshold Error Control Audit Risk audit Audit
Effectiveness procedures to evidence
needed be performed needed for
Audit
opinion
High High Medium Medium Medium Medium
Low Low Highly High Several/High High
effective
Analytical Procedures
Analytical procedures are an audit procedure to cope with and mitigate audit risk. Analytical
procedures encompass the evaluation of financial information through analysis of relationships
among both financial and non-financial data.
Analytical procedures also encompass such investigation as is necessary of identified fluctuations

or relationships that are inconsistent with other relevant information or that differ from expected
values by a significant amount.
Chapter 5: Risk 80
Application of analytical procedures:
1. The auditor uses analytical procedures to obtain relevant and reliable audit evidence; and
2. The auditor designs and performs analytical procedures near the end of the audit. This
assists in forming an overall conclusion as to whether the financial statements are
consistent with the auditor’s understanding of the entity.
Utility of analytical procedures in the audit process:
Analytical procedures help with:
a. Identifying inconsistencies, unusual transactions or events and amounts, ratios and trends
that might have audit implications.
b. Identifying risks of material misstatements due to fraud
c. Identifying and assessing aspects of the entity of which the auditor was unaware.
The nature of analytical procedures is described as under:
Analytical procedures consider comparisons Analytical procedures include consideration

of the entity’s financial information with: of relationships among:
• Comparable information for prior • Elements of financial information such
periods as gross margin percentages
• Anticipated results of the entity, such • Financial information and relevant
as budgets or forecasts or non-financial information such as
expectations of the auditor payroll costs to the number of
• Similar industry information employees.
Chronology in the usage of analytical procedures:
Analytical procedures are used in various stages of the audit process, this has been summarized as
under:
1. Analytical procedures applied in risk assessment and planning are referred to as Preliminary
2. Analytical procedures using in the process of acquiring sufficient and appropriate audit
evidence are called Substantive Analytical Procedures
3. Audit procedures to ensure a consistency in audit closure for forming the audit opinion are
called Final Analytical Procedures
In the process of applying analytical procedures, the auditor will have to consider relationships
between items such as:
• Figures that have a chain of relationship with each other such as:
- Revenue, receivables, cash collections
- Purchases, COGS, Payables and cash payments
- Number of employees and the payroll cost, % of payroll cost attributable to
director’s and key managerial personnel remuneration
Chapter 5: Risk 81
A Stepwise approach to applying analytical procedures:
Step Description
Step 1: Determining the auditability of The use of analytical procedures requires the
particular substantive analytical procedures consideration of:
• Availability of data
• Disaggregation
• Account type being analyzed
• Predictability
• Nature of assertion being examined
Step 2: Evaluation of the reliability of data The following factors affect the reliability of
data:
• Source of information available
• Comparability of the information
available
• Nature and relevance of the
information available
• Controls over the preparation of the
information
Step 3: Develop an expectation of recorded The following factors need to be considered
amounts or ratios and evaluate whether the here:
expectation is sufficiently precise to identify Accuracy with which the expected results of
material misstatement substantive analytical procedures can be
predicted degree to which information can be
disaggregated. The availability of information
both financial and non-financial
Step 4: Determine the amount of any
difference of recorded amounts from
expected values that is acceptable without
further investigation.
Ratio analysis as a tool in the application of Analytical Procedures:
Ratio analysis is widely used in the application of analytical procedures and establishing logical
linkage between data. Key ratios applied in analytical procedures are listed by function as under:
a. For profitability analysis: Gross Margin Ratio, Operating Margin Ratio

b. For Efficiency and Control analysis: Receivables Collection period, Inventory holding period,
Payables Payment Period
c. For Going Concern Analysis a mixture of liquidity, solvency and operating ratios are applied
such as Current Ratio, Acid Test Ratio, Capital Gearing Ratio, Interest Coverage ratio, Debt
Service Coverage Ratio, Asset Turnover Ratio, Capital Turnover ratio, etc.
Other techniques in applying analytical procedures:
a. Trend analysis
b. Reasonableness tests
c. Structural modelling
Chapter 6: Audit Planning 82
Chapter 6: Audit Planning
Table of contents:
1. The audit planning process:

• What is an audit plan
• Preliminary engagement activities, audit strategy, audit planning
• The relationship between audit strategy and audit planning
2. Documentation:
• Audit planning documentation
• Audit procedural documentation:
➢ Meaning and Purpose
➢ Form and content
➢ Custody and retention
3. Countering the risk of error and fraud in the planning process
4. Responsibilities in the process of audit planning:
• Responsibilities of management
• Responsibilities of auditor
5. Quality control for an audit of financial statements.
Audit Planning Process

Preliminary Engagement Activities:
The first phase of planning an audit begins with preliminary engagement activities being completed.
Preliminary engagement activities have been discussed in the chapter audit acceptance and
preliminary engagement activities. The activities that need to be completed in this phase are
summarized as under:
• Performing procedures regarding the acceptance and continuance of the client relationship
and audit engagement
• Evaluating compliance with ethical requirements
• Ensuring that there is no misunderstanding with the client as to the terms of the
engagement.
• Communication with the predecessor auditor, where there has been a change of auditors
in compliance with relevant ethical requirements.
Insert icon and border:
In today’s auditing scenario, rotation of auditors is mandated by statute. Hence, this requirement
of communication with the predecessor auditor is a key feature in the audit of listed public entities.
Audit Strategy
The audit strategy sets the scope, timing and direction of the audit and guides the development of
the audit plan. Establishing an audit strategy is key and in this process the auditor shall:
• Identify the characteristics of the engagement that define its scope.

These characteristics cover:
➢ Financial reporting framework
➢ Industry reporting
➢ Knowledge of the business
➢ Internal audit function
➢ Service organizations
➢ Automated tools and techniques
➢ Timing of audit work
➢ Availability of client staff
• Ascertain the reporting objectives of the engagement to plan the timing of the audit and
the nature of communications required.
These objectives cover:
➢ Timetable for reporting
➢ Communication with the client
➢ Communication among the audit team
➢ Communication with third parties
• Consider the relevance of:

- Facts that are significant in directing the engagement team’s efforts
- The results of preliminary engagement activities
- Knowledge gained on other engagements performed by the engagement partner for
the entity.
These factors cover:
➢ Materiality
➢ Assessed risk of material misstatement
➢ Need for professional scepticism
➢ Internal controls of the client
➢ Significant developments affecting the entity
➢ Changes in laws and regulations.
➢ Changes to accounting standards.
• Ascertain the nature, timing and extent of the procedures necessary to perform the audit.
These include:
➢ Selection of the audit team
➢ Budget
Audit Plan:
The audit plan is the way of executing the matters covered in the audit strategy. The audit strategy
is overarching, and should not be changed unless absolutely critically necessary. However, the audit
plan concerns itself more with the ground level realities of the audit such as timelines, resource
limitations, data constraints and quality – it is this plan that has to be dynamic to deal with
limitations and challenges that arise in the course of the audit.
The audit plan shall address:
• The nature, timing and extent of planned risk assessment procedure

• The nature, timing and extent of the planned direction and supervision of engagement
team members and the review of their work
• The nature, timing and extent of planned further audit procedures at the very assertion
level such as: (these are the WH questions of the audit)
➢ What audit procedures need to be carried out?
➢ Who should carry out these procedures?
➢ How much work needs to be done? – sampling, control testing, etc,
➢ When should the work be done?
• Other planned audit procedures that are required to be carried out so that the engagement
complies with standards on auditing. For instance, inventory counts, fixed asset
verifications, segmental reporting checks, etc.
The relationship between the audit strategy and audit plan:
Consider the below analogy to understand the relationship between the audit strategy and audit
plan.
➢ The audit strategy determines the scope and direction of audit and determines its
development. The audit strategy with every aspect of its execution, defined with
granularity is the audit plan. The plan simply shows and directs how the strategy is to be
implemented.
➢ The audit plan is more detailed than the overall audit strategy which includes the nature,
timing and extent of audit procedures to be performed by the engagement team members.
Planning for these audit procedures takes place over the course of the audit as the audit
plan for the engagement develops.
For instance,
- Risk Assessment Procedures are planned early on in the audit process. However, the
nature, timing and extent of further audit procedures depends on the outcome of Risk
Assessment Procedures.
- The auditor may begin the execution of further audit procedures for some classes of
transactions, account balances and disclosures before planning all remaining audit
procedures.
➢ The plan can and does undergo tweaks at a micro level in the course of its execution. The
plan has to be dynamic and adaptable in its essence to counter challenges and limitations
that will arise in the course of the audit.
➢ While experience and professional judgement of the auditor ensure that paradigm
shifting changes are not taking the plan by storm, the plan has to have adaptability
infused in it.
➢ At times, the strategy has to be revised to counter the lack of evidence and increased risk
exposure which automatically impacts the audit plan. But in terms of change, the plan can
be revised multiple times in its execution but the strategy cannot be revised as frequently.
➢ The strategy may undergo revision once to counter newfound surprises in the course of
the audit. Any strategy that undergoes continued change maybe considered to be
ineffective and incapable of executing the audit end to end.
Planning Documentation and Audit Procedural Documentation

Planning Documentation:
The auditor is required to document:
a. The overall audit strategy

b. The audit plan
c. Any significant changes made during the audit engagement to the overall audit strategy
or the audit plan and the reasons for such change.
➢ Documentation of the overall audit strategy is a record of the key decisions considered
necessary to properly implement and plan the audit and to communicate significantmatters
to the audit engagement team
➢ Documentation of the audit plan is a record of the planned nature, timing and extent of risk
assessment procedures and further audit procedures at the assertion level in response to
the assessed risks. It also serves as a record of the proper planning of the audit procedures
that can be reviewed and approved prior to their performance.
➢ Record of the significant changes to the overall audit strategy and the audit plan and
resulting changes to the planned nature, timing and extent of audit procedures, explains
why the significant changes were made and the overall strategy and audit plan finally
adopted for the audit.
Audit Documentation
Documentation is the record of:
• Audit procedures that have been performed.

• Relevant audit evidence obtained.
• Conclusions that the auditor has reached.
This documentation is referred to as the auditor’s working papers in common parlance.
Purpose of audit documentation:
Audit documentation serves a number of purposes, including the following:
1. Assisting the engagement team to plan and perform the audit.

2. Assisting members of the engagement team responsible for supervision to direct and
supervise the audit and to discharge their review responsibilities.
3. Enabling the engagement team to be accountable for its work.
4. Retaining a record of matters of continuing significance to future audits
5. Enabling the conduct if quality control reviews and inspections
6. Enabling the conduct of external inspections in accordance with applicable legal,
regulatory and other requirements.
Form, content and extent of audit documentation:
Like audit evidence, documentation too requires a degree of sufficiency to purport that the auditor
has carried out his duties up to the extent and degree required by the audit engagement at hand.
Documentation helps enhance the quality of the audit and facilitates the effective review and
evaluation of the audit evidence obtained and conclusions reached.
Audit documentation is the documented basis on which the current period’s audit opinion is
expressed. The documentation of the current period under audit is a tangible handover for the
subsequent period under audit for the engagement team.
The auditor is required to prepare documentation that provides:
a. A sufficient and appropriate record of the basis for the auditor’s report; and
b. Evidence that the audit was planned and performed in accordance with the applicable
international standards on auditing and all other applicable regulatory requirements.
Documentation is retained in the audit file for the period required by national regulatory
requirements.
Countering the risk of fraud and error in the planning process

Meaning and nature of Fraud and Error:
Fraud maybe defined as an intentional act involving the use of deception to obtain an unjust or
illegal advantage by one or more individuals among management, those charged with governance,
employees or third parties.
Frauds result in the financial statements being represented; however, this misrepresentation is
intentional and is also referred to as a misappropriation.
Error on the other hand is unintentional. It arises on account of inaccurate accounting treatment,
mistakes in calculation and casting of entries, negligence and a general lack of awareness. Errors
can be avoided by rendering the right kind of training and support to ensure that mistakes are
avoided.
The auditor’s scope of fraud detection is limited only to frauds that cause material misstatements
in the financial statements. This makes two types of financial statements relevant to the auditor:
• Misstatements resulting from fraudulent financial reporting.

• Misstatements resulting from misappropriate of assets.
Possible sources of misstatements occurring due to fraud:
Financial statements can be misstated owing to fraud on the following accounts:
a. Fraudulent financial reporting.

b. Misappropriation of assets.
Fraudulent financial reporting:
Fraudulent financial reporting occurs on account of:
• Manipulation, falsification or alteration of accounting records or supporting

documentation
• Misrepresentation or intentional omission.
• Intentional misapplication of accounting principles.
Different ways and means of committing fraudulent financial reporting:
Write about the twisted human mind here
The most commonly used means of committing fraud have been listed below:
a. Recording fictitious journal entries, particularly close to the end of the accounting period,
to manipulate operating results or achieve other objectives.
e.g.:
Journalizing sales that have never occurred close the end of the accounting period to
overstate the current period’s income and reversing the sales in the next period as returns
to cloak the previous period’s entry. This results in profits being overstated
b. Inappropriately adjusting assumptions and changing judgements used to estimate

account balances.
e.g.:
Amount of provision to be created on debtors for credit sales is generally dictated on
previous practices and management judgement regarding the repayment ability of those
debtors.
c. Omitting, advancing or delaying recognition in the financial statements of events and
transactions that have occurred during the reporting period.
e.g.: Omitting to record purchases of materials that have been applied in production during
the current period to dress down the expenses and create an untrue impression of
profitability in the minds of the stakeholders.
d. Concealing, or not disclosing facts that could affect the amounts recorded in the financial
statements.
e.g.: Obsolete inventory and obsolete items of Property, plant and equipment are not
written down to their realizable values to avoid reporting losses in financial statements- the
financial statements as a consequence are over-stated.
e. Engaging in complex transactions that are structured to misrepresent the financial

position or financial performance of the entity.
e.g.:
Camouflage losses incurred on sale of investment by the use of complex embedded
derivative contracts.
f. Altering records and terms related to significant and unusual transactions.

e.g.:
Reporting the sale of non-current assets as revenue to hide inefficiencies in operations.
Fraud Risk factors
• A fraud can be committed only when there exists an opportunity. The availability of
opportunities and reasons to commit fraud are called fraud risk factors.
• Wherever, these fraud risk factors exist – the entity is vulnerable to succumbing to a
fraud.
• These fraud risk factors are generalized and listed as under:
Incentive or pressure to Perceived opportunity to Ability to rationalize the act

commit fraud commit fraud of committing a fraud
• It may exist when an • It may exist when an • Some individuals possess
individual believes individual believes an attitude, character or
internal control can be internal control can be set of ethical values that
over-ridden, for example, over-ridden, for example, allow them knowingly
because the individual is because the individual is and intentionally to
in a position of trust or in a position of trust or commit a dishonest act.
has knowledge of specific has knowledge of specific • Honest individuals too
weaknesses in internal weaknesses in internal can commit fraud in an
control control. environment that
• Personal financial • Opportunities to imposes sufficient
obligations may create misappropriate assets pressure on them.
pressure on management increase in case if high
or employees with access value inventory items,
to cash or other assets inadequate internal
susceptible to theft to controls, inadequate
misappropriate those segregation of duties, etc.
assets
Responsibility of prevention and detection of fraud:
The primary responsibility for the prevention and detection of fraud rests with both those
charged with governance and the management.
To ensure prevention of fraud, management must have a commitment to create a culture of

honesty and ethical behaviour. An ethical environment is strengthened with an effective system
of internal controls which reduces the opportunities for fraud to take place and increases the
likelihood of fraud detection.
Objectives of the auditor:

1. To identify and assess the risk of material misstatements in the financial statements due
to fraud
2. To obtain sufficient and appropriate audit evidence about the assessed risk of material
misstatement due to fraud
3. To respond appropriately to identified and suspected fraud.
Auditor’s duties for prevention and detection of fraud:
• An auditor is responsible for obtaining reasonable assurance that the financial statements
taken as a whole are free from material misstatement, whether caused by fraud or error.
• When obtaining reasonable assurance, the auditor is responsible for maintaining an
attitude of professional scepticism throughout the audit.
• The auditor should recognize the possibility that a material misstatement due to fraud
could exist, notwithstanding his past experiences of the honesty and integrity of the
entity’s management and those charged with governance.
• Unless, doubtful situations are present, the auditor may accept records and documents as
genuine.
• If conditions cause the auditor to believe that a document may not be authentic or that
terms in a document have been modified, the auditor shall investigate further.
• Where responses to inquiries of management or those charged with governance are
inconsistent, the auditor should investigate the inconsistencies.
Audit procedures for assessing fraud risk and responding the assessed / detected level of fraud
risk:
Enquiries of the management and others within the entity:
The auditor shall make enquiries of management regarding:
a. Management’s assessment of risk of material misstatement due to fraud

b. Management’s process for identifying and responding to the risks of fraud in the entity,
including any specific risks of fraud.
c. Management’s communication if any with those charged with governance
d. Management’s communication if any to employees regarding its views on business
practices and ethical behaviour
For entities having an internal audit function, the auditor shall make inquiries of internal
auditor
Enquiries of those charged with governance:
The enquiries of those charged with governance are based on how those charged with
governance supervise the management’s processes of handling the affairs of a company. The
scope of inquiry is limited here with the auditor only checking whether those charged with
governance are aware or wary of any fraudulent activity that may have occurred.
Identification of unusual or unexpected relationships:
The auditor shall evaluate whether unusual or unexpected relationships identified in performing
analytical procedures may indicate risks of material misstatements due to fraud.
Reporting of fraud and error:
➢ If the auditor identifies a fraud, they must communicate the matter on a timely basis to
the appropriate level of management. The appropriate level of management are those
individuals/departments that have the primary responsibility for prevention and
detection of fraud.
➢ If suspected fraud involves management, the auditor must communicate the matter to
those charged with governance.
➢ If the auditor has doubts about the integrity of those charged with governance, the
auditor should seek legal advice regarding an appropriate course of action.
➢ In addition to these responsibilities, the auditor must also consider whether they have a
responsibility to report the occurrence of a suspicion to a party outside the entity. Whilst
the auditor does have an ethical duty to maintain confidentiality, it is likely that any legal
responsibility will take precedence. In these circumstances it is advisable to seek legal
advice.
➢ If the fraud has a material impact on the financial statements the audit opinion will be
modified. When the opinion is modified, the auditor will explain why it has been modified
and this will make the shareholders aware of the fraud.
Responsibilities of management and auditor in planning the audit of financial

statements
Management Responsibility:
It is the responsibility of the management and Those Charged with Governance to ensure that
1. The entity’s operations are conducted in accordance with relevant laws and regulations
2. The entity’s financial statements are prepared in all material respects as per the
applicable financial reporting framework
3. To provide to the auditor all requisite understanding regarding the entity, its internal
control processes, its methodology and premise of recording transactions
4. To support the auditor in his process of acquiring SUFFICIENT AND APPRPORIATE AUDIT
EVIDENCE from within the entity.
Auditor’s responsibility:
1. Perform audit procedures to acquire SUFFICIENT AND APPRPORIATE AUDIT EVIDENCE

2. Obtain an understanding of the legal and regulatory framework applicable to the entity
and identify non-compliances there of
3. Obtain written representations wherever necessary.
Quality control in the audit of financial statements
It is the objective of the auditor to ensure the implementation of quality control procedures at the
engagement level that provide reasonable assurance that:
a. Audit complies with professional standards and legal requirements; and

b. Audit report issued is appropriate under the given circumstances.
Policies and procedures should be established which address:
1. Leadership responsibilities for managing and achieving quality on audits

2. Relevant ethical requirements
3. Acceptance and continuance of client relationships and audit engagements
4. Engagement resources
5. Engagement performance
6. Monitoring and remediation
7. Taking overall responsibility for managing and achieving quality
8. Documentation
The examination requires an understanding of the above emboldened points.

Relevant ethical requirements:
An audit is driven and led by the engagement partner in the case of a firm. The relebant
ethical requirements in quality control require:
1. The engagement is to remain alert for evidence of non-compliance with relevant ethical
requirements by the engagement team through:
• Inquiry; and
• Observation.
2. If there is an indication of non-compliance with relevant ethical requirements, the
engagement partner should:
• Consult others in the firm
• Determine appropriate action.
3. Overall, the engagement partner must:
• Identify, evaluate and address ethical threats
• Remain alert throughput the audit for breaches of ethical requirements
• Take appropriate action where ethical requirements have not been fulfilled
• Prior to dating the auditor’s report, take full responsibility for determining
whether ethical requirements have been fulfilled.
Engagement Resources:
The engagement partner shall ensure that there is no dearth in the required respurces to perform
an audit engagement.
Engagement resources encompass:

Human resources Technology Intellectual resources
Human resources engaged on Audit is a tech driven Intellectual resources include:
an audit include: exercise in today’s day and • Audit manuals to direct
a. Engagement team age. the execution of the
b. External experts audit
engaged by the Audit is based and driven • Implementation tools
auditor on AI driven tools and • Review tools
c. Internal auditor resources that enable • Templates
The competence and materiality determination • Risk control matrices
capabilities of these resources and sample selection. • Methodology
includes consideration of: guidelines
• Practical experience The audit of assertions too
• Understanding of is now an automated AI
professional standards driven process.
• Expertise in specified
areas of accounting Here, the readers must
and auditing note that the auditor’s
• Expertise in IT or professional judgement still
automated tools and dictates the audit, tools
techniques and AI are just a means of
• Knowledge of relevant its execution.
industries
• Ability to exercise
professional
scepticism and
judgement
• Understanding the
firm’s policies and
procedures
Insufficient human resources
may result in:
➢ Change in the audit
plan
➢ Extension to deadlines
➢ Withdrawal from the
engagement
Engagement performance
Engagement performance encompasses the following:
Direction, supervision and performance:
The engagement partner shall take responsibility for:
• The direction, supervision and performance of the audit engagement in compliance with
professional standards and regulatory and legal requirements.
• Enable the auditor’s report that is appropriate in the circumstances to be issued.
Reviews:
The engagement partner shall take the following responsibilities:
• The work has been performed in accordance with professional standards, policies and
procedures
• Reviews are being performed in accordance with the firm’s review policies and
procedures
• Appropriate consultations have taken place
• The objectives of engagement procedures have been achieved.
• Be satisfied that sufficient appropriate audit evidence has been obtained to support the
conclusions reached and audit report to be issued through:
✓ Review of documentation.
✓ Discussion with engagement team.
Consultation:
Engagement partner shall:
• Take responsibility for the engagement team undertaking consultation on difficult issues
• Be satisfied that members of the engagement team have undertaken such consultation.
• Be satisfied that nature and scope and conclusions of such consultations are agreed with
the consultant.
• Determine that conclusions resulting from such conclusions have been implemented.
Engagement Quality Control Review:
Required in case of audit for financial statement of listed entities and other audit engagement for
which engagement quality control review is required, the engagement partner shall:
• Determine that an engagement quality control reviewer should be appointed.

• Discuss significant matters arising during audit engagement with engagement quality
control reviewer.
• Not date the audit report until completion of the engagement quality control review.
Matters to be evaluated by the engagement quality control reviewer:
• Discussion of significant matters with the engagement team

• Review of financial statements and proposed audit report
• Review of selected audit documentation regarding significant judgements and conclusions
of the engagement team
• Evaluation of conclusions reached
• Considering whether the proposed audit report is appropriate.
Additional considerations in audit of financial statements of listed entities:
• Engagement team’s evaluation of firm’s independence in relation to audit engagement

• Whether appropriate consultation has taken place on matters involving differences of
opinion/difficult matters and conclusions arising from consultations.
• Whether audit documentation selected for review reflects the work performed with
respect tp significant judgements made and supports the conclusions reached.
Eligibility of engagement quality control reviewers:
• Cannot be a member of the engagement team

• Must have the competence and capabilities, including sufficient time and the appropriate
authority to perform the engagement quality control review
• Must comply with relevant ethical requirements and laws and regulations.
Differences of opinion:
Differences of opinion may arise:
• Within the engagement team

• With those consulted
• Between the engagement partner and engagement quality control reviewer
The engagement team shall follow the firm’s policies and procedures for dealing with and
resolving differences of opinion.
Monitoring and remediation:
1. Monitoring process provides the firm with reasonable assurance that its policies and
procedures relating to the system of quality control are relevant, adequate and operating
effectively.
2. To monitor quality control policies, the engagement partner will consider:
• Results of the firms’ monitoring process
• Whether deficiencies noted may affect the audit engagement.
3. The monitoring process shall ensure that relevant reliable and timely information about
the design, implementation and operation of the system of quality management be made
available. This shall ensure that appropriate actions and responses against deficiencies
can be affected on a timely basis. In order to achieve this, the firm must:
• Establish quality objectives
• Identify and assess quality risks
• Design and implement responses to address quality risks
Chapter 7: Audit Evidence 97
Chapter 7: Audit Evidence
Table of contents:
1. Meaning and attributes of audit evidence – how much is sufficient and what is appropriate?
2. Financial statements assertions
3. Audit procedures/Methods for acquiring audit evidence
4. Sources of audit evidence
5. Sampling
6. Relying on the work of external parties:
a. Management expert
b. Internal auditor/ Internal audit function of the auditee entity
c. Service organizations
Audit evidence quite simply put is the basis of forming an audit opinion.
Meaning and attributes of Audit Evidence

Meaning of audit evidence:
ISA 500 defines audit evidence as, “Information used by the auditor in arriving at the conclusions on
which the auditor’s opinion is based. Audit evidence includes both information contained in the
accounting records underlying the financial statements and other information.”
In the process of audit, most if not all information is of an accounting or financial nature. This
information is:
a. Contained in the accounting records underlying the financial statements; and/or

b. Obtained from sources within the entity but from within accounting records.
c. Obtained from sources outside the entity
We have summarized examples in categories that will best enable your understanding on sources
of audit information, here under:
Information in accounting recording Information obtained from Information obtained from sources
underlying the financial statements withing the entity but not from outside the entity i.e. external sources
accounting records
• Account balances of trade • Understanding processes of • Bank balance confirmations from
receivables and payables revenue recognition, company’s bankers
• Details of revenue recognized purchase, payments, debt • Payable confirmations from
and classified as unearned settlement, etc. company’s vendors
• Useful life estimates for • Board minutes, board • Receivable confirmations from
property, plant and equipment resolutions company’s customers
• Calculations of employee • Valuer’s certificates for fair • Company credit rating to analyse
benefits value of assets. credit health of the company.
• Confirmations/certificates for • Agreements of high value
timely deposit of all taxes transactions like leases, title
collected and deducted documents for assets, etc.
The audit process has to be designed in a manner that enables the collection of audit evidence to
facilitate the formation of a conclusive audit opinion.
Attributes of audit evidence:
If the information is such that the opinion of the auditor shall be based on it, it has to be reliable to
say the very least. Accounting information is primarily numerical in its nature, and hence it can be
used to analyse trends. For information to be supportive of any trend, it has to display repetitive or
specific characteristics that prove the existence of such a trend. And such trends can be proven
when information is abundant in its quantity such as:
• High number of transactions for areas like - revenues, expenses, related party transactions
• Repetitive entries for employee benefit accounting, depreciation, utility bills etc.
Quantitatively abundant evidence is no guarantee that the evidence is of the required quality.
Evidence must have a quality to support conclusions and quantity to prove their prevalent
existence. Hence characteristic of evidence acquired must be both qualitative as well as
quantitative.
All audit procedures must be designed in a way that enable obtaining sufficient and appropriate
audit evidence.
Sufficiency of audit evidence:
Sufficiency refers to the quality of audit evidence. It is affected by the assessment of the risk of
material misstatement. Whether the quality of evidence acquired is sufficient depends on:
• Risk of material misstatement.

• The materiality thresholds the item of evidence is subject to.
• Nature of accounting and internal control systems.
• Tests of controls and their underlying results.
• Auditor’s experience with the entity or industry that the entity is a part of.
• The size of the population being tested.
• The size of the sample selected to be tested.
• The reliability of evidence obtained.
Appropriateness of evidence:
Appropriateness of audit evidence refers to the measure of quality of audit evidence. The quality
of audit evidence is based on its relevance and reliability. Just how supportive the evidence at hand
is for the auditor to base his opinion upon is the true measure of its quality.
a. Reliability of audit evidence:
The following factors are important when judging the reliability of audit evidence:
i. Independent sources: The reliability of audit evidence increases when it is acquired

from independent sources which cannot be influenced by the auditee entity. Here the
evidence obtained by the auditor directly is considered to be more reliable.
ii. Effectiveness of internal controls: the reliability of audit evidence acquired from
internal sources like accounting records and documentation is increased when the
related internal controls imposed by the entity are effective.
iii. Documented evidence: Audit evidence in the documented form, whether paper,
electronic or other medium is more reliable than evidence obtained verbally.
iv. Original documents: Audit evidence provided by original documents is more reliable
than audit evidence provided by photocopies or documents that have been filmed,
digitized or otherwise transformed into electronic form. The reliability of such copied
or converted evidence depends on the internal controls exercised or imposed over their
preparation or maintenance.
Higher the degree the reliability of audit evidence, lower would-be quantity needed to
base the audit opinion and vice versa.
b. Relevance of audit evidence:
Relevance of audit evidence caters to the purpose and objective of audit procedure. How
relevant a piece of information is, depends on the financial statement assertion that is being
examined by the auditor.
Consider the following examples for getting a better understanding of the relevance of audit
evidence:
• While auditing the area of revenue recognition, customer contracts for sale of
goods/services are more relevant than cash collection cycles from those customers. The
cash collection cycle will be dictated by the terms and conditions laid down in the contract
with the customer. The contract of sale will dictate the periodicity of collection of the
contract price. Hence, relevant evidence here is the contract of sale. Cash collection
details are merely supplementary to the main contract.
• If the purpose of an audit procedure is to test for overstatement in the existence or

valuation of accounts payable, testing the recorded accounts payable may be a relevant
audit procedure. When testing for understatement in the existence or valuation of
accounts payable, testing the recorded accounts payable would not be relevant, but
testing such information as subsequent disbursements, unpaid invoices, suppliers’
statements, and unmatched receiving reports may be relevant.
Relevance of the audit evidence obtained, has an impact on its reliability. Higher the relevance of
the evidence, higher is its reliability and vice versa. Hence, relevance will indirectly impact the
quantum of evidence to be collected.
Relevance of Reliability of Impact on quantum (quantity of data) to be collected as

data collected data collected evidence
as evidence as evidence
Low Low • Auditor will have to collect more data to establish if
ROMM exists as the data collected lacks relevance
and reliability.
High High • In such cases less is good.
• This stems from the fact that the data at hand
supports in detecting ROMM.
• Once detected or determined, acquiring further
evidence will only confirm the existence or non-
existence of ROMM. Here additional evidence will
not really create any incremental value for the
audit.
The attributes of relevance and reliability enhance the audit evidence obtained. These attributes
are merely indicators of the existence of risk of material misstatement and do not contribute in
reducing or enhancing such risk. Here, the reader is requested to appreciate that:
• Risk of Material Misstatement = Inherent Risk x Control Risk

• Inherent risk and control risk cannot be reduced by acquiring more reliable or relevant
evidence.
• Reliable and relevant audit evidence will help the auditor to test control strengths and
weaknesses, rather than reduce ROMM.
• Sufficient and appropriate evidence will help detect ROMM in a far better manner,
evidence cannot reduce ROMM it merely helps to detect it.
For those of you who enjoy detective flicks and mystery dramas, remember that evidence
does not prevent the crime, it merely helps you detect the crime and the perpetrator.
In conclusion:
• Relevance and reliability are the factors that determine the appropriateness (quality) of the
audit evidence.
• Sufficiency of audit evidence coupled with its appropriateness enable the auditor to
conclude if there exists any ROMM in the financial statements.
• This conclusion about the existence of ROMM is the basis on which the auditor compiles
his opinion which is ultimately conveyed to the users of financial statements and
information.
• The relevance of audit evidence acts as the basis of testing audit assertions, which is our
next topic of discussion.
Assertions are claims made by the management regarding accounting balances reported and
transactions entered into by the company. These assertions are audited by acquiring audit
evidence.
Financial Statement Assertions:
Now, let us understand what financial statement assertions are in their true essence. Consider the
undermentioned extract of the Balance Sheet i=of Reliance India Ltd (RIL) as on 31 March 2021:
The balance sheet extract presents financial information such as the value of total assets of RIL as
on 31 March 2021. A break up and categorization of total assets as per the relevant accounting
framework has been provided for users of the financial statements.
Let us consider 3 questions in our process of understanding what assertions are:
1. While RIL reports that the book value of Property, plant and equipment is INR 2,92,092
crore, how do you as the reader and user of financial information, know whether this
statement made by RIL is true or untrue?
2. While RIL states that the value of Inventory is INR 37,437 crore, how do you as the reader
and user of financial information, know whether this statement made by RIL is true or
untrue?
3. While RIL states that the value of Loans given is INR 993 crore, how do you as the reader
and user of financial information, know whether this statement made by RIL is true or
untrue?
Financial statement assertions are nothing, but claims made by the management regarding the
financial position of the company.
So, when the management of RIL states that the value of PPE is INR 2,92,092 crore or that the value
of inventory is INR37,437 crore or that the value of loans given is INR 993 core, these are nothing,
but claims made by the management of RIL.
How will you, an outsider, a small minority shareholder/investor determine whether these claims
are true, or not? The answer lies in audit. It is the auditor who verifies these claims -i.e., financial
statement assertions by gathering audit evidence which has to be sufficient and appropriate. Based
on such evidence, the auditor assures that the financial statements are true and fair which simply
means that the claims made by management i.e., the management assertions are true and fait and
not misguiding or false.
Investors, lenders and other classes of users of financial information base their decisions of
investing in and lending to the company on the data that is reported in the financial statements
– these data are nothing but management assertions about account balances of assets and
liabilities and transactions entered into by the company.
For providing this assurance, the auditor must evaluate the assertions made by the management.
These assertions are misleading if they are misstated due to material misstatements stemming from
error or fraud.
The evaluation of whether these assertions are misleading is made by assessing the risk of material
misstatement at the level of the financial statements as a whole and at the assertion level.
Assessment of risk of material misstatement at financial statement level:
• This risk refers to material misstatements impacting the financial statements as a whole. It
stems from assertions and impacts the assertions made as well.
For instance, if depreciation is based on a 10-year useful life, it impacts the asset position in
the Balance sheet and in case there exist conditions that adversely impact the useful life of
the asset, such conditions then impact the reported asset numbers (an assertion in itself)
and estimate made for the useful life.
• The risk of material misstatement at financial statement level particularly derives from a
deficient control environment. A lack of internal control on the part of the management
will automatically lead to an increase in the amount of audit procedures and efforts to be
undertaken.
Assessment of risk of material misstatement at assertion level:
At the assertion level the risk of material misstatement impacts account balances, classes of
transactions and disclosures. Assertions made by the management have to be evaluated by the
auditor under three categories:
a. Assertions impacting transactions that occur during the year

b. Assertions impacting account balances at year end
c. Assertions impacting presentation and disclosure
Assertions impacting transactions that occur during the year
An auditor must have a questioning mind,

It is reality and fact that the auditor must find,
No doubt or query is ever too meek
For, it is ample clarity that the auditor must seek.
Transactions are the lifeblood of any business. Transactions result in revenue, expenses, asset
creation, liability generation, gains, and losses. The true essence of a transaction always lies beyond
its mere legal form and financial reporting as a function is tasked with the responsibility of capturing
that very essence. What a transaction entails and how exactly it impacts the financial position of an
enterprise is what the makers of financial statements i.e., the management of the reporting entity
are tasked with to explain to the users of financial information. The management reports all
transactions that have taken place during the year in the financial statements by basing this
reporting on certain assertions. These assertions are to be evaluated by the auditor. In the process
of doing so, certain rudimentary and fundamental questions have to be asked by the auditor. These
questions are answered on the basis of the evidence gathered by the auditor whereby the auditor
finally signs-off on whether the assertion i.e., claim made by the management is true and fair or
misleading/misrepresented.
The following table lists down all the assertions made by the management in reporting transactions
in financial statements, that the auditor shall evaluate:
Assertion to be evaluated What question does the What is the assertion trying
auditor ask while evaluating to convey in the financial
this assertion? statements?
Occurrence Has the transaction actually Transactions that have
occurred during the period for occurred during the reporting
which audit of financial period have been recorded in
statements is being the financial statements
conducted?
Completeness Has every aspect of the Transactions that have
transaction been completely occurred during the reporting
recorded in the financial period have been reported in
statements? the financial statements in
manner that captures their
entire essence and impact.
Accuracy Has the transaction been Transactions have reported at
accurately recorded in the their accurate value in a
financial statements in waythat manner that the financial
there is no scope of distortion statements are free from
or misstatement owing to error
misrepresentation of or purposeful numerical
commercial and factual reality? distortion.
Cut-off Do all the reportedtransactions Transactions have been
pertain/relate to the reporting recorded in the correct
period? reporting period - All
Is/are there any transaction(s) transactions that relate to this
that although have occurred reporting period have been
during the reported period, recorded in this very the
have not been captured or reporting period.
reported in the financial
statements owing to unique
contractual terms and
obligations?
Classification Have the recorded transactions Transactions have been
been accurately classified as properly classified into capital
per applicable accounting and revenue. Deferments
norms and principles? have been transparently
disclosed and accurately
justified in the accounts and
notes to the accounts.
Presentation Is the presentation as per the Transactions have to be
applicable financial reporting presented with respect to all
framework? material facts and
Does the presentation information related to the
support/aid the user’s transactions.
understandability of the The presentation has to be in
financial statements? line with the applicable
financial reporting
framework.
Class discussion
Let us understand assertions impacting transactions during the year with the help of the following
case:
Haers Ltd. placed an order for a machine on 29 June 20X1. This custom-built machine is delivered
to Haers on 26 October 20X1 by the vendor. On the date of delivery, Haers begins the process of
installing the machine in its factory and the same is completed on 16 December 20X1 from when it
begins using it for production and manufacturing. As per contractual stipulations, Haers makes the
payment to the vendor on 15 February 20X2. The reporting year/period for Haers is January 20X1
to December 20X1.
As the auditor of Haers which assertions would you evaluate for the above transaction?
Assertions impacting transactions that occur during the year
Transactions create account balances. Amounts are paid and received in the course of the reporting
period and each such amount takes the form, shape and colour of an account balance. Cash is
transformed into assets, which create goods which then lead to becoming account receivables who
ultimately become cash again. Purchases and expenses create accounts payable who then claim
cash and are eventually settled.
How one commercial item transforms into another has to be accurately tapped into and
appropriately disclosed. The management reports all account balances that have been:
A. Carried forward from previous reporting periods to the current reporting period either to
be settled in the current period or carried forward to future reporting period,
B. Created and settled during the current period,
C. Created in the current reporting period and carried forward to the next reporting period
These balances are reported based on certain assertions. These assertions are to be evaluated by
the auditor. In the process of doing so, certain rudimentary and fundamental questions have to be
asked by the auditor. These questions are answered on the basis of the evidence gathered by the
auditor whereby the auditor finally signs-off on whether the assertion i.e., claim made by the
management is true and fair or misleading/misrepresented.
The following table lists down all the assertions made by the management in reporting account
balances in financial statements that the auditor shall evaluate:
Assertion to be evaluated What question does the What is the assertion trying to
auditor ask while evaluating convey in the financial
this assertion? statements?
Existence Each account balance relates to The assets and liabilities,
a tangible (sometimes connected to and represented
intangible) item or resource. by the account balances in the
Do these items or resources financial statements, exist.
really exist?
Rights and obligations Does the entity have a right of All tangible and intangible
ownership / title over the rights represented by their
assets reported? respective titles have been
disclosed as assets.
Is the entity obligated to settle All obligations that result in
the liabilities reported? and shall result in an outflow
of resources have been
disclosed as liabilities.
Completeness Has the entirety of assets and Assets with their respective
liabilities been recorded in the additions and deductions have
financial statements? been recorded in their
entirety.
Liabilities with their
accumulations and
settlements have been
recorded in their entirety.
Valuation and allocation Have assets and liabilities been Assets and liabilities are
reported at their appropriate reported in the financial
fair values as per GAAP statements at appropriate
requirements? amounts and allocation
adjustments have been made
Have adjustments to the values as per GAAP requirements
of assets and liabilities been with the requisite supporting
appropriately reported in the like valuer’s certificate, etc.
financial statements?
Classification Classification for account All account balances should
balances ensures appropriate reflect the transactions that
grouping of transactions under impact them. For instance, an
the relevant head of reporting issue of equity shares at a
– premium should reflect in:
For instance: A. The Account balances
✓ All material purchases of issued Share capital
are ultimately B. The Reserve and
aggregated under Cost Surplus Balance of
of Goods Sold. Premium.
✓ All movements in
Equity due to issue,buy
back and forfeiture
of shares are
ultimately aggregated
under the Statement

of Changes in Equity.
Presentation Is the presentation as per the Account balances have to be
applicable financial reporting presented with respect to all
framework? material facts and information
Does the presentation related to the said balances.
support/aid the user’s All transactions that impact
understandability of the the account balance per se,
financial statements? have to be appropriately
reflected in the presentation
of the said account balance.
The presentation has to be in
line with the applicable
financial reporting framework.
Controls relevant to audit:
• The entity’s objectives and controls relate to financial reporting, operations and
compliance; however, not all of these objectives and controls are relevant to the auditor’s
risk assessment.
• The auditor shall obtain an understanding of internal control relevant to the audit.
• Although most controls relevant to the audit are likely to relate to financial reporting, not
all controls that relate to financial reporting are relevant to the audit.
• It is a matter of the auditor’s professional judgment whether a control, individually or in
combination with others, is relevant to the audit.
Methods of Acquiring audit evidence (Procedures to be performed to acquire audit

evidence)
Inspection This method involves:

• Examining records and documents that can be both internal as well as
external in nature.
- These records and documents can be in paper form, electronic form
or in any other form that can be viably documented for audit
purposes
• Physical inspection and examination of assets
- Inventory counting and verification
- Fixed asset verification and match with fixed asset registers
Observation This method involves observing processes and procedures while they are being
performed to evaluate their effectiveness.
- For instance, an auditor is required to observe first-hand, the
inventory counting, and management procedure followed by the
reporting entity.
- Take-aways from the procedure observed serve as crucial inputs to
gather evidence when the auditor is required to perform an
inventory verification to corroborate numbers reported in the
financial statements.
External External confirmations represent audit evidence obtained by the auditor as a
confirmation direct written response from a third party.
For instance, bank balance numbers reported by the entity are confirmed by
acquiring the most recent bank statement directly from the bankers.
Recalculation This method involves checking the mathematical accuracy of documents and
records by manual or electronic calculations.
- For instance, the summation of salaries paid by all departments like
Production, Marketing, Sales, HR, Finance, Administration is
reported as the total number of “Salary” which is debited to the
statement of profit and loss.
- Recalculation could involve rechecking the individual total of each
department after considering leaves, over-time bonuses, promotion,
and appraisal, etc.
Re- This method requires the auditor to independently execute processes or
performance controls that are in place in the entity to:
• Re-check their existence; and
• Check their effectiveness
Analytical Evaluate financial information by studying relationships between financial and
procedures non-financial data.
- For instance, if a segment or line of business has been reporting
constant growth over the past few years, the auditor should analyse:
• Quality of payable management via recurrence and duration of
payments to vendors.
• Quality of receivable collection via credit period granted, credit check
detailing prior to granting credit to customers, modes of recovery and
discounts offered for early payment.
Inquiry Inquiries may range from formal written inquiries to informal verbal inquiries.
Inquiries must be supported with written representations from management
wherever appropriate.
Audit procedures:
Inherently, the audit process begin with a test of controls that enables the auditor to determine the
effectiveness of the internal controls in the auditee entity.
Effectively operating internal controls automatically reduce the gravity of audit risk.
Tests of Controls:
• Tests of control is an audit procedure which will provide evidence as to whether the control
procedure is in place and working effectively.
• Tests of control focus on control procedures.
• Test of controls rely on direct controls to function effectively. Direct controls are control
procedures which are properly designed, in place and working effectively at addressing the
risk of material misstatements at the assertion level.
• If a direct control is identified to be tested under tests of control, the auditor will be
required to acquire sufficient and appropriate audit evidence about the effectiveness of the
said direct control – for instance segregation of duties.
• Tests of control are not substantive in nature i.e., auditor does not check the balances which
will go in the financial statements.
Substantive procedures:
• The results of tests of control determine the quantum of substantive procedures to be

performed in the course of the audit.
• The purpose of substantive procedures is to obtain audit evidence about specific
management assertions related to account balances or transactions. The evidence
obtained by the application of substantive procedures is circumstantial and generally
additional evidence in the form of some documentation must be acquired.
• Substantive procedures are intended to create evidence that an auditor assembles to
support the assertion that there are no material misstatements in regard to the
completeness, validity, and accuracy of the financial records of an entity.
• Substantive procedures are of two types:
- Analytical procedures
- Tests of detail.
Analytical Procedures:
Analytical procedures are an evaluation of financial information though an analysis of relationships

among both financial and non-financial data.
Analytical procedures encompass such investigation as is necessary of identified fluctuations or

relationships that are inconsistent with other relevant information or that differ from expected
values by a significant amount.
Nature of analytical procedures:
a. Analytical procedures include the consideration of comparisons of the entity’s financial

information with:
• Comparable information for prior periods
• Anticipated results of the entity, such as, budgets, forecasts, or expectations of the
auditor
• Similar industry information
b. Analytical procedures also include consideration of relationships, among:
• Elements of financial information such as gross margin percentages
• Financial information and relevant non-financial information such as payroll costs
to number of employees
Auditor’s objectives:
a. To obtain relevant and reliable audit evidence when using substantive analytical
procedures
b. To design and perform analytical procedures near the end of the audit that assist the
auditor when forming an overall conclusion as to whether the financial statements are
consistent with auditor’s understanding of the entity.
Auditor’s procedures:
a. Determine the suitability of particular substantive analytical procedures. Following factors

require consideration:
1. Substantive analytical procedures more suitable to large volumes of transactions
tending to be predictable over time.
2. Suitability of analytical procedures influenced by:
• Nature of assertion
• Auditor’s assessment of analytical procedures effectiveness to identify
material misstatement
3. In some cases, unsophisticated predictive models maybe useful
4. Different types of analytical procedures provide different levels of assurance
5. Particular substantive analytical procedures may be considered suitable when tests of
details are performed on the same assertion.
b. Evaluate the reliability of data:
Following factors affect the reliability of data:
• Source of the information
• Comparability of the information
• Nature and relevance of the information available
• Controls over the preparation of the information
c. Develop an expectations if recorded amounts or ratios and evaluate whether the
expectation is sufficiently precise to identify material misstatement.
d. Determine the amount of any difference of recorded amounts form expected values that is
acceptable without further investigation.
Sampling – More than merely judging a book by its cover
At the very outset let us clarify that a sample is the smallest unit of audit evidence that enables the
auditor to base his opinion upon. It is one transaction selected to check the fairness of its assertions,
out of multitudes of similar such transactions. If this one transaction seems fairly reported and
presented, the auditor leads to believe that all the similar transactions that are represented by this
one transaction too maybe fairly reported and presented.
The process of acquiring a sample is referred to as sampling and this can be performed using various
methods, each of which have been discussed ahead.
The auditor faces inherent limitations under which he performs the audit. These limitations pertain
to nature, extent and timing of work to be carried out. In any audit engagement, the auditor cannot
practically examine the entire population of transactions or account balances owing to these
limitations. Audit is an art, where under the auditor has to scientifically pick and choose a few
transactions (sampling) that best represent the entire universe of transactions that an entity has
entered into. These limited few transactions (samples) that are representative of a wider
population of transactions are the basis on which the auditor expresses his opinion.
Sampling is driven by:
• The nature of the entity under audit,

• Features of its business,
• The overall degree of risk that the entity maybe vulnerable to and
• The auditor’s past experience with the entity under audit or with similar such entities.
In the process of performing the audit, the auditor has to evaluate:
a. Internal control effectiveness, for which he has to perform a test of controls.

b. Existence of material misstatements due to error or fraud, for which he has to perform a
test of details.
To perform the above evaluations of tests of control and details, samples have to be selected for
both:
a. Tests of controls to assess the effectiveness of controls and

b. Tests of details to check for the existence of material misstatements
There are scientific methods of drawing a sample from within a sea of transactions. These methods
have been explained in the next section. The sampling process carries its own risks and challenges,
an improper or unsuitable sample can produce misleading results which can hamper the audit
process and impact the overall accuracy of the auditor’s opinion on the financial statements.
Sample Selection Methods:
(check this in alignment, place this slightly below the heading)

Selection of samples is driven by two methods, viz a viz, statistical and non-statistical. They are
enumerated as under:
Statistical Sampling
Random Selection Systematic Selection Monetary Unit Sampling
• This method ensures that • Under this method the • This method is avalue
all items within a number of sampling units in weight-based
population stand anequal a population is divided by selection where in
chance of selectionby the the sample size to give a sample size, selection
use if random number sampling interval. and evaluation result
tables or random number Say for instance, each 50th in a conclusion in
generators. unit is selected. monetary amounts.
• Here the sampling units • Under this method the • For instance, all sales
can be physical items starting point is determined made on credit basis
such as sales, invoices or haphazardly. that exceed $20,000.
monetary units • Here, to ensure that the
• Most suitable for: sample is truly random, the
Population that following can be used:
consists of - Computerized
reasonably similar random number
units that fall within generator
a reasonable range. - Random number
tables
Non-Statistical Sampling
Haphazard Selection Block Selection
• Under this method, samples are selected • It involves the selection of blocks of
without following a structuredtechnique. contiguous items from within the
• Although, no structured technique is population
used, the audit would nonetheless avoid • Block selection cannot ordinarily ne used
any conscious bias or predictability. This in audit sampling because most
ensures that all items in the population populations are structured such that
have a chance of selection. items in a sequence can be expected to
• For audits that merit the use of statistical have similar characteristics to each other,
sampling, haphazard selection cannot be but different characteristics from items
used. elsewhere in the population.
• In some circumstances it may be
appropriate audit procedure to examine
a block of items, it would rarely be an
appropriate sample selection technique
when the auditor intends to draw valid
inferences about the entire population
based on the sample.
The universe of transactions that an auditee entity engages in the course of the period under
audit.
Sampling is merely a synchronised, scientific selection of transactions that best represent the
entire universe of transactions that the auditee has engaged in. The samples selected have been
encircled as shown below:
Sampling Risk:
Sampling supplements the formation of the audit opinion. Sampling has its own risks and if
performed erroneously can result in misleading or inaccurate audit conclusions and opinion.
Sampling risk that affects audit effectiveness Sampling risk that affects audit efficiency
Sampling risk pertaining to tests of control: Sampling risk pertaining to tests of control:
The sample selected demonstrates that The sample selected demonstrates that
internal controls are effective. However, in internal controls are ineffective. However, in
reality they are not effective. reality they are effective.
This is the misleading conclusion that an Here the internal controls appear to be less
improperly selected sample for tests of control effective than they actually are.
can lead to.
This results in the auditor having to performing
Here the internal controls appear to be more additional work and tasks around acquiring
effective than they actually are. more evidence and performing additional tests
Sampling risk pertaining to tests of details: Sampling risk pertaining to tests of details:
The sample selected demonstrates that The sample selected demonstrates that
material misstatements do not exist. However, material misstatements exist. However, in
in reality misstatements do exist. reality misstatements do not exist.
Considerations to be made while designing a sample:
When designing a sample, the auditor has to consider the undermentioned:
a. The purpose of the audit procedure to which the sample will serve as evidence.
b. The combinations of procedures that are being performed where the sample will serve as
evidence.
c. The nature and characteristics of evidence that is sought.
d. Possible misstatements that can occur in the reporting area from which the sample is
sought.
Relying on the work of external parties

Imagine having to audit a chemical manufacturing company, a sugar producer, a tobacco curer, a
perfume maker, a car manufacturer – an auditor is proficient in accounting, compliance testing,
financial controllership and the like. How can an auditor perform the audit of a company whose
core business technicalities, operational nitty-gritties and industrial nuances an are something
he/she does not understand? In such situations, the auditor has to rely on the work of an external
experts such as:
1. Management’s expert.
2. Internal auditor / Internal Audit function of the auditee entity.
3. Service organizations.
Relying on the work of management’s expert:
ISA 500: Audit Evidence provides express guidance on what the auditor should consider before and
while relying on the work of a management’s expert. This has been summarized as under:
Evaluation of
Competency of management Capability of capability of Objectivity of management
expert management expert expert
Evaluation of competency of Evaluation of the capability of Evaluation of the objectivity of
the management’s expert the management’s expert the management’s expert
relates to the nature and level relates to how well the said entails the possible effects
of expertise the management expert is able to exercise its that:
expert has in adding value to level of competency • Bias
the preparation of the • Conflict of interest
financial statements • Influence exerted by
others
May have on the professional
or business objectivity of the
management expert.
Sources of information while evaluating the competence, capability and objectivity of the
management’s expert, include but are not limited to:
• Personal experience with previous work.

• Discussions with that expert.
• Discussions with others who are familiar with the expert’s work.
• Knowledge of that expert’s qualifications, membership of professional body or industry
association, licence. to practice or other forms of external recognition.
• Published papers or books written by expert.
• The auditor’s expert vetting the competence, capability or objectivity of the management’s
expert.
Evaluation of the competency, capability and objectivity of the management’s expert:
An evaluation of the competency, capability and objectivity of the management’s expert is based
on:
1. Understanding the management expert’s work

2. Evaluating the management expert’s work
Understanding the management’s expert’s Evaluating the appropriateness of the

work management expert’s work
This includes: This includes:
1. Areas of speciality within field of 1. The relevance and reasonableness of
expertise. the findings or conclusions presented
For instance, the management’s expert by the management’s expert:
may have expertise in asset accounting For instance, the management’s
areas within IFRS or other GAAP. expert based on past trends may
2. Applicable professional or other recommend recognizing 15% of the
standards and regulatory or legal warranty as a provision.
requirements. 2. Consistency with other audit
For instance, the management expert’s evidence:
work may rely heavily on expertise in For instance, if the management
corporate laws and stock exchange expert has chosen to use the fair value
regulations for a listed/publicly traded model for subsequent reporting of all
entity. tangible and intangible assets, is there
3. Assumptions and methods used by sufficient supporting in the form of
the management expert, the general evidence to confirm the accuracy of
acceptability of those assumptions the fair values assigned to each
and methods with that expert’s field individual class or classes of assets in
and appropriateness for financial the form of valuer’s reports or
reporting purposes. otherwise?
For instance, if the expert uses the fair 3. Whether the treatment of items
value model of subsequent reporting prescribed by the management’s
for all tangible and intangible assets, expert has been appropriately
impact this has on the overall quality of reflected in the financial statements:
the reported financial information. For instance, if the management’s
4. Nature of internal or external data expert has opined on disclosing certain
that the management’s expert uses. areas of revenue or operations as a
For instance, the expert uses the Black- reported segment has the same been
Scholes- Merton model to value stock disclosed as a reporting segment in the
option plans that have been financial statements with all due
announced for employees. supporting?
4. Relevance and reasonableness of the
assumptions and methods:
For instance, is it justified i.e., is it
reasonable to write off say 8% of the
trade receivables as bad debts bases
on the assumptions presented by the
expert?
5. Relevance, completeness and
accuracy of the source data:
For instance, the whether the year end
currency rates that have been used by
the expert for conversion of monetary
and noon-monetary items , have been
derived from a reliable source such as
that published by the central bank or a
leading public sector bank that is
qualifies as a foreign exchange rate

setter
The auditor’s responsibility is not reduced where the work of the management’s expert is relied
upon. As a matter of professional responsibility, it is amplified to the extent that this work has to
be cross verified and evaluated to meet the degree of suitability that provides the auditor with
reasonable comfort on relying with such work.
Relying on the Internal Auditor / Internal Audit function of the auditee entity:
The external auditor has the sole responsibility for the audit opinion expressed. This responsibility
can be better executed by using the work of the internal audit function, if it exists in the auditee
entity.
An internal audit department forms the part of the auditee entity’s system of internal control. IA
helps correct and maintain internal control by identifying and plugging gaps in an entity’s processes.
An effectively functioning IA department results in control risk being reduced and therefore reduces
the need for the auditor to perform detailed substantive testing.
However, the auditor has to ensure professional scepticism with respect to the data and findings
presented by the IA department as where the auditee entity has an inhouse IA department, the
internal auditor and the IA function as a whole are not independent of the entity.
The scope of the internal audit function has been graphically illustrated as under:
Before relying on the work of IA or IA function, the auditor has to evaluate the following:
a. IA function overall
b. Objectivity of IA in the organization under audit
c. Competence of IA in the organization under audit
d. Work performed by IA or IA
Evaluating the IA function overall:
While evaluating the IA function overall, the auditor must ask the following questions:
1. Do the internal audit function’s organizational status and relevant policies and procedures
support the objectivity with which internal auditors perform their work?
2. How competent is the IA function?
3. Does the IA function apply a systematic and disciplined approach?
If the answers to the above questions are favourable, the auditor chooses to rely on the work
performed by the IA function by applying the appropriate degree of professional scepticism.
Evaluating the objectivity of the IA function:
While evaluating the objectivity of the IA function, the auditor must ask the following questions:
1. Does the IA function report to TCWG or does the IA function have access to TCWG?
2. Is the IA function free from operational responsibility?
3. Who takes the employment and remuneration decisions of the IA function, is it TCWG or a
committee of non-executive directors like the Audit committee?
4. Are there any restrictions or constraints placed on the IA function by the management or
TCWG?
5. Are the IA members of any professional body such as the Association of Chartered Certified
Accountants or the Institute of Chartered Accountants of England and Wales?
If the answers to the above questions are favourable, the auditor opines that the IA function as well
as IA are objective in their approach to the work they perform.
Evaluating the competence of the IA function:
While evaluating the competence of the IA function, the auditor must ask the following questions:
1. Are the resources of the IA function appropriate and adequate for the size of the
organization and the nature of its operations?
2. What are the established policies for hiring, training and assigning internal auditors to the
IA function and IA engagements?
3. Do the IA have adequate training and proficiency, including professional qualifications and
experience?
4. Do the IA have the required knowledge of the entity’s financial reporting framework?
5. Do the IA have the necessary skills to perform work related to the entity’s financial
statements?
as IA are competent to serve the organization and add value to the internal control process.
Evaluating the work performed by the IA function:
While evaluating the work performed by the IA function, the auditor must ask the following
questions:
1. Has the work performed by the IA or the IA function been properly planned, performed,
supervised, reviewed and documented?
2. Has SAAE been obtained by the IA or IA function while designing controls that are in place?
3. Have the conclusions been reached appropriate under the current/applicable
circumstances?
4. Are the reports prepared consistent with the work performed?
as IA have performed their work effectively.
Once auditor has evaluated the IA function on the basis of its objectivity, competence, work and an
overall basis, the auditor can use internal audit to provide direct assistance in the audit process. All
assistance taken in the audit process has to be documented.
The IA function can provide assistance in gathering audit evidence under the supervision and review
of the external auditor. While using the IA to provide direct assistance, the following considerations
will have to be made:
1. Direct assistance cannot be provided where the laws and regulations directly prohibit the
same.
2. Threats to objectivity and competence of the IA and IA function have to be considered
before relying on the same. It must be appreciated that the IA function per se are
employees of the organization under audit and they are answerable first and foremost to
the management of the organization. IN organizations that have lapses in governance and
ethics, the IA and the IA function will perform as per the demands of the leadership of the
organization. Relying on the IA function under these circumstances will naturally increase
the ROMM owing to fraud.
3. Selection of samples involving significant judgment cannot be left/allocated to IA
4. Any work planned and allocated to the IA must be communicated to TCWG.
Documentation to be maintained by the external auditor in case assistance has been provided by
the IA or IA function:
1. Management’s agreement in writing approving such assistance.

2. Management’s agreement in writing that they will not intervene in the work performed by
the IA to support the external auditor.
3. Written confirmation from the IA that they will keep external auditor’s information
confidential.
4. Evaluation of the objectivity and competence of the IA and IA function
5. Basis for the decision regarding the nature and extent aof the work performed by the
internal auditor.
6. The name of the reviewer and the extent of the review of the internal auditor’s work
7. Working papers produced by the internal auditor.
Service Organizations:
A service organization is a third-party organization that provides services to user entities. These
services are part of the user entity’s information system relevant to financial reporting.
For instance, companies use service organizations to perform business functions such as:
• Managing receivable and payables

• Payroll and pension payments
• Contractual payments and tax deducted at source
• Inventory management
But it’s not as simple as it may sound, the below graphic illustrates the challenge in this kind of
arrangement:
Important terms from the above graphic:
Service Auditor User Entity User Auditor

The auditor of the service The entity that uses a This auditor audits and reports
organization serviceorganization on the financial statements of
the user entity.
This auditor will provide an assurance The user entity is
report on the controls of the service undergoing theaudit. The user auditor seeks an
organization to the auditor of the user understanding of the
entity. effectiveness of controls of the
service provider from the
service auditor
Understanding how the user entity uses the services of the service organization:
The user auditor shall obtain an understanding of how user entity uses the services of a service
organization in the suer entity’s operation, including:
a. Nature of the service provided by the service organization and the significance of those
services to the user entity
b. The nature and materiality of the transactions processes or financial reporting processes
affected by the service organization
c. The degree of interaction between activities of service organizations and those of the user
entity
d. The nature of relationship between user entity and the service organization including the
relevant contractual terms for the activities undertaken by the service organization.
Obtaining an understanding of the services provided by the service organization:
The user auditor shall obtain an understanding of how the user entity uses the services of a service
organization in the user entity operation including:
a. Nature of service provided by the service organization and the significance of those services
to the entity.
b. The nature and materiality of the transactions processed or financial reporting processes
affected by the service organization.
c. The degree of interaction between activities of service organization and those of the user
entity
d. The nature of relationship between user entity and the service organization including the
relevant contractual terms for the activities undertaken by the service organization.
Auditor’s considerations:
• The user auditor shall evaluate the design and implementation of relevant controls of user
entity that relate to the services provided by the service organization.
• The user auditor shall determine whether a sufficient understanding of nature and
significance of services provided by service organization and their effect on the user entity’s
internal control relevant to the audit has been obtained, to provide basis for identification
and assessment of ROMM
• If user auditor is unable to obtain a sufficient understanding from the user entity, the user
auditor shall obtain that understanding form one or more of the following procedures:
- Obtaining a type 1 or type 2 report if available
- Contacting the service organization through the user entity to obtain the sufficient
information
- Visiting the service organization
- Using another auditor to perform procedures that will provide the necessary information
about the relevant controls at the service organization.
Type 1 Report Type 2 Report

Report on the description and design of the Report on the description and design of the
internal controls at a service organization. This internal controls at a service organization. This
report comprises of: report comprises of:
a. A description, prepared by the a. A description, prepared by the

management of the service management of the service organization,
organization, of the service of the service organization’s system,
organization’s system, control control objectives and related controls
objectives and related controls that that have been designed and implemented
have been designed and implemented as at a specified date or throughout a
as at a specified date; and specified period, and in some cases, their
b. A report by the service auditor with the operating effectiveness throughout a
objective of conveying reasonable specified period.
assurance that includes the service b. A report by the service auditor with the
auditor’s opinion on the description of objective of conveying reasonable
the service organization’s system, assurance that includes:
control objectives and related controls • The service auditor’s opinion on the
and the suitability of the design of the description of the service organization’s
controls to achieve the specified system, control objectives and related
control objectives. controls and the suitability of the design
of the controls to achieve the specified
objectives; and
• The operating effectiveness of the
controls; and
• A description of the service auditor’s
tests of control and the results
thereof.
Responding to assessed ROMM:
The suer auditor shall determine whether SAAE with respect to the financial statement assertions
are available from records held at the user entity. If not:
• Perform further audit procedures to obtain SAAE

• Use another auditor to perform these procedures at the service organization,
Impact on the audit report:
If SAAE is not obtained – A qualified opinion or disclaimer of opinion is issued
Benefits to the audit:
Independence Competence
The service organization is external to the user. The service organization is considered as a
Hence, the audit evidence derived from it is specialist of the services it provides.
regarded as being more reliable than evidence Hence, it is more competent in executing its
generated internally by the user role than the user’s internal department
resulting in fewer errors which automatically
reduces the ROMM due to error.
Disadvantages to the audit:

➢ Concerns regarding access of records and information at the service provider’s end – this
comes in light if the auditor having no legal right to acquire SAAE from the service
organization.
➢ Limitations to the scope of work in case the service organization refuses/ imposes
restrictions on providing necessary information or assurance reports.
➢ Modification of opinion in case SAAE is not obtained. (Qualified opinion or Disclaimer of
opinion)
Use of Data Analytics in the audit process

Data analytics is a scientific method driven by IT tools which helps in discovering and analysing
patterns, deviations and inconsistencies and extracting other useful information in the data of
underlying or related subject matter of an audit through analysis, modelling, visualization for the
purpose of planning and performing the audit.
Features of Data Analytics:
➢ Helps identify risks

➢ Helps test controls
➢ Helps support in substantive procedures
➢ Helps incorporates a wider range of data
Chapter 8: Systems and Controls 130
Chapter 8: Systems and Controls
Table of contents:
1. Components of internal control
2. Objectives of internal control
3. Inherent limitations of internal control
4. Impact of tests of control on strategy and planning
5. Material weaknesses in internal controls
6. IT risks
7. Documentation
8. An overview of specific systems
Internal Control is the process designed, implemented and maintained by TCWG, management
and other personnel to provide reasonable assurance about then achievement of an entity’s
objective with regard to:
➢ Reliability of financial reporting
➢ Effectiveness and efficiency of operations
➢ Safeguarding of assets
➢ Compliance with applicable laws and regulations
The term “controls” refers to any aspects of one or more of the components of internal control.
Components of internal control

Internal control is the cumulative effect of many contributing components from all tenets of the
business. For internal control to be effective, it is necessary that each of its component that
contributes to its effectives, functions optimally both in isolation and collectively with the other
components. The components of internal control are graphically illustrated as:
Control Environment
Control environment includes the following elements:

1. Communication and enforcement of integrity and ethical values
2. Commitment to competence
3. Participation by TCWG
4. Management philosophy and operating style
5. Organizational structure
6. Assessment of authority and responsibility
7. Human resource policies and practices.
Risk Assessment process
The entity’s risk assessment process forms the basis for how management determines the risks to
be managed. If that process is appropriate to the circumstances, including the nature, size and
complexity of the entity, it assists the auditor in identifying ROMM. Risk can arise or change due to
the below mentioned circumstances:
1. Changes in operating environment:
Changes in the regulatory or operating environment can result in changes in competitive
pressures and significantly different risks.
2. New Personnel:
New personnel may have a different focus on or understanding of internal control.
3. New or revamped information systems:

Significant and rapid changes in information systems can change the risk relating to
internal control.
4. Rapid growth:
Significant and rapid expansion of operations can strain controls and increase the risk of
breakdown in controls.
5. New technology:
Incorporating new technologies into production processes or information systems may
change the risk associated with internal control.
6. New business models, products or activities:

Entering into business areas or transactions with an entity that has lesser experience may
introduce new risks associated with internal control.
7. Corporate restructuring:
Restructuring maybe accompanied by staff reductions and changes in supervision and
segregation of duties that may change the risk associated with internal control.
8. Expanded foreign operations:

The expansion or acquisition of foreign operations carries new and often unique risks that
may affect internal control, for example, additional or changed risks from foreign currency
transactions.
9. New accounting pronouncements:

Adoption of new accounting principles or changing accounting principles may affect risks
in preparing financial statements.
Information system- areas to be examined
The information system relevant to financial operating objectives which includes the accounting
system consists of the procedures and records designed and established to:
1. Initiate, record, process and report entity transactions
2. Resolve incorrect processing of transactions
3. Process and account for system overrides or bypasses to controls
4. Transfer information from transaction processing systems to the general ledger
5. Capture information relevant to financial reporting for event s and conditions other than
transactions such as the depreciation and amortization of assets
6. Ensure information required to be disclosed by the applicable financial reporting
framework is accumulated, recorded, processed, summarized and appropriately reported
in the financial statements.
Control activities relevant to the audit
Control activities are the policies and procedures that help ensure that management
directives are carried out and may pertain to following:
1. Performance reviews
2. Information processing
3. Physical controls
4. Segregation of duties
Control activities on a general basis have been illustrated here under:
Monitoring of controls
Monitoring of controls is a process to assess the effectiveness of internal control performance

over time. It involves assessing the effectiveness of controls on a timely basis and taking
necessary corrective actions.
Objectives of internal control

The objectives of an effectively functioning internal control mechanism are summarized as
under:
1. Transactions are executed in accordance with management’s authorization.
The authorization can be General or Specific depending on the nature of the transaction
and the complexity involved in recording and executing it.
2. All transactions be promptly recorded om the correct amount in the appropriate accounts
and in the accounting period in which executed so as to permit preparation of financial
information within a framework of recognized accounting policies and practices and
relevant statutory requirements,if any, and to maintain accountability for assets.
3. Assets are safeguarded from unauthorized access, use or disposition
4. The recorded assets are compared with the existing assets at reasonable intervals and
appropriate action is taken with regard to any differences.
Inherent Limitations of Internal Control

Effectively functioning internal controls are always a relief for the auditor. However, no matter
how strong and effective the control environment is, it is always subjected to inherent
limitations.
These inherent limitations of internal controls always warrant the need for substantive
procedures to be performed on material balances, as the auditor cannot place complete
reliance on the internal control mechanism due to its inherent limitations.
These inherent limitations are caused by factors listed below:
➢ Human Error:
The possibility of human error occurring can never be eliminated no matter how strong
the control mechanism. Inadvertent human error in casting, totalling, tallying, reconciling
will always be a vulnerability resulting in risk of misstatement.
➢ Control lapses and breakdowns:

Controls – manual or automatic are always at risk of breakdown due to human error or
technical lapses. This results in control not operating as effectively as intended.
➢ Collusion:
In environments where fraud risk factors exist, staff collusion cannot be written off. At
any given opportunity, there looms a risk of interdepartmental staff collusions to override
and by pass controls.
➢ Abuse of power:
Tone at the top dictates the effectiveness of governance and control mechanisms. If the
leadership frequently over rise controls, this can lead to abuse of power and authority
which ultimately affects the effectiveness of controls.
➢ Management Judgement:
Financial reporting is driven by estimates made out of management experience and
judgement. Even the most experienced leaders can be vulnerable to inaccurate estimates
not just in financial reporting but in operations too.
Impact of test of controls on audit strategy and planning

Tests of control is an audit procedure which will provide audit evidence as to whether the internal
control procedure is in place and working effectively. The focus of a test of control is the control
procedure. Here we need to understand that internal controls procedures have the following
bifurcation:
If the auditor identifies a control procedure to assess or test, he will acquire SAAE about the
effective working of that procedure.
For instance, if Authorization is the control the auditor identifies, whether or not purchases of goods
are authorized by the Purchase manager or whether the purchase of fixed assets above a certain
monetary threshold has been authorized by the Board of directors is what the auditor shall assess.
Tests of controls are not substantive procedures. Hence when performing a test of control, the
auditor does not test the account balance or transaction value that is reported in the financial
statements.
The effectiveness of internal controls has a direct bearing on ROMM. The assessed degree of ROMM
dictates the audit strategy and in turn this affects the nature, timing and extent of audit procedures
to be performed. Internal controls can either be effective or ineffective. The impact of the
effectiveness of internal controls on the audit process has been discussed here under:
Where the degree of effectiveness of internal controls is high
➢ Where the auditor assesses the degree of effectiveness of internal controls to be high,
automatically more reliance can be placed on:
a. Internal controls of the entity
b. Evidence generated internally within the entity.
➢ As discussed earlier in Lesson 5, Risk – where the degree of effectiveness of internal
controls is high, the control risk is low.
➢ A low degree of control risk corresponds to interim audit testing being
effective/appropriate.
➢ The quantum of substantive testing to be carried out corresponds directly the degree of
control risk. A lower degree of control risk (due to a highly effective internal control
system) warrants a lower quantum of substantive testing and vice versa.
➢ The quantum of substantive testing is directly proportional to the size and quantum of
audit samples that need to be collected as audit evidence. A lower degree of substantive
testing owing to a lower degree of control risk naturally translate into a smaller sample
size required to arrive upon the audit opinion.
➢ This naturally results in:
• Less comprehensive audit procedures
• Faster audit completion process
• Lower manpower resource requirement
Where the degree of effectiveness of internal controls is low
➢ Where the auditor assesses the degree of effectiveness of internal controls to be low,
automatically lesser reliance can be placed on:
1. Internal controls of the entity
2. Evidence generated internally within the entity.
➢ As discussed earlier in Lesson 5, Risk – where the degree of effectiveness of internal
controls is low, the control risk is high.
➢ A high degree of control risk corresponds to interim audit testing being ineffective/
inappropriate.
➢ The quantum of substantive testing to be carried out corresponds directly the degree of
control risk. A higher degree of control risk (due to a poorly effective internal control
system) warrants a higher quantum of substantive testing and vice versa.
➢ The quantum of substantive testing is directly proportional to the size and quantum of
audit samples that need to be collected as audit evidence. A higher quantum of
substantive testing owing to a higher degree of control risk naturally translate into a
larger sample size required to arrive upon the audit opinion.
➢ This naturally results in:
• More comprehensive audit procedures
• Slower audit completion process
• Higher manpower resource requirement
Impact on N-T-E of the audit
Degree of Degree of reliance Degree of Size of Audit

reliance on on evidence effectiveness of Quantum of Samples to be Timing of
Degree of Effectiveness Degree of Internal Controls generated within Interim Audit substantive acquired as Nature of Audit Extent of Audit Audit Manpower
of Internal Controls Control Risk of the entity the entity testing testing required evidence Procedures Procedures Process Required
Less
High Low High High High Low Small Comprehensive Low Faster Low
More
Low High Low Low Low High Large Comprehensive High Slower High
A higher degree of control risk impacts the scope and extent of the audit process. Naturally, the
audit plan has to be designed or re-evaluated to accommodate such a risk. This process has been
summarized and tabulated with the help of key pointer as under:
Audit Activity to be performed Tweaks to audit plan and execution

Control procedures to be conducted at and Increase in volume of control procedures
after the year end
Substantive procedures Increase in level of substantive procedures
Tests of detail Higher volume of tests of detail to be
conducted
Locations to be covered in the scope of audit Increase in locations to be covered
work
Reliance on written response and written Lower reliance will be placed on these written
representations from the management responses and representations.
Higher quantum of external audit evidence
will have to be sourced
External confirmations Higher volume of external confirmations to be
acquired from parties like customers, vendors,
lenders, etc.
Overall testing at final stage Higher quantum of tests driven by
circumstantial risk assessment
Material Weaknesses in Internal Controls

The process of evaluation of internal controls automatically results in the auditor identifying
material weaknesses in internal controls, if any.
Material weaknesses in internal control occur on account of:
➢ Design of internal control
➢ Implementation of internal control
➢ Maintenance of internal control
Any identified material weaknesses to internal control shall be communicated on a timely basis to
TCWG. Material weaknesses in control which merit the attention of TCWG are enumerated as
under:
➢ The likelihood of deficiencies and weaknesses in control leading to the financial statement
being materially misstated.
➢ Susceptibility of assets to losses owing to fraud/theft/misappropriation
➢ Subjectivity in determining amounts of estimates
➢ Important reporting quadrants of the financial statements like Revenue, EBIT, etc. being
exposed to deficiencies in control leading to these amounts being materially misstated.
Generally, any communication of deficiencies to TCWG happens by the medium of a report. A

cursory format of the contents of such a report are:
1. Deficiency Identified:
• The nature and description of why a particular aspect in the operating or
financial process is highlighted as deficient.
• The reason for highlighting such a deficiency can be supported with evidence or
in case it is driven by the auditor’s professional judgement, the same shall have
to be elaborated upon.
2. Consequence/ impact of deficiency:

• The impact of not correcting or not addressing the deficiency is highlighted here.
• It would be value additive if cardinal amounts are allocated as financial impacts
of deficiency wherever they can be measured or estimated.
• The cost of correcting the deficiency in terms of monetary or productive resource
hours too should be indicated.
3. Recommendation:
• The auditor shall recommend how the identified control deficiency can be
corrected.
• Here changes can be made in the existing system to ensure correction. However,
if necessary, a new system may have to be implemented depending on the
gravity of risk.
Case: The auditor has observed that some sales invoices are missing from the sales master file.
You are required to prepare a report to be addressed to TCWG identifying the deficiency,
consequence and recommendation for the above case.
Deficiency:
Sales invoices are missing from the sequentially numbered invoice file.
Consequence:
a. Sales are not completely recorded leading to reported revenue figures being understated
and eventually misstated.
b. Accounts receivables for credit sales will not be completely recorded leading to lapses in
cash collection and understated current asset position in the financial statements.
c. There will be an impact on the reported liquidity and operating profit figures of the entity.
Recommendation:
1. All invoices should be sequentially marked and filed by the sales department in the sales
information system.
2. Accounts department should be granted limited or restricted access to this information
system for the purposes of reconciliation
3. The accounts department is recommended to perform regular checks to ensure
completeness in reported revenue figures.
4. Missing items should be investigated and copies should be requested for.
Risk to internal control imposed by IT controls

Internal control mechanism in any organization is vulnerable to risks caused by human errors
and technological failures and breakdowns. This section summarizes the risk to internal
control imposed by IT as under:
1. Internal control systems are reliant on IT in the form of information systems and
programs. Here there are two risk factors:
a. Systems and programs processing data inaccurately owing to errors or flaws in
program design.
b. Systems and programs processing data that is inaccurate due to human errors in input
and capture of data
2. Unauthorized access to data results in destruction of data or improper changes to data
which include:
a. Recording of unauthorized or non-existent transactions
b. Inaccurate recording of transactions
This risk is amplified when multiple users access a common database.
3. Unauthorized changes to data in master files
4. Unauthorized changes to systems and programs
5. Failure to make necessary changes and upgrades to systems and programs
6. Inappropriate manual intervention
7. Potential loss of data or inability to access data as required.
8. The possibility of IT personnel gaining access beyond the degree necessary to perform
assigned duties thereby breaking down segregation of duties and authorization.
The above risks can be prevented and mitigated by implementing:

1. The following controls over IT systems:
• Batch total checks
• Sequence checks
• Matching master files to transaction records
• Arithmetic checks
• Range checks
• Existence checks
• Authorization of transaction entries
• Exception reporting
2. Ascertaining the effectiveness of system functioning:

The auditor will have to acquire evidence pertaining to the design and implementation of
controls by:
a. Conducting inquiries of relevant personnel
b. Observing the application of controls
c. Gaining an understanding of how a transaction is recorded in the systems (Process
walkthrough)
d. Inspecting standard operating procedures and internal procedure manuals.
In the above process, existing knowledge of the client’s systems and operations plays a crucial
role. Here due consideration has to be made for changes that have occurred in the client’s
systems and process improvement that have occurred between the previous audit period and the
current one.
These changes result in certain controls becoming redundant as they no longer address or counter
a significant risk. Although International standards on audit prescribe a test of controls every third
audit i.e. after every three years, professional experiences unanimously dictate a test of controls
to be performed before a fresh audit commences every year.
Documenting Client Systems

The auditor is required to document the understanding of the functioning of client’s systems. This
can be done in the form of:
a. Narrative notes
b. Flowcharts
c. Questionnaires
d. Internal control evaluation questionnaires
e. Organization charts
An overview of specific systems

A. Purchase System
The objectives of controls in the purchase system have been serially tabulated as under:
Sr. Stage Description of objectives

No
1 Requisition A purchase requisition for goods or raw materials is placed by the
respective department to authorized personnel
2 Authorization a. Authorized personnel (generally the purchase manager)
map the requisition with:
• Purchase/ Production budget
• Special order requirements
b. Authorization is provided subject to the requisition falling
within pre-defined budgets/ requirements
c. In case of an off-budget/ over the budget requisition, the
requisitioning manager will have to justify the requirement
and await approval.
3 Ordering a. Authorized personnel place orders with supplier/vendors
who have been screened and approved based on:
✓ Quality
✓ Reliability
✓ Pricing
b. Purchases that cater only to valid business use are placed
c. Orders are placed taking into consideration:
✓ Delivery lead times
✓ Disruption to production / retail
✓ Urgency of delivery / Waiting period for end
customer
✓ Idle time costs loaded to production
✓ Availability to stock goods/ material in the current
carrying facility
4 Receipt of goods a. Goods are checked and approved on sample check basis or
an overall basis depending on nature of order.
b. Only goods requisitioned by the company are received
c. Goods receipt is recorded immediately
5 Invoicing a. Invoice accompanying the goods is matched with order
placed to ensure that only requisitioned goods are received,
any shortage on receipt is promptly escalated to both
requisitioning and authorizing responsibility centres.
b. Invoices are subject to an accuracy check for:
• Quantity
• Price
• Discount
6 Recording a. Purchases can be made on the following basis:
• Cash basis
• Credit basis
• Availing a promotional scheme offered by the
vendor (special case)
b. For cash basis – a cash outflow is recorded
For credit basis - Accounts payable is/are recorded
c. Accuracy and appropriateness in value have to be ensured
in the amounts recorded
d. Appropriate cut-off has to be ensured – the purchase has to

reflect in the accurate period in which it has been made.
e. The cash purchase / credit purchase has to reflect in the
appropriate ledger masters in the financial information
system
7 Cash a. Cash disbursement has to be authorized by the accounts
Disbursement department.
b. The disbursement should strictly relate to the goods
purchased only
c. The disbursement shall be made within the credit period
offered by suppliers in case of credit ourchases
d. Any advance paid has to be accurately reversed on the
receipt of goods
e. Disbursement has to be made only once on specifically
defined dates of supplier payments in the period (monthly /
quarterly) in question.
B. Sales System
The objectives of controls in the sales system have been serially tabulated as under:

No
1 Order receipt a. An order for goods is received by the sales department.
b. Prior to establishing any commercial relationship with an
outsider, due diligence is a must and hence sales will send
the customer details to the legal/ risk management
department.
c. A supply order master should be created where supply codes
are generated corresponding to the order received.
2 Customer a. The legal/ risk management department shall perform a

verification and background verification of the customer who has placed the
due diligence order.
b. Any risk to the below mentioned areas while dealing with
the customer have to be highlighted:
✓ Reputation
✓ Collection of invoice value
✓ Litigation risk (in case the customer has a history of
returning goods and pressing charges)
c. On clearance from the legal/ risk management department
the order is sent for processing.
d. Customer verification and due diligence as a process is
crucial however it has to be performed in the most timely
manner possible so as not to loose the order received.
3 Order dispatch a. Based on the terms and conditions of the contract, the order
will either be:
• FOB shipping – Sales are recorded upon goods being
shipped.
• FOB Destination – Sales are recorded only upon
goods being received by the customer at the agreed
upon location of delivery.
b. The right order has to be dispatched to the right customer,
in full
c. The dispatch has to occur within the contractually agreed
upon time frame
d. Samples for testing / quality check by the customer maybe
separately indicated.
4 Invoicing a. Invoice should be attached with the goods dispatched as
well as be formally delivered over an electronic medium for
which an acknowledgement must be received and
documented in the sale file.
b. The invoice should be cross verified for accuracy in:
• Description of goods
• Quantity of goods
• Price
• Date of invoice
• Discounts offered, if any
5 Recording Sales a. The most crucial aspect of a sales system is revenue

recognition.
b. Revenue recognition has to be done as per the 5-step model
prescribed under IFRS 15.
c. Sales will be recognized as revenue only when all the
following conditions are satisfied:
✓ The risks and rewards of ownership have been
successfully transferred to the buyer. In case of:
• FOB Shipping risk and reward of ownership
are transferred when the goods are
dispatched from the premises of the seller.
• FOB Destination risk and reward of
ownership are transferred when the goods
reach the client location.
✓ The consideration for sale (in most cases cash) can
be collected with certainty and that there are no
known impediments in the ultimate collection of the
transaction price.
✓ In case of multiple goods, support services, annual
maintenance contracts and other billable
commitments, the sales consideration i.e., billing
price should be accurately allocated to each of the
mentioned items.
6 Cash collection a. Depending on the terms and condition of the contract, cash
shall be collected from the buyer. Here cash collection
implies an electronic fund transfer as well.
b. Collection teams should ensure the collection of cash as per
the contractually agreed upon period. In case there are
delays, applicable fines, penalties and interest should be
levied if the contract stipulations permit.
c. Credit should be granted only based on the customer’s
credit worthiness and market reputation with respect to
payment.
d. New customers/ first time dealings should not be granted
credit unless they become repeat buyers across 1 or 2
reporting periods.
C. Payroll System:
The objectives of controls in the sales system have been serially tabulated as under:

No
1 Inputs from 1. In most corporations today, HRMS are used to keep tab and
Human record over employee:
Resource • Attendance
Management • Leaves (paid and unpaid)
Systems • Hours worked daily
(HRMS) • Overtime
(Timesheets/ 2. HRMS are essentially tools that help generate data which is
clock cards) similar to clock -cards and time-sheets in its very substance.
3. This system ensures that employees are only paid for the
work that they perform during the salary period.
2 Payroll 1. Controls over payroll calculations will ensure that
calculation employees are remunerated at the correct rates of salary
2. The gross salary is accurately subjected to regulatory and
statuary deductions as per the law for the time being in
force.
3. The statutory deductions made from salary are deposited
with the regulatory deadlines at the accurate amounts with
the regulators.
3 Other 1. Other additions to pay are factored in the monthly or

deductions and annual takeaway packages, these include additions such as:
additions • Performance bonuses
• Commissions and perquisites offered to sales staff
• Reimbursement of expenses
2. Other deductions from pay include recovery of loans and
advances made to employees.
4 Generating 1. The receipt of salary by the employee should be
payslips accompanies with the generation of payslips in the name of
the employee that cover details of social security or any
other regulatory requirements of the law for the time being
in force. This enables clearer taxation compliances for both
employer and employee.
2. Payslips act as an invoice of services rendered by the
employee.
3. The payslips provide supporting while accumulation of
employee benefit cost in the income statement.
5 Recording 1. Salaries or employee benefit costs are period costs that
salaries in the have to be charged as an expense to the income statement.
income 2. In certain select cases, if the employee’s time and efforts
statement are dedicated entirely to the construction of an item of
property, plant and equipment or an intangible asset – the
salary cost instead of being expensed out in the income
statement is capitalized as a part of the asset to which the
employee dedicated his/her entire time and effort to.
However to ensure that such allocations are accurately
carried out there have to be efficient mechanisms within
the HRMS.
D. Cash and bank balances:
The objectives of control in a cash system are:
1. Mitigation and avoidance of fraud risk:

• Petty cash kept at a minimal level to avoid defalcations
• Receipts deposited on a timely manner to avoid theft
2. Authorization:
• Payments made only after approval of authorizing personnel is received. This shall
ensure that personal expenses or non-business expenses are not charged to
company account.
3. Physical safeguards:
• Cash is kept under lock and key to prevent theft
4. Monitoring:
• Timely records of cash movement are maintained and tallied against the bank
pass book.
Summarized below are certain objectives and the corresponding controls that help those
objectives:
Objectives Control Mechanisms

To ensure that cash • Withdrawals should be permitted only against
withdrawals are authorized authorized withdrawal requests in the form of slips or
forms.
• The withdrawal request should be authorized by the
cash controller or accounts manager
• The reason for withdrawal should be clearly stated
• The employee’s name making the withdrawal should be
clearly mentioned
• The date of withdrawal should be clearly indicated.
To ensure that the cash book, • The primary objective of physically safeguarding these
cheque book and bank pass books is to ensure that they are not fraudulently
book are physically manipulated or misused to effect unauthorized
safeguarded. transactions.
• The physical access of these books should be restricted
to senior resources like the Accounts controller, who can
be held personally accountable for any damage.
Control over electronic fund • Although EFTS are a secure medium of transferring
transfers carried out by the funds, there is no mechanism apart from effective
entity internal controls that stop and correct unauthorized
transfer of funds.
• EFTS are affected using Username, Password and PIN.
The access and knowledge of these sensitive details
should only rest with senior resources who can be
made accountable for any illicit movement
Also, weekly reconciliation of bank balances between the accounting records and the actual
banked balance are a must to ensure that the cash collection and deposit mechanism is
uncompromised.
Inventory system:
Inventories are often material to the financial statements. The receipt, issue to production, sale,
valuation, closing balance and order placement of inventory are areas that require requisite
controls. The objectives of inventory control systems are listed as under:
1. Operational efficiency:
• The inventory levels should meet the requirements of production and customer
demand.
• Inventory levels should be optimally maintained by applying disciplines like only
ordering economic order quantities
2. Completeness:
• All inventory movement in and out of the entity should be completely recorded.
3. Valuation:
• Irrespective of the method used to record and account for inventory which
could be FIFO, Weighted Average or LIFO (used only in US GAAP), the items of
inventory should be valued and reported at the lower of cost or net realizable
value. Only in case of exceptional circumstances laid out in IAS 2 is inventory
allowed to be valued and reported at its replacement cost.
4. Title of Inventory:
• Only inventory that the entity has a title over i.e. ownership is recorded in the
financial statements
• This covers goods sent on consignment basis and goods sent on approval or
return basis.
5. Physical safeguards:
• Physical safeguards include the secure storage of the items of inventory that
prevent theft
• Also, maintaining a clean, hygienic, ventilated and secure storage space ensure
that inventory is protected from physical damage – in the case of perishable
goods like food products damage caused by pests can lead to heavy losses.
Summarized below are certain objectives and the corresponding controls that help those
objectives:
Objectives Control Mechanisms

Maintaining such inventory 1. The quantity of inventory to hold and carry is driven by
levels that: past experiences with customer demand and
a. There is no disruption to production requirements.
production 2. Inventory falling below levels that could result in
b. There is no loss of disruption in production or loss of customer business is
customer a risk that has to be averted in this process.
orders/business 3. Ordering the economic order quantity at appropriate
time intervals is required.
4. The budget has to be so flexibly constructed that
inventory can be ordered at regular and strategi
intervals to overcome shortages so as to not loose
business or not face disruptions in production.
To ensure that the inventories 1. Inventory should be stored and carried in a
are physically safeguarded. warehouse if infrastructure permits.
2. The warehouse can be equipped with CCTV
cameras and other measures of physical security.
3. The inventory should be insured to indemnify
against unforeseen damages.
4. The warehouse should be hygienic and well
maintained to ensure that inventory is not spoilt in
the duration of storage.
Record movement of inventory 1. Inspect the GRNs and GDNs to see that they have
been stamped as entered into the system
2. Compare the date on the stamp to the date on the
GRN/ GDN to ensure that they have been entered
promptly.
3. Timely inventory counts to be conducted to ensure
that the quantity of inventory in hand reconciles
with the quantity of inventory reported in the
financial statements. Obsolete and damaged items
of inventory to be written off if detected in such
counts.
Chapter 9: Internal Audit 152
Chapter 9: Internal Audit
Table of contents:
12. The need for internal audit
13. The difference between internal and external audit
14. The scope of internal audit
- Additional roles of the internal auditor
- Periodic reviews to be performed by the internal audit function
15. The essential qualities of an internal auditor and an effective internal audit function
16. Limitations of internal audit
17. Outsourcing the internal audit function – Pros and Cons
18. Internal audit assignments
d. Operational audits
e. Audit of IT systems
19. Reporting
I shall tabulate, evaluate and escalate,

A set of findings that shall be binding
I do not certify but I certainly quantify – control, growth and effectiveness
All in a bundle of operational goodness.
The Need for Internal Audit
The role of internal audit as a function and the internal auditor as an employee or consulting
professional is to ensure that the entity has an effectively functioning control environment, which
automatically reduces the risk of errors or fraud. The need for internal audit is driven by:
• Scale and diversity of an entity’s activities.

• Complexity of operations
• Size of the employee work force
• Considerations of cost and benefit
• The need for senior management to acquire advice on risk mitigation
• To prevent the occurrence of fraud or misappropriation in the entity
Internal audit does not provide any assurance, there is no opinion, there is no attestation. Internal
audit is a deep dive into the operating, financial and administrative nitty-gritties of an entity to
ensure that revenues do not leak away and costs are controlled and wherever necessary bridged.
Embedding efficiency is the underlying flavour by ensuring that all wastages are plugged and
avoided. Internal audit has no defined end -point. It is perpetual in nature just like the entity.
The difference between internal and external control audit
External Audit Internal Audit

Objective External audit expresses an Internal audit aims to improve the
opinion on whether the financial company’s operations by reviewing
statements are true and fair. the efficiency and effectiveness of
This opinion is based on whether internal controls.
the financial statements are free
of material misstatements caused
due to fraud and error.
Appointment The external auditor is appointed Internal auditor is appointed by the
by the shareholders of the Management i.e., Board of Directors.
company. In cases where the company has in
In cases where the company has place an audit committee, the
an audit committee in place, the committee recommends candidates
auditor is recommended by the as internal auditors to the Board.
audit committee which is then
approved by the shareholders.
Scope of work The scope of work of an external The scope of an internal audit is much
auditor is primarily the attestation wider than that of external audit.
of whether financial statements Internal audit is not restricted only to
are true and fair. the financial statements. It is applied
Other allied attestations like to all operational and financial areas
certifications are also provided by of the enterprise at the discretion of
external auditors. the management to ensure
The scope of an external auditor is effectiveness and efficiency.
defined under the regulations of
the corporate laws of the
country/region.
Qualifications The academic qualifications of an Internal auditors are primarily
external auditor are defined as employees of the company.
per statute. Professional qualifications are
It is imperative that the external recommended; however, they are not
auditor be professionally mandatory. In cases where the
qualified. internal auditor has to be appointed
under statute say for instance in
countries like India, the internal
auditor too has to be professionally
qualified.
Independence The external auditor must be Internal auditors are required to
independent of the organization maintain a degree of independence
and management. The however, since they are employees of
requirements of independence the organization, internal auditors are
are defined in the statute which not considered to be independent of
prescribes the appointment of the the management or the organization.
external auditor.
Format of audit The format of the audit report is There is no fixed format of the
report prescribed under the statute that internal audit report. An internal audit
mandates the audit. International is objective specific and each
standards on audit and assurance deliverable is specific to the process
also provide formats of the audit evaluated or the control in question.

report that are generally accepted Hence, the report is made to serve
by lawmakers and regulators the the purpose of the activity being
world over. conducted. This makes each internal
audit report distinct and
differentiated than the other.
Addressee The externa audit report is The internal audit report is case and
addressed to the shareholders of scenario specific. It is addressed to
the organization. It is a necessary the management.
addendum to the annual financial
statements. Without the external
audit report, the annual financial
statements are considered to be
null and void.
Availability of The external audit report is a Then internal audit report is an
the report public document and it is internal document that is meant for
generally available as a part of the internal circulation and decision
Annual report of the organization. making. It is a confidential document
that addresses and covers sensitive
areas of business.
In specific cases where the internal

audit has been made statutorily
applicable, the internal audit report
then is a public document that is
available to the shareholders.
Scope of Internal Audit
The scope of internal audit includes a review of:

1. Internal control system and procedures
2. System regarding the custodianship and safeguarding of monetary and non-monetary
assets if the enterprise.
3. Compliance by the various segments with the policies, plans and procedures if the
enterprise as well as with the relevant regulations and laws.
4. System of collecting both monetary and non-monetary data- to ensure that the
information given to the management and to external agencies is relevant and reliable
5. Organizational structure of the enterprise and its congruence with its objectives
6. Efficient and economical use of available resources, tangible as well as intangible
7. Accomplishment of goals and objectives
Within the above scope, the key activities to be performed by the internal auditor are
summarized as:
Sr. No Area of Work performed by the internal auditor

Evaluation
1 Corporate ➢ The internal auditor shall assess whether the company has in
governance place appropriate governance mechanisms.
➢ Once it has been determined that the degree of governance
suits the size and scale of the organization, the internal
auditor shall assess whether the best practices of corporate
governance are being implemented by the organization.
➢ The internal auditor shall support in the implementation of
best governance practices to ensure an effective degree of
control is in place.
2 Risk ➢ The internal auditor shall help in installing mechanisms that
Identification help identify key risks in operations, finance and
and administration.
management ➢ These mechanisms are generally process / procedure
/activity specific risk control matrices
3 Internal ➢ The internal auditor will check the current effectiveness of
controls internal controls and identify gaps and weaknesses.
➢ On consultation with and directives from the management,
the auditor will implement mechanisms and measures to
strengthen controls and plug gaps therein.
4 Financial ➢ The financial information that is compiled and published by
information the organization must be reliable. The internal auditor will
ensure that the internal controls over financial reporting are
operating effectively so that the financial information
presented in the financial statements is not misleading.
5 Operating ➢ The internal auditor assesses the efficiency, effectiveness,
activities and economic feasibility of operating activities.
➢ This enables the internal auditor to identify revenue
leakages and process weaknesses, which are brough to the
attention of the management for corrective action.
6 Compliance ➢ The internal auditor shall make a list of all compliances
applicable to the organization and assess whether they are
being complied with on a timely manner.
➢ Compliance failures and lapses shall be highlighted to the
management and mechanisms will be put in place to avoid
such lapses.
7 Fraud ➢ The internal auditor has to identify the risks of the
Detection organization being susceptible to fraud.
➢ These risks have to mitigated as per directives from the
management and TCWG. The internal auditor makes
contributions in recommending mechanisms and processes
that can result in the timely detection and avoidance of
fraud,
Additional role of the internal auditor:
In addition to the above key activities, the internal auditor also performs the following functions:
Periodic and continuous review as applicable, is the critical success factor of internal audit. The
following reviews have to be regularly undertaken by the internal audit function to ensure
effectiveness and value addition to the reporting entity:
1. Review of internal control systems and procedures

2. Review of custodianship and safeguarding of assets
3. Review of compliance with policies, plans, procedures and regulations
4. Review of relevance and reliability of information
5. Appraisal of organizational structure
6. Review of utilization of resources
7. Review of accomplishment of organizational goals and objectives.
Essential qualities of an internal auditor and an effective audit function
Essential qualities of an internal auditor Essential qualities of an effective audit

function
1. The internal auditor must have the An effective internal audit function must be:
special expertise necessary for • Sufficiently resources, both financially
evaluating internal control systems, and in terms of qualified and
specially w.r.t financial and experienced staff
accounting aspects • Well organized so that it has well
2. Internal auditor should have financial developed work practices
and accounting expertise • Independent and objective to provide
3. Internal auditor must have the ability an unbiased view of the
to evaluate operational performance organization’s operations.
and non-monetary operational • The Chief internal auditor must be
controls appointed by the audit committee to
4. Internal auditor must have knowledge reduce management bias
of commerce, laws, taxation, cost • Have no operational responsibilities,
accounting, economics, quantitative which reduces the threat of self-
methods and automated systems review
5. Internal auditor must have an • Adhering to a work plan that has
understanding of management been pronounced in consultation
principles and techniques so as to deal with and by the approval of the audit
with people working in the entity committee
6. Internal auditor must ensure • Not face any scope limitation on their
confidentiality of information scope of work i.e. full access must be
acquired in the course of his work granted to every part of the
organization.
Limitations of internal audit
The function of internal audit although an efficiency booster faces its own limitations. These
limitations are driven by the nature and type of entity using the internal audit function. There can
never be a one size fits all internal audit function across industries or even for companies within
the same industry as each entity has its own distinct risk fingerprint.
The generic limitations of internal audit have been listed down as under:
1. Lack of independence from the organization and/or the management:
An in-house internal auditor or internal audit function are employees of the company. The
employer-employee relationship between the internal auditors and the company creates a clear
lack of independence. While organizations do strive to achieve the highest degrees of effective
corporate governance, an in-house internal audit function will always be driven by the tone at the
top. Despite the best intent of the internal auditor, the scepticism that they are executing the
ulterior motives of the management will always play large in the mind of an external observer.
Without the element of independence, the internal auditor may not be able to effectively challenge
prevalent management practices and policies.
2. Integration with the finance function:
The internal audit function must be overarching as an observer and course corrector over all
functional departments and functions in an organization. However most small and mid-size
companies integrate the internal audit function with the finance function. Fundamentally the act of
performing accounting and financial management is distinct form establishing internal controls over
effective financial reporting and financial management. The internal audit function is multi-
disciplinary and integrating it with the finance function reduces the overall effectiveness of internal
audit.
3. Familiarity threat:
The internal auditor and internal audit function has access to all the functional departments of an
organization making them privy and party to sensitive organizational information. The employment
longevity i.e. longer duration of staying employed with the organization increases the possibility of
leniency and overlooking smaller control defects and flaws. This greatly increases risk in cases of
unforeseen or undealt challenges.
Outsourcing the internal audit function- Advantages and Limitations
Advantages of outsourcing the internal audit function:
1. Independence:
Essentially, organizations enter into professional services contracts with professional
internal audit service providers to avail their internal audit services and expertise. These
professional firms follow high standards of professionalism and adhere to the ethical code
of conduct prescribed by professional bodies such as the Association of Chartered Certified
Accountants, Institute of Chartered Accountants of England and Wales, etc. This enables a
strong degree of independence to be maintained on the part of the internal auditor. In
addition to this, an external service provider is free to resign an assignment which
raises/creates concerns regarding their independence in case of pressure or non-
cooperation from the management of the auditee entity.
2. Qualified, competent and experienced staff:

Professional internal audit firms employ professionally qualified, experienced and
knowledgeable resources to their fold. The staff in these firms undergoes regular training
and development which keeps them adrift of all the latest financial, reporting and
compliance updates. The professionals performing the internal audit activities here draw
their expertise from multiple industries and corporations, in addition to which they have
years of valuable experience that enables them to deliver qualitative and customer centric
professional services. Such firms have the skills of industry experts and specialists readily
available and there is never a skill shortage that can be encountered when engaging such
firms.
3. Cost effective management:

As opposed to having an internal audit team/function that is on the payrolls of the company
which creates a large fixed employee cost, the services of a professional service firm can be
selectively engaged. This reduces the incidence of cost while qualitative services are
received. Automatically, the risk of staff turnover is avoided.
4. Confidentiality agreements:
Professional services firms have sacrosanct clauses of confidentiality with respect to client
privacy, data and information acquired in the course of the engagement. This creates a
protected environment enabling the client to share sensitive information about their
business which is then used by the internal auditor to provide better solutions.
5. Better access to technologies, tools and AI:

Professional firms use best in class audit tools, tech and AI for performing data analysis and
providing integrated solutions. These tools and tech enable the organization to analyse
their own performance and derive solutions without having to incur the heavy capital cost
of purchasing these technologies.
6. Creation of management band-width:

Engaging an outside service provider enables the management and staff to save their
operational time and focus the same on the core business and revenue generating activities
of the company.
Disadvantages of outsourcing the internal audit function:
1. Lack of loyalty and personal element:

Professionalism cannot be confused for loyalty. Under a professional service
agreement, the internal auditor, stays true to the firm that employs him. Providing
any value additions, extra support or handholding is always mapped the original
service agreement which may find all of these out of scope. Further it can be
reasonably argued that the inhouse staff will always have a more personal level of
understanding and better integration with the company’s culture than an outsider
which makes the services of an inhouse resource more desirable.
2. Contractual constraints:
Engagements with contractual firms are driven by iron clad agreements that make
scope revision and value additions difficult. The service providers may lack flexibility
and availability owing to having to adhere to the contractual requirements.
3. Element of high professional service fees:

Larger and more experienced the internal auditor, higher the fees. Some of the larger
internal audit firms are know to charge exorbitant fees for their services. It can be
argued that such services do command higher fees, however the organization must
perform a thorough cost benefit analysis before engaging such firms.
4. Ethical dilemmas and conflicts:

j
Value for money assignments:
An assignment is analysed for its ability to deliver value for money based on three indicators – the
3 Es as under:
Value for money assignments aim at receiving the best possible services at the most economical
and justifiable cost. An organization must aim to maximize the value of services it receives for the
costs it bears.
Performance indicators help determine if the possible value for money has been received for the
cost borne. These indicators differ from company to company and industry to industry. The
highest applicability of the value for money criteria is observed in public sector or not for profit
organizations.
Take for instance a public sector/ government operated school:
• Economy: Cost of providing school education per student per year

• Efficiency: Number of students taught in each academic year, annually.
• Effectiveness: The passing rates of students in examinations conducted.
Here students need to understand that acquiring resources for a cheap/economical rate in
isolation is not value for money.
Take for instance a material supplier who supplies materials at a rate 25% cheaper/lower than the
prevailing market rate. However, if these materials are used, they require 50% more quantity as the
cheap price results in low quality materials that do not withstand a robust manufacturing process.
Operational Audit:
Operational audit is the review and appraisal of operations of an organization conducted by

competent independent person. It analyses the regular operations like production, purchase,
sales, etc. to check whether they are in tune with the company’s policies, objectives and goals –
or not.
Types of operational audits”

a. Functional audits
b. Organizational audits
c. Special assignments
Objective and scope of operational audit:
1. Appraisal of costs
2. Evaluation of performance
3. Appraisal of objective and plans
4. Appraisal of organizational structure
Audit of IT systems:
In an increasingly digitized world, enterprises use IT not merely for data processing or recording
transactions. The role of IT has become far more strategic and focused towards creation of a
competitive advantage. IT as a function has progressed from data processing to Management
information systems to Decision Support Systems to an automated online business enabler.
The external auditor is more concerned with the accuracy and fairness in financial reporting that
IT enables an organization to achieve. However, the internal auditor has to view IT more from a
value for money vantage point. The internal auditor considers the following aspects for an audit
of IT systems:
1. Segregation of duties for the procurement of IT assets and resources
2. Controls used to Safeguard IT assets and resources
3. Controls used to identify maintenance requirements for IT assets and resources
4. If the reliance of the organization on IT is more from an operational standpoint, the
internal auditor has to ensure that IT is contributing towards the achievement of business
objectives.
The internal auditor has to ensure that IT as a function contributes to business process and
business objectives. For this the internal auditor has to evaluate the effectiveness of the IT
function at the following levels:
a. Strategy and planning
b. Management control
c. Operations and execution including operational control.
Financial Audit:
The aim of any reporting system is to create reliable information. An effective financial reporting
system aims to create information that is:
• Accurate
• Complete
• Timely and efficient
These factors are the determinants of the reliability of information.
Such information acts a compass for the management and those charged with governance in
overseeing the functioning, operations and overall management of the company/entity.
Stakeholders like shareholders, investors, lenders, vendors, etc. also derive directional and
decision-making utility from such information.
Financial information generally encompasses:
• Financial statements
• Monthly management information systems
• Financial projections and forecasts
• Interim financial information used by management
• Crux/ crucial ledgers used in decision making
Internal audit is a tool for managing and mitigating risk. Internal audits around financial
information aims to ensure that the information presented is:
• Reliable (Accurate + Complete + Timely)

• Efficient
• Constructed in a cost-effective manner
Internal audit around financial information is a valuable input for internal decision making. This
process helps the decision makers of an entity assess the financial health of the business. Internal
auditor of financial information focuses on processes and control that are in place to ensure the
creation of financial information. Also, there are triggers instituted that help identify risks such as:
• Economic fluctuations in foreign currency and exchange rates

• Economic fluctuations in borrowing and lending rates of interest
• Inflationary impact on the prices of inputs and the total cost of production thus helping to
derive a competitive selling price.
Reporting
The external auditor’s report is subject to defined format that has been laid down as per applicable
corporate laws of the country or region in question. These laws draw references from the
International Standards on Auditing (ISA). Each country or region has a professional regulator that
oversees the audit profession, for instance in India the Institute of Chartered Accountants of India
(ICAI) lays down standards on auditing in consultation with the Indian Ministry of Corporate Affairs
(MCA), these standards prescribe a format for the external auditor’s report.
However, the need for internal audit the need may not always be pronounced by law or regulation.
Internal audit is need based, case/project specific where the finds are meant to act as inputs for the
management to bring about improvements in or maintain a certain level of efficiency.
While external audit reports are public documents that certify the authenticity of the financial
statements, internal audit reports are internal documents that focus on the overall process
efficiency of the organization. These reports are focused on improving and maintaining internal
controls across various operational, financial and administrative processes.
Typically, internal audit reports include:
Terms of • The objectives of the internal audit assignment/ project

reference • The requirements of the internal audit assignment
• The mode and philosophy of execution.
• Pointers for take-aways for the concerned user
Executive • This section of the report summarizes the assignment from the
summary problem being addressed to the executive solution provided for
the same.
• Here, key risks are identified and linked to their sources.
Recommendations are made on how these risks have to be
managed, mitigated or circumvented.
• The executive summary acts as the crisp summary of the report
enabling the user to derive operational value by referring to the
same.
Body of the • The body of the report is the most crucial aspect of the report. It is
report an in-depth analysis of the methods applied, risk identified,
process improvements ideated and way forward defined in the
form of reviewing mechanisms.
• Actual process gaps, weaknesses, strengths, obsolescence,
corrective action is prescribed in this portion.
• The body of the report acts as an operational manual for functions
that are covered in the audit assignment.
• The body of the report emphasizes on the basis of making various
conclusions of the internal audit exercise
Appendices • Here, the sources of information are listed enabling the user to
draw references and parallels to the data that is driving the
findings and conclusion.
• On a generic basis any additional information that doesn’t belong
in the body of the report but which is relevant to the assignment is
covered here.
Chapter 10: Procedures 164
Chapter 10: Procedures

This lesson on procedures focuses on the audit procedures of vouching and verification. These
procedures can be considered to be the very bricks and mortar of auditing process. Vouching and
verification primarily are a test of all assertions made by the management while reporting
transactions, accounting balances and while making their corresponding disclosures.
Table of contents:
1. Directional testing
2. Audit of:
• Share capital
• Reserves and surplus
• Borrowings
• Trade receivables
• Cash and cash equivalents
• Inventories
• Tangible Fixed assets
• Intangible fixed assets
• Trade Payables
• Revenue / Sales
• Purchases
• Employee benefits
• Depreciation/Amortization
• Other expenses – Vanilla items
• Audit of Not-for-profit organizations
Directional Testing
• Direction al testing is the technique applied to test debit and credit entries.
• Directional testing is applied as under:
a. Tests for understatements – Bottom-up approach
b. Tests for overstatements Top-Down approach
Testing for understatement Testing for overstatement

➢ Testing for understatement applies to ➢ Testing for overstatement applies to
credit balances – liabilities and incomes debit balances – assets and expenses
➢ Balance is considered to be understated ➢ Balance is considered to be
if: overstated if:
• Items that should be included • Items that should not be
are not included – Notrecording included are included
outstanding expenses as • Items are recorded at
liabilities leads to the amounts higher than they
understatement of liabilities should be.
thereby portraying a
liability free image of the entity.
• An item which has been

included is recorded at an
amount lower than it should be
i.e.., an error has been made.
➢ Assertions tested: ➢ Assertions tested:

• Completeness • Existence
• Accuracy • Rights and obligations
• Valuation • Occurrence
• Accuracy
• Valuation
Assertions used in financial statements
Income statement
(a) Occurrence: Transactions recognized in the Income statement have occurred and relate to the
entity.
(b) Completeness: All transactions that were supposed to be recorded have been recognized in the
Income statement and further, transactions have been recognized in the correct accounting
periods.
(c) Cut-off: Whether all income and expenses are reported in the correct accounting period. Cut-off
is a separate assertion because the substantive procedures to verify it are typically different from
those applied to the other components of completeness.
(d) Measurement: Transactions have been recorded accurately at their appropriate amounts and
further, transactions have been classified and presented fairly in the income statement.
(e) Presentation and Disclosure: Transactions have been classified and presented fairly in the
financial statements. Presentation and disclosure assertions are considered during the course of
the audit to determine that disclosures are complete and accurate.
Balance Sheet
(a) Existence: Assets, liabilities and equity balances exist as at the period end.
(b) Completeness: All assets, equity and liabilities balances that were supposed to be recorded have
been recognized in the balance sheet
(c) Cut-off: Whether all assets and liabilities are reported in the appropriate period.
(d) Valuation: Assets, liabilities and equity balances have been appropriately valued i.e. the
amounts at which they are recorded are appropriate. There has been no overstatement or
understatement.
(e) Rights & Obligations: Entity has the right to ownership or use of the recognized assets, and the
liabilities recognized in the balance sheet represent the obligations of the entity.
(f) Presentation and Disclosure: Whether particular items in the FS are properly classified, described
and disclosed. Presentation and disclosure assertions are considered during the course of the audit
to determine that disclosures are complete and accurate.
Audit of Share Capital
Assertions to be examined:
Existence To establish the existence of share capital as the period end

Completeness To ensure that equity balances that were supposed to be
recorded have been recognized in the balance sheet
Valuation To ensure that equity balances have been valued appropriately
Presentation and Disclosure To check whether required disclosures for equity have been
appropriately made
Audit Procedure:
1. Compare the year end balances of authorised, issued and paid-up share capital, to the
previous year audited F.S.
2. If there is no change during the year, obtain a written representation from the
management that there were no changes to capital structure during the year.
3. If there is any change, obtain the certified copies of relevant resolutions passed at the
meetings of board of directors, members authorising the changes in authorised and paid-
up share capital.
4. Verify whether the paid-up capital as at the year-end is within the limits of authorised
capital.
Audit Procedure in special cases:
Issue of shares at premium
• Where a company has issued shares at a premium, whether for cash or otherwise, company
shall transfer the amount received by it to securities premium account and state the means
in which the amount in the account can be applied.
• Auditor needs to verify whether the premium received on shares, if any, has been
transferred to a "securities premium account" and whether the application of any amount
out of the said "securities premium account" is only for the purposes mentioned above.
Any share issued by a company at a discount shall be void. Auditor needs to verify that the
company has not issued any of its shares at a discount. For this purpose, he may read the minutes
of meeting of its directors and shareholders authorizing issue of share capital and the issue price.
Audit of reserves and surplus
Meaning of Reserve
Reserves are amounts appropriated out of profits which are not Intended to meet any liability,
contingency, commitment or diminution in the value of assets known to exist at the date of the
Balance Sheet.
Reserves are made up of amounts appropriated out of profits, held for equalising the dividends of
the company from one period to another or for financing the expansion of the company or for
generally strengthening the company financially.
Meaning of Provisions
Provisions are amounts charged against revenue to provide for depreciation, renewal or diminution
in the value of assets or a known liability the amount of which cannot be determined with
substantial accuracy or a claim which is disputed.
Amounts contributed or transferred from profits to make good the diminution in assets values due
to the fact that some of them have been lost or destroyed, as a result of some natural calamity or
debts have proved to be irrecoverable are also described as provisions.
Provisions are normally charged to the Statement of Profit and Loss before arriving at the amount
of profit.
Reserves Provisions
It is an appropriation of profit It is a charge against profit
They are not intended to meet any liability, They are made to provide for depreciation,
contingency, or diminution in the value of renewal, or a known liability or a disputed
assets though may be made for some specific claim.
purpose, like redemption of debentures.
Reserves cannot be created unless there is a They must be created regardless of profit
profit except a few like revaluation reserves
Reserves are generally optional except few Provisions are not optional and have to be
examples like creation of Debenture made as per generally accepted accounting
Redemption Reserve, etc principles.
Types of Reserves
➢ Revenue Reserves:
Revenue reserves represent profits that are available for distribution to shareholders held
for the time being or any one or more purpose, eg, to supplement divisible profits in lean
years, to finance an extension of business, to augment the working capital of the business
or to generally strengthen the company's financial position.
➢ Capital Reserves:
Capital reserve represents surplus or profit earned in respect of certain types of
transactions (like sale of fixed assets at a price in excess of cost, realisation of profits on
issue of forfeited shares, etc.) which are not regarded by the directors as free for
distribution as a dividend. Capital Reserves does not include any amount regarded as free
for distribution through the Statement of Profit and Loss. Capital reserves includes share
premium, capital redemption reserve, development rebate reserve and profit on reissue of
forfeited shares.
➢ Existence:
To establish the existence of reserves and surplus as at the year end.
➢ Completeness: Reserves and Surplus balances that were supposed to be recorded have
been recognized in the financial statements.
➢ Valuation: Reserves and Surplus balances have been valued appropriately
➢ Presentation and disclosure: Required disclosures for reserves and surplus have been
appropriately made.
Audit Procedure
1. Compare the opening balance of reserves and surplus to the previous year audited financial
statements.
2. For addition/utilisation in current year, in case of:
• Income Statement: Trace the movement as disclosed in Statement of changes in Equity to

Surplus/Deficit as per Income statement for the year under audit.
• For adjustment related to dividend payment and dividend distribution tax verify the
resolution passed by the board of directors regarding declaration of dividend.
3. Other Equity: Understand the underlying reason for the transaction.

Disclosure requirements for individual components of other equity
For each component of other equity, whether the company has disclosed the following (to the
extent applicable):
(1) Balance at the beginning of the reporting period
(2) Changes in accounting policy or prior period error
(3) Restated balance at the beginning of the reporting period
(4) Total Comprehensive Income for the year
(5) Dividends
(6) Transfer to retained earnings
(7) Any other change (to be specified)
(8) Balance at the end of reporting period

Audit of Borrowings
1. Existence: Ensure that all borrowings on the balance sheet represent valid claims by banks
or other third parties.
2. Completeness: Ensure that all borrowings have been accounted for in the books of the
company on a timely basis.
3. Valuation: Ensure that liability is recorded at the correct amount.
4. Presentation and disclosure: Ensure that borrowings have been presented, classified and
disclosed in the Balance Sheet in accordance with the requirements of applicable financial
reporting framework.
Audit procedure for “existence”
1. Review board minutes for approval of new lending agreements. During review, ensure that
new loan agreements or bond issuances were authorized. Ensure that significant debt
commitments were approved by the board of directors.
2. Agree details of loans recorded (interest rate, nature and repayment terms) to the loan
agreement. Verify that borrowing limits, if any, imposed by agreements are not exceeded.
3. Roll out and obtain independent balance confirmations (ISA 505) in respect of all the
borrowings from the lender (banks/ financial institutions etc.).
4. Agree details of leases and hire purchase creditors recorded to underlying

contracts/agreements.
5. In case of Debentures, examine trust deed for terms and dates of redemption, borrowing
restrictions and compliance with covenants.
6. When debt is retired, ensure that a discharge is received on assets securing the debt.
7. Obtain Written Representation that all the liabilities which have been recorded represent
a valid claim by the lenders.
Direct confirmation procedures
Roll out and obtain independent balance confirmations in respect of all the borrowings from the
lender (banks/financial institutions etc.) and perform the following:
1. Ascertain that the confirmation asks for all information likely to be relevant to the tests of
debt and related interest balances (eg, applicable interest rates, due dates, collateral and
security interests).
2. Send reminders for non-replies.
3. Compare the balances are per the confirmations obtained to the books of account. Ask for
reconciliations, if there are any differences and test the supporting documents for the
reconciling items on a test check basis.
Audit procedure for Completeness
Obtain a schedule of short term and long-term borrowings (including debts outstanding at the end
of the previous year, as well as any new debt or renewal of debt) showing beginning and ending
balances and borrowings taken and repaid during the year, and perform the following:
1. Consider any evidence of additional debt obtained through examination of minutes of the
board of directors, significant contracts, confirmations from banks/lenders, support for
subsequent cash disbursements (when testing payables) etc.
2. Trace the closing balances as per the schedules to the general ledger.
3. Review subsequent transactions after the end of the reporting period to determine if there
are unrecorded liabilities at year end and the transactions are recorded in the correct
period. (e.g.: Fresh loan taken near the balance sheet date)
Audit procedure for Validation
1. Determine that the accounting policies and methods of recording debt are appropriate and
applied consistently.
2. Agree loan balance and loan payables to the loan agreement.

3. Recompute the Interest and discount or premium on redemption, if any.
4. Check computation of the amortization of premium or discount, if any.
5. For foreign currency loans, check the closing exchange rate(s) used and verify the
computations of the restatements of foreign currency balances outstanding at year end.
6. Read the provisions in loan and debt agreements and perform the following:
(a) Test that the entity is in compliance with loan covenants and other significant provisions
of the agreements.
(b) If there are any provisions with which the entity is not in compliance, determine
whether the debt should be classified as current. If enforcement of the provisions has been
waived by the lender in case of breach of any covenant by the entity, obtain confirmation
of the waiver from the lender.
7. Examine the due dates on loans for proper classification between long-term and short-
term.
8. Where Instalments of long-term loans falling due within the next twelve months have
been disclosed in the financial statements (e.g. in parentheses or by way of a footnote),
verify the correctness of the amount of such instalments.
9. Examine the debt agreements for any restrictive covenants. Review restrictive covenant
and provisions relating to default and ensure disclosure thereof in the financial statements.
10. Examine the important terms in the loan agreements and the documents, if any, evidencing
charge in respect of such loans and advances. Examine whether the requirements of the
applicable statute regarding creation and registration of charges have been complied with
including disclosure of the same to the extent mandated by statute and considered
necessary for proper understanding of the user of financial statements.
11. In case the value of the security falls below the amount of the loan outstanding, examine
whether the loan is classified as secured only to the extent of the market value of the
security.
12. Examine the hire purchase agreements for the purchase of assets by the entity and
ensure the correctness of the amounts shown as outstanding in the accounts, and also
examine the security aspect.
13. Carefully review the borrowings from related parties and ensure compliance with IAS 24.
14. Verify whether liabilities towards bank in respect of bills discounted, bills negotiated,
cheques discounted, etc. are correctly reflected and disclosed in the financial statements.
15. The auditor should also verify that the amount borrowed is within the borrowing powers
of the company as laid down by the Articles of Association and Memorandum of
Association.
Audit of Trade Receivables
• Existence: To establish the existence of trade receivables as at the year end

• Completeness: To ensure that trade receivable balances that were supposed to be recorded
have been recognized in the balance sheet
• Valuation: To ensure that trade receivable balances have been valued appropriately
• Presentation and Disclosure: To ensure that trade receivables have been presented,
classified and disclosed in the Balance Sheet in accordance with the requirements of
applicable financial reporting framework.
Essential features of internal controls w.r.t. trade receivables
It is important to carry out Test of Controls for checking the effectiveness of internal control over
sales as a part of the debtors' audit procedure. Following points need to be considered in respect
of trade receivables:
a. Only bona fide sales lead to trade receivables.

b. All such sales are made to approved customers.
c. All such sales are properly recorded in the books of account.
d. Once recorded, the debtors can be settled only by receipt of cash or on the authority of a
responsible official.
e. Segregation of duties at every point in sales transaction.
f. Debtors are collected on time.
g. In case debtors are not collected in time, sending reminders and taking legal actions if
required.
h. Balances are regularly reviewed.
i. A proper system of follow up exists and if necessary, adequate provision for bad debt
should be made by preparing adequate ageing schedule of the debtors.
Audit Procedure
For verification of existence assertion:
➢ Check whether there are controls in place to ensure that invoices cannot be recorded more
than once and receivable balances are automatically recorded in the general ledger from
the original invoice.
➢ Ask for a period-end accounts receivable ageing report and trace the balance as per the
report to the general ledger.
➢ Check whether realization is recorded invoice-wise or not. If not, check that money
received from debtors is adjusted chronologically invoice-wise and on FIFO basis f.e.
previous bill is adjusted first.
➢ If any large balance is due for a long time, auditor should ask for reasons and justification
for the same.
➢ A list of trade receivables selected for confirmation should be given to the entity for
preparing request letters for confirmation which should be properly addressed.
➢ The auditor should maintain strict control to ensure the correctness and proper despatch
of request letters. It should be ensured that confirmations as well as any undelivered
letters are returned to the auditor and not to the client.
➢ Any discrepancies revealed by the confirmations received or by the additional tests carried
out by the auditor may have a bearing on other accounts not included in the original
sample. The Company should be asked to investigate and reconcile the discrepancies, if
any, Where no reply is received, the auditor should perform alternate procedures
regarding the balances. This could include:
• Agreeing the balance to cash received subsequently;
• Preparing a detailed analysis of the balance, ensuring it consists of Identifiable
transactions and confirming that these revenue transactions actually occurred.
(Examination In depth for those balances)
➢ If there are any related party receivables, review them for collectability as well as whether
they were properly authorized and the value of such transactions were reasonable and at
arm's length.
➢ Check that receivables for other than sales or services are not included in the list.
➢ Review a trend line of sales and accounts receivable, or a comparison of the two over time,
to check if there are any unusual trends Le. perform Analytical procedures. Make inquiries
about reasons for changes in trends with the management and document the same in audit
work papers.
For verification of Completeness Assertion
Completeness assertion in respect of account balances means that all pleteness" balances which
should have been recorded have been recorded. The auditor needs to satisfy himself about cut off
so that there is no understatement or overstatement in account balances of trade receivables.
In this context, while verifying completeness assertion of trade receivables, following audit
procedures are required:
a. Check that in respect of invoices raised in last few days nearing the cut off date, goods have
been actually dispatched and not lying with the company.
b. Check stock records, e-way bill, and transporter receipt regarding actual movement of
goods. It would provide assurance that export invoices in respect of which revenue was
booked have been actually moved out of company's premises.
c. Ensure that all goods invoiced prior to cut off date/year end have been included in
receivables on test check basis.
d. Ensure that no goods dispatched after year end have been included in receivables by tracing
entries in sales, stock records of next year. The same can be verified from e-way bills also
match invoices to dispatch/shipping details. Further match invoices dates to dispatch dates
to see if sales are being recorded in correct accounting period.
e. Test invoices in receivable report. Select invoices from ageing report of receivables and
compare them with supporting documentation to ensure that these are billed with correct
names, dates and amounts.
For verification of valuation assertion
➢ Review the process followed by the Company to derive an allowance for doubtful accounts.
This will include a consistency comparison with the method used in the last year, and a
determination of whether the method is appropriate for the underlying business
environment.
➢ Obtain the ageing report of accounts receivable (both Dr/Cr balance). split between not
currently due, 30 days old, 30-60 days old, 60-180 days old, 180-365 days old and more
than 365 days old.
➢ Also, obtain the list of debtors under litigation and compare with previous year.
➢ Scrutinize the analysis and identify those debtors which appear doubtful; discuss with
management about reasons as to why these debtors are not included in the provision for
bad debts. Perform further testing where any disputes exist.
➢ He should check if provisions are made at appropriate rates considering the recoverability
of amounts due.
➢ Prepare schedule of movements of bad debts - Provision accounts and debts written off
and compare the proportion of bad debt expense to sales for the current year in
comparison to prior years to see if the current expense appears reasonable.
➢ Check that write-offs of the receivable balances have been approved by an appropriate
authority.
Direct confirmation Procedure:
1. The auditor employs direct confirmation procedure with the consent of the entity under
audit. If management does not allow the auditor to seek confirmation from certain trade
receivables, the auditor should consider whether there are valid grounds for such a request.
2. While determining the information to be obtained, the auditor should consider all relevant
factors such as the effectiveness of internal control, the apparent possibility of disputes,
inaccuracies or irregularities in the accounts and the materiality of the amounts involved.
3. The trade receivables may be requested to confirm the balances either
(a) as at the date of the balance sheet, or
(b) as at any other selected date which is reasonably close to the date of the balance sheet
4. Where the auditor decides to confirm the trade receivables at a date other than the balance
sheet date, he should examine the movements in debtor balances which occur between the
confirmation date and the balance sheet date and obtain sufficient evidence to satisfy himself that
debtor balances stated in the balance sheet are not materially misstated.
5. The form of requesting confirmation from the trade receivables may be

(a) the 'positive' form of request or
(b) the 'negative' form of request.

6. Where positive form of request is used, the auditor may, in appropriate cases, request the entity
to follow up with a reminder to those trade receivables from whom he receives no replies.
7. Any discrepancies revealed by the confirmations received or by the additional tests carried out
by the auditor may have a bearing on other accounts not included in the original sample. The entity
should be asked to investigate and reconcile the discrepancies.
8. In addition, the auditor should also consider what further tests he can carry out in order to satisfy
himself as to the correctness of the amount of trade receivables taken as a whole.
Analytical review procedures:
Auditor may also perform below mentioned analytical review procedures as a means of obtaining
audit evidence regarding the various assertions relating to trade receivables, loans and advances:
• comparison of closing balances of trade receivables, loans and advances with the
corresponding figures for the previous year,
• comparison of the relationship between current year debtor balances and the current year
sales with the corresponding figures for the previous year;
• comparison of actual closing balances of trade receivables, loans and advances with the
corresponding budgeted figures, if available;
• comparison of current year's aging schedule with the corresponding figures for the previous
year;
• comparison of significant ratios relating to trade receivables, loans and advances with the
similar ratios for other firms in the same industry, if available;
• comparison of significant ratios relating to trade receivables, loans and advances with the
industry norms, if available.
Audit of Cash and Cash equivalents
• Existence: To establish the existence of cash and cash equivalent balances as at the year-
end.
• Completeness: Cash and cash equivalent balances that were supposed to be recorded have
been recorded in the balance sheet.
• Valuation: Cash and cash equivalent balances have been valued appropriately.
• Presentation and Disclosure: Required disclosures for cash and cash equivalents have been
appropriately made.
Audit procedures:
For verification of Existence assertion
1. The auditor should carry out physical verification of cash at the date of the balance sheet.
However, if this is not feasible, physical verification may be carried out, on a surprise basis, at any
time shortly before or after the date of the balance sheet and reconcile the balance shown in the
financial statements with the results of the physical verification considering the transactions for
intervening period.
2. If there are more than one cash balances, e.g, when there is a cashier, a petty cashier, a branch
cashier and, in addition, there are imprest balances with employees, all of them should be checked
simultaneously, as far as practicable so that the shortage in one balance is not made good by
transfer of amount from the others.
3. It is desirable for the cashier to be present while cash is being counted and he should be made
to sign the statement prepared containing details of the cash balance counted along with
denomination of cash. If he is absent at the time the cash is being verified, he may hold the auditor
responsible for the shortage, if any, in cash.
4. If there is any rough Cash Book or details of daily balance are separately kept, the auditor should
test entries from the rough Cash Book with those in the Cash Book to prove that entries in the Cash
Book are correct.
5. If the auditor finds any slip, chit or 1.0.U.s in respect of temporary advances paid to the
employees included as part of the cash balance, he should check whether those are approved by
an authorized official and recorded in the appropriate accounts.
6. The auditor should also perform a cash sensitivity analysis by compiling a summary of total cash
receipts and payments each month and analyzing the trends to see if there have been variations in
any specific month and request brief descriptions from the management.
Verification of Bank Reconciliation statement
1. The auditor needs to obtain bank reconciliation statements (BRS) for all bank accounts
maintained by the entity as at the reporting period and additionally need to understand the client's
process and periodicity of making the BRS.
2. Auditor should ensure that BRS is signed by the authorized personnel so that he is able to assign
responsibility in case of any errors.
3. Verification of BRS shall entail the following:
(a) Tallying the balance as per bank book to the bank confirmation/statement.
(b) Checking of all material reconciling Items included under cheques issued but presented
for payment to the underlying bank book forming part of books of account. In addition, the
auditor should request for bank statements of subsequent period and should verify if the
cheques issued have subsequently been cleared by the bank. For all cases where cheques
have become stale i.e. 3 months or more have lapsed since the issue date, the same should
not appear in the BRS and should instead be taken back to liabilities.
(c) Checking of all material reconciling items included under cheques deposited but not
credited by bank by requesting for bank deposit slips, duly acknowledged by bank and
verifying if the balances were credited by bank subsequently by tallying to the bank
statement of subsequent period. For any instances related to cheques not cleared beyond
reasonable time, the auditor should seek brief descriptions from the management and in
case such explanations are found to be unsatisfactory, the auditor should verify therevenue
recognition related to such parties was in order and as per the Company's revenue
recognition policy.
(d) Checking of all material reconciling items included under amounts or charges
debited/credited by bank but not accounted for by requesting for bank statements for the
period under audit and tallying the same. If the amounts are found to be material, the
auditor should ensure that the management records the adjustments for the same in its
books of account. If management does not adjust, the auditor shall consider to qualify his
report.
Direct Confirmation Procedure
(a) Auditor is required to confirm all year end account balance maintained with the bank.
(b) In case of any discrepancies, client should be asked to investigate and reconcile the
discrepancies, including seeking written explanations/clarifications from the banks/financial
Institutions on any unresolved queries.
(c) Auditor should emphasize for confirmation of 100% of bank account balances. In remote
situations were no reply is received, the auditor should perform additional testing regarding the
balances. This testing could include:
✓ Agreeing the balance to bank statement received by the Company or

internet/online login to account in auditor's personal presence.
✓ Prepare a final summary of the results of the circularization and draw the final
conclusion.
For verification of valuation assertion
In addition to the procedures performed above, the auditor should ensure that all bank accounts
holding foreign currency have been restated at the closing exchange rates as per applicable PRY.
Audit of Inventories
Assertions to be evaluated
• Existence: To establish the existence of Inventories as at the year-end.

• Completeness: Only the inventories held by entity have been recorded in the financial
statements and do not include any inventories that belong to third parties but does include
inventories owned by the entity and lying with a third party.
• Rights and Obligations: The entity has valid legal ownership rights over the inventories
claimed be held by the entity and recorded in the financial statements.
• Valuation: Inventories have been valued appropriately and as per generally accepted
Accounting policies and practises.
• Disclosure and Presentation: Required disclosures for inventories have been appropriately
made.
Auditor’s procedures
To establish Existence
1. Review entity's plan for performing inventory count.
2. Ensure that consigned goods have been segregated.
3. Auditor should participate in the inventory count with the management.
4. Test counts of inventory by auditor should include:
✓ observing employees are adhering to the agreed plan.

✓ assuring that all items are properly tagged.
✓ assuring that there is appropriate supervision on the count procedure.
✓ observing that proper amounts are shown on tags.
✓ determining that tags and summary sheets are controlled and reconciled.
✓ reconciliation of test counts with tags and summary sheets and discrepancies noted, if any,
are summarized and agreed with client personnel.
✓ staying alert at all times and specifically being cautious about empty boxes, etc. and obsolete
items.
✓ performing cut-off testing by documenting last 5-10 receiving reports and shipping
documents as of the period end.
✓ ensuring exclusion of third-party stock and damaged or obsolete stock.
✓ ensuring the accounting of all stock sheets.
✓ investigating any significant differences between the physical stock take and the stock
records as per books. Further, the auditor should ask the entity's personnel to sign all stock
count sheets and also agree the variances observed, if any, to avoid any conflicts.
5. When the entity uses periodic system for inventory count, it should be undertaken at the end of
the period. If the entity uses perpetual system with proper and adequate records, inventory may
be counted at interim dates.
6. Confirm or investigate any inventory of the entity lying with a third party (specifically relevant
for cases where the entity gets job work done in its process of production).
To establish the Completeness
1. Perform analytical procedures (comparison tests with industry averages, budgets, prior years,
trend analysis, etc.).
• Compute inventory turnover ratio (COGS/average inventory)
• Perform vertical analysis (inventory/total assets)
• Compare budgetary expectations vis-à-vis actuals
2. Examine non-financial information related to Inventory, such as weights and other

measurements.
3. Perform purchase and sales cut-off tests. Trace shipping documents (bills of lading and receiving
reports, warehouse records, and inventory records) to accounting records immediately before and
after year-end.
4. With respect to tagged inventory, perform tests for omitted transactions and tests for invalid
transactions.
5. Verify the clerical and arithmetical accuracy of inventory listings.
6. Reconcile physical inventory amounts with perpetual records.
7. Reconcile physical counts with general ledger control totals.
8. Reconcile inventories which belong to client but are held with third parties like transporters,
warehouses, port authorities, etc.
9. Goods received on consignment basis have been properly segregated from other items of
inventory.
To establish Ownership Rights
1. Vouch recorded purchases to underlying documentation (purchase requisition, purchase order,

receiving report, vendor invoice and cancelled cheque or payment file).
2. Evaluate the consigned goods.
3. Examine client correspondence, sales and receivables records, purchase documents.
4. Determine existence of collateral agreements.
5. Review consignment agreements.
6. Review material purchase commitment agreements.
7. Examine invoices for evidence of ownership i.e. the invoices shall be in the name of the client.
8. Auditor shall obtain confirmation for significant items of inventory as per SA 501.
9. For instances of inventory held by third party, the auditor should insist on obtaining declaration
from the third party on its business letterhead and signed by an authorized personnel of that third
party confirming that the items of inventory belong to the entity and are being held by such third
party on behalf of and for the benefit of the entity under audit.
Audit of Tangible Fixed Assets
Revenue Expenditure vs Capital Expenditure
Auditor is required to analyze the expenditure incurred on PPE, whether they are of Revenue or
Capital in nature. Capital expenditure should be added to the cost of PPE. The following expenses
shall qualify as capital expenditure:
(1) Acquisition cost of the asset.
(2) Additions to the assets that increases the earning capacity.
(3) Benefits derived which are of long term in nature.
(4) Expenditure incurred to minimize the cost of production.
Certain revenue expenses, if incurred for creating an asset or adding to its value for achieving higher
productivity, are regarded as expenditure of a capital nature. Examples of such expenditure are:
(1) Material and wages expended on the construction of a building or erection ofmachinery.
(2) Legal expenses incurred in connection with the purchase of land or building.
(3) Freight incurred in respect of purchase of plant and machinery.
(4) Repair of a fixed asset that increases its productivity.
(5) Wages paid on installation costs incurred in Plant & Machinery.
(6) Interest paid for the qualifying period as per AS-16 L.e. before the asset is constructed.
Whenever, therefore, a part of the expenditure, ostensibly of a revenue nature, is capitalised It is
the duty of the auditor not only to examine the precise particulars of the expenditure but also the
considerations on which it has been capitalised.
The revenue expense like regular repairs on assets have to be charged off to the Statement of Profit
and Loss.
Assertions to be examined
• Existence: To establish the existence of tangible fixed assets (PPE) as at the year end
• Completeness: To ensure that additions to PPE during the period under audit have been
recorded in the financial statements and do not include any PPE that belong to third parties
but does include PPE owned and controlled by the entity although lying with a third party
• Rights and Obligations: The entity has valid legal ownership rights over the PPE claimed to
be held by the entity and recorded in the balance sheet.
• Valuation: PPE have been valued appropriately and as per generally accepted accounting
policies and practises
• Presentation and Disclosure: Required disclosures for PPE have been appropriately made.
Verification procedure:
To establish the Existence
(i) Review entity's plan for performing physical verification of PPE Le. whether performed by own
staff or by a third party and the policy regarding periodicity Le. whether physical verification shall
be done on annual basis or once in two years/three years.
(ii) Evidence of appropriate supervision of those performing physical verification of PPE should be
examined.
(iii) Obtain PPE physical verification report backed by the working sheets from the entity and
perform the following procedures:
- Assess if all items of PPE are properly tagged and carry identification marks/numbers and
physical verification work papers do capture the asset identification numbers for assets
physically verified.
- Reconciliation of items of PPE as physically verified with the fixed asset register maintained
by the entity as at the date/period of undertaking physical verification. Specifically verify if
the PPE additions up to the date of physical verification have been updated in the fixed
asset register.
- Verify the discrepancies noted, based on physical verification undertaken and the manner
in which such discrepancies have been dealt with in the entity's books and F.S. For example,
any identified shortages/assets not in working condition and/or active use should be
accounted for as deletions in the books of account post approvals by the entity's
management and depreciation should have ceased to be charged after the date of deletion.
To establish Completeness
(i) Verify the movement in the PPE schedule compiled by the management i.e. Opening balances +
Additions during the period Deletions during the period Closing balances. Tally the closing balance
to the entity's books of account.
(ii) Check the arithmetical accuracy of the movement in PPE schedule.
(iii) Tally the opening balances to the previous year audited F.S.
(iv) For additions during the period under audit, obtain a listing of all additions from the
management and perform the following procedures:
• For all material additions, verify if such expenditure meets the criteria of PPE as per AS 10.
These costs include costs incurred initially to acquire or construct an item of PPE and costs
incurred subsequently to add to, replace part of, or service it.
• Verify that the cost of an item of PPE is as per AS 10. Verify and ensure that items such as
spare parts, stand-by equipment and servicing equipment are recognised as PPE only when
they are held for more than one period as per the requirements of AS.
• Ensure that the entity is not recognizing costs of the day-to-day servicing in the carrying
amount of an item of PPE.
• Test the purchase invoice, installation certificate or report or other similar documentation
maintained by the entity to verify the date of addition, for all additions samples of PPE
during the period under audit.
• Verify whether the PPE additions have been approved by authorized personnel.
• Verify whether proper internal processes and procedures like inviting competitive
quotations/floating tenders etc. were followed prior to finalising the vendor for procuring
items of PPE awarding of work contract for capital projects by checking the supporting
documents of the samples selected.
(v) In relation to deletions to PPE, understand from the management the reason and rationale for
deletion (example could be new purchase of similar asset once the old asset was no longer fit to be
used in production process) and the manner of disposal.
• Obtain the management approval and discard note authoring disposal of the asset from its
active use.
• Verify the process followed for sale of discarded PPE, for example- inviting competitive
quotes, tenders and the basis of calculation of sales proceeds.
• Verify that the management has accurately recorded the deletion of PPE (original cost and
accumulated depreciation up to the date of disposal) and the resultant gain/loss on disposal
of PPE item in the entity's books of account.
To establish Valuation
Value of PPE depreciates due to efflux of time, use and obsolescence. The diminution of the value
represents an item of cost to the entity for earning revenue during a given period. Unless this cost
in the form of depreciation is charged to the accounts, the profit or loss would not be correctly
ascertained and the values of PPE would be shown at higher amounts.
The auditor should:
(i) Verify that the entity has charged depreciation on all items of PPE unless any item of PPE is non-
depreciable like freehold land.
(ii) Assess that the depreciation method used reflects the pattern in which the asset's future
economic benefits are expected to be consumed by the entity. It could be SLM, diminishing value
method, unit of production method, as applicable.
(iii) The auditor should also verify whether management has done an impairment assessment to
determine whether an item of property, plant and equipment is impaired as per the requirements
of AS 28 -Impairment of Assets.
To Establish the Rights and Obligations
(i) In addition to the procedures undertaken for verifying completeness of additions to PPE during
the period under audit, the auditor while performing testing of additions should also verify that all
PPE purchase invoices are in the name of the entity that entitles legal title of ownership to the
respective entity.
(ii) For all additions to land and building in particular, the auditor should check the conveyance
deed/sale deed to verify whether the entity is the legal and valid owner or not.
(iii) The auditor should insist and verify the original title deeds for all Immovable properties held as
at the balance sheet date.
(iv) In case the entity has given such immovable property as security for any borrowings and the
original title deeds are not available with the entity, the auditor should request the entity's
management for obtaining a confirmation from the respective lenders that they are holding the
original title deeds of immovable property as security.
(v) In addition, the auditor should also verify the register of charges, available with the entity to
assess that any charge has been created against the PPE.
Audit of Intangible fixed assets
Meaning of Intangible Assets
An Intangible asset is an identifiable non-monetary asset, without physical substance, held for use
in the production or supply of goods or services, for rental to others, or for administrative purposes.
Examples: Computer software, patents, copyrights, motion picture films, franchises, marketing
rights etc. Goodwill is another example of an item of intangible nature which either arises on
acquisition or may be internally generated.
• Existence: To establish the existence of intangible fixed assets as at the period-end.

• Completeness: To ensure that additions to Intangible assets during the period under audit
have been recorded appropriately in the financial statements.
• Valuation: To ensure that intangible have been valued appropriately and as per generally
accepted accounting policies and practices.
• Presentation and Disclosure: To ensure that required disclosures for intangible assets have
been appropriately made
Audit Procedures
To establish the existence of intangible fixed assets.
1. Auditor should ensure that intangible asset should be recognised only if-
(a) it is probable that the future economic benefits that are attributable to the asset will
flow to the enterprise; and
(b) the cost of the asset can be measured reliably.
2. Ensure that at initial stages, intangible asset should be measured at cost. After initial recognition
an intangible asset should be carried at its cost less any accumulated amortisation and any
impairment losses.
3. For verifying the existence of software, the auditor should verify whether such software is in
active use by the entity and for the purpose, the auditor should verify the sale of related
services/goods during the period under audit, in which such software has been used.
4. For verifying the existence of design/drawings, the auditor should verify the production data to
establish if such products for which the design/drawings were purchased, are being produced and
sold by the entity.
5. In case any intangible asset is not in active use, deletion should have been recorded in the books
of account post approvals by the entity's management and amortization charge should have ceased
to be charged beyond the date of deletion.
To establish the completeness of intangible assets
1. Verify the movement in the intangible assets schedule compiled by the management i.e. Opening
balances + Additions - Deletions = Closing balances.
2. Tally the closing balances to the entity's books of account.
3. Check the arithmetical accuracy of the movement in intangible assets schedule.
For additions during the period under audit, obtain a list of all additions from the management and
undertake the following procedures:
(i) For all material additions, verify whether such expenditure meets the criterion for recognition of
an intangible asset as per GAAP.
(ii) Ensure that no cost related to research gets recognized as intangible asset
(iii) Check the certificate or report or other similar documentation maintained by the entity to verify
the date of use of the intangible which could be linked to date of commencement of commercial
production/economic use to the entity, for all additions to intangible assets during the period under
audit.
(iv) Verify whether the additions (acquisitions) have been approved by appropriate entity's
personnel.
(v) Verify whether proper internal processes and procedures like Inviting competitive
quotations/proper tenders etc. were followed prior to finalizing the vendor for procuring item of
intangible assets by testing those documents on a sample basis.
(vi) In relation to deletions of intangible assets, understand from the management the reason and
rationale for deletion and the manner of disposal. Obtain the management approval and disposal
note authoring disposal of the asset from Its active use.
(vii) Verify the process followed for sale of discarded asset, example inviting competitive quotes,
tenders and the basis of calculation of sales proceeds.
(viii) Verify that the management has accurately recorded the deletion of Intangible asset (original
cost and accumulated amortization up to the date of disposal) and the resultant gain/loss on
disposal in the entity's books of account.
To establish valuation of Intangible Assets
(1) Verify that the entity has charged amortization on all intangible assets,
(2) Verify that the amortization method used reflects the pattern in which the asset's future
economic benefits are expected to be consumed by the entity.
(3) The auditor should also verify whether the management has done an impairment assessment
to determine whether an intangible asset is Impaired. For this purpose, the auditor needs to verify
whether the entity has applied GAAP for determining the manner of reviewing the carrying amount
of its intangible asset determining the recoverable amount of the asset to determine impairment
loss, If any.
To establish Rights and Obligations
In addition to the procedures for verifying completeness of additions to intangible assets during the
period under audit, the auditor while performing testing of additions should also verify that all
expense invoices/purchase contracts are in the name of the entity that entitles legal title of
ownership to the entity.
Audit of Trade Payables and other current liabilities
Classification of Liabilities
A liability shall be classified as current when it satisfies any of the following criteria:
(a) it is expected to be settled in the company's normal operating cycle:
(b) it is held primarily for the purpose of being traded;
(c) it is due to be settled within twelve months after the reporting date; or
(d) the company does not have an unconditional right to defer settlement of the liability for at least
twelve months after the reporting date. Terms of a liability that could at the option of the
counterparty, result in its settlement by the issue of equity Instruments do not affect its
classification.
All other liabilities shall be classified as non-current.
Assertions to be examined
• Existence: To ensure the existence of trade payables and other current liabilities as at the
year end.
• Completeness: To ensure that trade payables and liability balances that were supposed to
be recorded have been recognized in the financial statements.
• Valuation: To ensure that trade payables and other liability balances have been valued
appropriately.
• Presentation and Disclosure: To ensure that required disclosures for trade payables and
other liabilities have been appropriately made.
To establish Existence
(1) Check whether there are controls in place to ensure that any purchase/expense invoice does
not get recorded more than once and payable balances are automatically recorded in the general
ledger at the time of recording of expense.
(2) Obtain the accounts payable ageing report and trace its balances to the general ledger. If there
are any differences, investigate reconciling items. Journal entries specially for large amounts should
be carefully examined.
Direct confirmation procedures
1. The verification of balances by direct communication with trade payables is theoretically the best
method of ascertaining whether the balances are genuine, accurately stated and undisputed,
particularly where the internal control system is weak.
2. The auditor employs direct confirmation procedure with the consent of the entity under audit.
There may be situations where the management of the entity requests the auditor not to seek
confirmation from certain trade payables. In such cases, the auditor should consider whether there
are valid grounds for such a request. Before accepting a refusal as justified, the auditor should
examine any available evidence to support the management's explanations, eg, correspondence
between the entity and the trade payables.
3. While determining the information to be obtained, the form of confirmation, as well as the extent
and timing of application of the confirmation procedure, the auditor should consider all relevant
factors such as the effectiveness of internal control, the apparent possibility of disputes,
inaccuracies or irregularities in the accounts, the probability that requests will receive
consideration, and the materiality of the amounts involved.
4. The trade payables may be requested to confirm the balances either
(a) as at the date of the balance sheet, or
(b) as at any other selected date which is reasonably close to the date of the balance sheet.
5. The form of requesting confirmation from the trade payables may be either
(a) the 'positive' form of request, wherein the creditor is requested to respond whether or not he
is in agreement with the balance shown, or
(b) the 'negative' form of request, wherein the creditor is requested to respond only if he disagrees
with the balance shown.
To establish completeness:
(1) The auditor needs to perform the following cut off procedures:
- For the last 5 invoices received/recorded at the end of the reporting date (cut off date)
and which have been included in the trade payables; the goods should have been
received/risk and rewards of ownership in goods should have been transferred in favour of
the entity;
- All goods received prior to the period/ year-end should have been booked in the form of
purchases and included in trade creditors.
(2) Test purchases/expenses on a sample basis selecting the same from the accounts payable
ledgers and checking their supporting documents to ensure that the purchases were recorded at
the correct amounts and correct dates.
(3) Match purchase invoice dates to the gate entry (inward) dates to check whether the purchases
are being recorded in the correct accounting period. This can include an examination of
purchase/expense invoices received subsequent to the period being audited, to see if they should
have been included in the period under audit.
(4) Review subsequent expense vouchers. Review all material expense vouchers recorded post the
balance sheet date to see if they relate to transactions from within the audit period.
(5) For advance received from customers/revenue received in advance, obtain the customer wise
listing along with its ageing and the nature. Verify if any advances are outstanding beyond 6 months.
Enquire from the entity's management if there has been any dispute with the customer and if there
is any additional liability to be recorded. For all such advances, the auditor should verify the
underlying documentation based on which the entity had received the advance.
To establish Valuation
(1) Review the process followed by the Company to identify if any old creditor balance/liability
needs to be written back. This will include a consistency comparison with the method used in the
last year, and a determination of whether the method is appropriate for the underlying business
environment.
(2) Obtain the ageing of payable balances, split between current, less than 30 days old, 30-60 days
old, 60-180 days old, 180-365 days old and more than 365 days old (refer screenshot below). Also,
obtain the list of vendors with whom the Company has disputes and any claims from customers,
under litigation and compare with previous year.
(3) Check that write backs in the liability balances assessed as no payable have been approved by
an appropriate and authorised member of senior management, for example - CEO/MD. (4) Check
that the restatement of foreign currency trade payables has been done properly In accordance with
AS 11. longer
(5) Understand management's process to identify the principal amount and the interest due
thereon (if any) remaining unpaid to any Micro, Small and Medium Sized Enterprises suppliers at
the end of accounting year. Test check the management process to assess if the auditor could rely
on the management process.
In addition to the audit procedures discussed above, the following analytical review procedures
may often be helpful as a means of obtaining audit evidence regarding the various assertions:
(a) comparison of closing balances of trade payables with the corresponding figures for the
previous year;
(b) comparison of the relationship between current year trade payable balances and the
current year purchases with the corresponding figures for the previous year;
(c) comparison of actual closing balances of trade payables, etc, with the corresponding
budgeted figures, if available;
(d) comparison of current year's aging schedule of trade payables with the corresponding
figures for the previous year;
(e) comparison of significant ratios relating to trade payables with the similar ratios for
other firms in the same industry, if available;
(f) comparison of significant ratios relating to trade payables with the industry norms, if
available.
The amounts shall be classified as:
1. Current maturities of finance lease obligations.
2. Interest accrued but not due on borrowings.
3. Interest accrued and due on borrowings.
4. Income received in advance.
5. Unpaid Dividends.
6. Application money received for allotment of securities and due for refund and interest accrued
thereon. Share application money includes advances towards allotment of share capital. Further,
the period for which the share application money has been pending beyond the period forallotment
as mentioned in the document inviting application for shares along with the reason for such share
application money being pending shall be disclosed.
7. Unpaid matured deposits/debentures and interest accrued thereon.
8. Unpaid matured debentures and interest accrued thereon.
9. Others (specify nature).
Audit of Sale of Products and Services
Audit Procedures
• Occurrence: Ensure that sales recorded represent goods shipped/services performed

during the period.
• Completeness: Ensure that sales recorded represent goods shipped/services performed
during the period.
• Measurement: Ensure that all sales are accurately measured as per applicable accounting
standards and correctly Journalized, summarized, and posted.
• Presentation and Disclosure: Ensure that required disclosures for sales have been
appropriately made.
Audit Procedure
General steps to be followed:
• Identify the control points over sales.

• Tests the identified controls to determine how strong and reliable they are. If controls are
assessed as strong, the auditor can reduce the amount of substantive testing.
• Selects a random sample of transactions and examines the related customer purchase
orders, invoices and customer statements.
• Performing substantive audit procedures like vouching and Substantive Analytical
Procedure (SAP). SAP will consist of sales trend analysis, comparison of sales figures with
previous accounting period etc.
• Verification of revenue may be carried out by employing the following procedures:
(a) Examination of records;
(b) Analytical review procedures.
To establish Occurrence
1. To ensure that revenue is not overstated, auditor is required to perform the following audit
procedures:
• Check whether a single sales invoice is recorded twice or a cancelled sales invoice
could also be recorded.
• Test check few invoices with their relevant entries in sales journal.
• Obtain confirmation from few customers to ensure genuineness of sales transaction.
• Whether any fictitious customers and sales have been recorded.
• Whether any shipments were done without the consent and agreement of the
customer, especially at the year end to inflate the sales figure.
• Whether unearned revenue recorded as earned.
• Whether any substantial uncertainty exists about collectability.
• Whether customer obligations are contingent on other actions (financing, resale,
etc.).
2. Review sequence of sales invoices.
3. Review journal entries for unusual transactions.
4. Calculate the ratio of sales return to sales and compare it with previous year and enquire
for the reasons for increase/decrease.
5. Check the sales return with sales invoice, challan, credit note, stock register, etc.
1. Perform cut-off procedures to ensure that revenues are recognised in the current
accounting period and sales were not tampered towards the period end.
2. Cut-off errors will usually arise when companies recognise revenue based on the date on
which the sales invoices are generated rather than the date on which the risks and rewards
are transferred to the buyer. In order to perform a robust sales cut-off test, auditors need
to understand and consider the specific cut-off error risk of each engagement.
3. Auditors should also verify the credit notes issued after the accounting period. Sometimes
sales team or sales personnel can make fictitious sales before the year-end to meet
performance target and cancel out those sales with a post year end credit note.
4. Trace from the shipping documents to the sales journal.
5. Check whether quantity is appearing in sales register or not and check reconciliation of total
sales/goods dispatched as per stock records and financial records and statutory records like
GST.
To establish measurement
1. Trace a few transactions from inception to completion. (Examination in depth)
E. g: Take few sales transaction, and check from the receipt of sales order to the payment
of receivable balance, every underlying document to ensure if it is properly recorded at
every stage and measured accurately taking into consideration all the incentives, discounts,
if any. The recognition shall be according to the revenue recognition policy of the entity.
2. If the client is engaged in export sales, then compliance with necessary GAAP is expected.
3. Auditor must understand client's operations and related GAAP Issues eg. point of sale revenue
recognition vs. percentage of completion, wherever applicable.
4. Compare the rate of sales affected with related parties and review them for collectability, as well
as whether they were properly authorized and the value of such transactions were reasonable and
at arm's length.
Audit procedure in Specific cases
Consignment Sales
1. Verify the terms of agreement between the consignor and the consignee to ascertain the terms
and conditions regarding commission and other expenses.
2. Ensure that the goods consigned are not treated as ordinary sales.
3. Ensure that the gross sale proceeds as mentioned in the account Sales has been credited to the
Consignment Account and debited to the consignee's account.
4. Ascertain that credit has been taken only for the profit c through the consignee before the year
end. No profit should be taken for the profit on goods remaining in the hands of the consignee. on
the goods sold
5. Ensure that the stock lying with the consignee at the end should be taken in the balance sheet at
cost on a consistent basis and credited to the Consignment A/c to arrive at the result of the
consignment transactions.
6. Obtain confirmation of the balance in the account of the consignee from the consignee.
7. In case, goods are consigned at invoice price, auditor should ensure that the necessary
adjustments to remove the loading have been made.
8. Examine the adjustments made at the year-end in respect of the goods not yet sold, commission
and the expense incurred by consignee.
Goods sent out on Sale or Return basis
1. Check maintenance of separate memoranda records of goods sent out on sale or return.
Only after approval from customer, personal account of customer is debited and the sales
account is credited.
2. Ensure that the price of such goods is unloaded from the sales account and the debtor's
record before the approval from customer.
3. In respect of the goods for which approval period has expired, ensure that either goods
have been received back or customer's account have been debited.
4. In respect of the goods for which approval period has not expired till the close of the year
and lying with the party, ensure that cost of such goods has been included in the closing
stock.
Audit of Purchases
Assertions to be Examined
• Occurrence: Ensure all purchases recorded in books of account represent goods actually
received/ services availed during the period.
• Completeness: Ensure all purchases made during the period were recorded and there in no
understatement or overstatement.
• Measurement: Ensure all purchases have been measured appropriately.
• Presentation and Disclosure: Ensure that required disclosures for purchases have been
appropriately made.
Audit Procedure
Steps to be followed:
✓ Identify the control points over purchases.

✓ Tests the identified controls to determine how strong and reliable they are. If controls are
assessed as strong, the auditor can reduce the amount of substantive testing.
✓ Selects a random sample of transactions and examines the related purchase orders, Goods
Received Note (GRN), purchase Invoices, inward gate entry register and vendor
reconciliation/ statements.
✓ Performing substantive audit procedures like vouching and Substantive Analytical
Procedure (SAP). SAP will consist of purchase trend analysis, comparison of purchase
figures with previous accounting period etc.
✓ Verification of revenue may be carried out by employing the following procedures:
• Examination of records;
• Analytical review procedures.
To establish Occurrence
Ensure purchases are not understated/overstated by performing following audit procedures:
• Whether any fictitious vendors have been booked or purchases have been recorded by
reviewing the vendor selection process followed by the entity and also performing
procedures to ensure existence of the vendors.
• Whether the goods were received at the factory gate and whether there exists an entry in
the security gate inward register.

• Whether quality inspection of goods was done.
• Whether a goods receipt note was prepared and signed by an appropriate client personnel.
• Whether the purchase invoice was approved as per delegation of authority.
• Whether stock record has been updated by the store's personnel.
Special consideration during audit of purchases
• The purchase invoice received should be the "Original" copy (and not photocopy/carbon
copy) against which the entity has recorded the purchase in its books of account.
• Purchase invoice should have been booked only once risk and reward incidental to
ownership has been transferred to the entity. Specific consideration for cases where the
terms of delivery as agreed with vendor are F.O.B., C.I.F. etc.
• Purchase invoice should be in the name of entity. However, in case of different branches,
it should be addressed to the appropriate branch.
• Input tax component should have been booked in the input tax ledger. The auditor should
obtain tax returns filed with the authorities and tally the input tax as reflected in the books
to the amount disclosed in the returns.
• In case of purchases made from related parties or allied and associated concerns, the
auditor needs to verify if requisite approval from Board of Directors (appropriate authority)
has been obtained and should verify the selected samples and perform analytical
procedures in relation to price of goods to confirm that the price charged is at arm's length.
• Perform cut-off test to ensure that purchases are recognised in the correct accounting
period. For the purpose, the auditor should examine material inward records, say, last 5
transactions at the period end to check that all corresponding invoices have been duly
entered in the Purchases book and none have been omitted.
• Ensure correct accounting treatment of goods-in-transit as per the agreed terms with the
vendor regarding transfer of risk and reward of ownership in goods.
• Obtain written representation from the management that all the purchases that took place
during the year have been properly recorded in the books.
• Perform analytical procedures to obtain audit evidence as to overall reasonableness of
purchase quantity and price.
Analytical procedures
Analytical procedures to obtain audit evidence as to overall reasonableness of purchase quantity

and price may include:
• Consumption Analysis: Auditor should examine consumption of raw material from

manufacturing account and compare the same with previous years with closing stock and
ask for the reasons from management for any significant variations noticed.
• Stock Composition Analysis: Auditor should collect reports from management for
composition of stock Le. raw materials as a percentage of total stock and compare the same
with previous year and ask for reasons from management for any significant variations
noticed.
• Ratios: Auditor should compare the creditors turnover ratios and stock turnover ratios of
the current year with previous years.
• Quantitative Reconciliation: Auditor should review quantitative reconciliation of closing

stocks with opening stock, purchases and consumption.
Audit of Depreciation and Amortisation
• Occurrence: Recorded depreciation and amortisation expenses were actually incurred

during the period.
• Completeness: Depreciation and amortisation expenses pertaining to the period he been
recorded appropriately and there in no understatement/overstatement.
• Measurement: Depreciation and amortisation expenses have been measured
appropriately.
• Presentation and Disclosure: Required disclosures for depreciation and amortisation have
been appropriately made.
Attributes to be considered by Auditor:
Auditor needs to consider the following attributes while verifying for depreciation and amortisation
expenses:
• Obtain the understanding of entity's accounting policy related to depreciation and

amortisation.
• Ensure the Company policy for charging depreciation and amortisation is as per the
relevant provisions of the law for the time being in force.
• The accounting policy has been applied consistently year on year. Any change in the
accounting policy has been adequately disclosed.
• Whether the depreciation has been calculated after making adjustment of residual value
from the cost of the assets.
• Whether depreciation and amortisation charges are valid.
• Whether depreciation and amortisation charges are accurately calculated and recorded.
• Whether all depreciation and amortisation charges are recorded in the appropriate period.
• Ensure the parts (components) of each item of property, plant and equipment that are to
be depreciated separately have been properly identified.
• Whether the most appropriate depreciation method for each separately depreciable
component has been used.
Audit procedures
➢ Obtain an understanding of entity's process of charging depreciation and amortization

➢ Obtain the fixed asset register maintained by the entity. There is always a risk that an entity
could capitalize expense of revenue nature to increase its profit or charge capital
expenditure directly in income and expense statement to reduce its profit. To address this
risk, the auditor may choose to check the nature of asset from fixed asset register and
further, there is always a risk that fake asset has been capitalized in the books and to
mitigate this risk, auditors should physically verify the fixed assets, at least the ones that
are material in value. Obtain a list of all additions/deletions along with their proper
approval from the authorised person for the same.
➢ Select the sample of assets from the Fixed Assets Register, on materiality consideration and
verify the rates of depreciation and depreciation calculations.
➢ Obtain the list of all the components identified by the management.

➢ Ensure Intangible assets like patents, goodwill, copy rights have been properly amortized
over the period.
➢ Ensure depreciation is charged on the assets from the date when it is ready to use and not
from the date of actual usage.
➢ Ensure depreciation on revalued amount has been properly accounted from revaluation
reserve.
➢ Perform analytical procedures to obtain audit evidence as to overall reasonableness of
depreciation and amortisation expense.
➢ Ensure that the depreciation and amortization has been charged as per the useful lives of
PPE and Intangible assets.
➢ Ensure that residual values have been properly verified as that impacts the computation of
depreciation.
➢ Ensure that the depreciation and amortization has been computed prospectively whenever
there is any change in useful lives of PPE and intangible assets.
Disclosure requirements
Ensure whether the following disclosures as required have been made:
(a) Accounting policy for depreciation and amortization.
(b) Useful lives of assets
(c) Residual value of assets.
(d) Depreciation method.
Audit of other expenses (Power, Fuel, Rent, Repair, Insurance, Travelling)

Composition of other expenses
Other expenses may comprise of following expenses:
(a) Consumption of stores and spare parts;
(b) Power and fuel;
(c) Rent;
(d) Repairs to buildings;
(e) Repairs to machinery:
(f) Insurance;
(g) Rates and taxes, excluding, taxes on income;
(h) Miscellaneous expenses,
➢ Occurrence: Recorded other expenses were actually incurred during the period.
➢ Completeness: Other expenses pertaining to the period have been recorded appropriately
and there in no understatement or overstatement.
➢ Measurement: Other expenses have been measured appropriately.
➢ Presentation and Disclosure: Required disclosures for other expenses have been
appropriately made.
Attributes to be examined while vouching expenses
➢ Whether the expenditure pertained to current period under audit;

➢ Whether the expenditure qualified as a revenue and not capital expenditure;
➢ Whether the expenditure had a valid supporting like travel tickets, insurance policy, third
party invoice etc;
➢ Whether the expenditure has been classified under the correct expense head; Whether the
expenditure was authorised as per the delegation of authority matrix;
➢ Whether the expenditure was in relation to the entity's business and not a personal
expenditure.
Rent expenses
• Obtain a month wise schedule of rent payment along with the rent agreements.
• Examine whether rent expense has been recorded for all 12 months and whether the rent
paid is as per the underlying agreement.
• Examine whether agreement contains any escalation clause, if yes, verify whether rent has
been increased/adjusted during the period only as per escalation clause.
• Verify whether the agreement is in the name of the entity.
• Verify whether the expense pertains to premises used for running business operations of
the entity
Power and Fuel expenses
• Obtain a month wise expense schedule of payment towards power and fuel along with the
power bills.
• Examine whether the expenses have been recorded for all 12 months.
• Compile a month wise summary of power units consumed and the applicable rate and check
the arithmetical accuracy of the bill raised on monthly basis.
• Analyse the monthly power units consumed by linking it to units of finished goods produced
and investigate reasons for variance in monthly trends.
Insurance expense
• Obtain a summary of insurance policies taken along with their validity period.
• Verify whether the expense has been correctly classified between prepaid and expense for
the period based on number of days.
Legal and Professional expense
• Obtain a month wise and consultant wise summary.

• In case of monthly retainer ship agreements, verify whether the expenditure for all 12
months has been recorded correctly.
• For non-recurring expenses, select a sample on random basis and vouch for the attributes
discussed above.
• Special focus should be given while vouching for legal expenses as the same may highlight a
dispute for which the entity may not have made any provision and the matter may also not
have been discussed/highlighted to the auditor for his specific consideration.
Travel, repair, and maintenance, printing and stationery, miscellaneous expenses
• Select a sample on random basis and vouch for the occurrence, completeness, measurement
and appropriate disclosure.
• Wherever possible, the auditor should try and prepare a summary of expenditure on monthly
basis and then analytically compare the trends.
• In addition, auditor should perform analytical procedures to obtain audit evidence as to overall
reasonableness of other expense which may include expenditure per unit produced.
• Auditor should analyse expense per unit produced and compare the same with previous years
and prevent industry trends and ask for the reasons from Management If any significant
variations are found.
Disclosure Requirements
Ensure other expense have been classified under:
(a) Rent.
(b) Insurance.
(c) Power and fuel.
(d) Repairs and maintenance - Building, Plant and machinery, others.
(e) Legal and professional.
(f) Printing and stationary.
(g) Travel expenses.
(h) Miscellaneous expenses.

Audit of Not-for-profit Organizations (NFPOs)
Meaning:
NFPOs are organizations that raise funds from members or donors for the social/charitable
objectives that they undertake. Apart from receiving monetary/ cash and financial donations,
NFPOs receive donations in the form of time, energy and skills from willing donors.
Incorporation:
NFPOs are incorporated/ registered under applicable laws for the time being in force in the
respective geography or region in which they have been incorporated.
Work to be done by the auditor:
I. Preliminary work to be done by the auditor:
• The auditor must gain and acquire knowledge of the NFPOs work, its mission and vision,
areas of operations and environment in which it operates.
• Review the legal form of the applicable incorporation documents such as the
Memorandum of Association, Articles of Association, Rules and Regulations, Bye-laws.
Once reviewed, the auditor shall ensure that the activities carried out by the NFPO are in
line with the prescriptions contained in these above-mentioned documents.
• Review the organization chart and manuals relating to financial and administrative matters.
• Examination of the minutes of the meetings of the management committee/Governing

Body to ascertain the impact of decisions on the financial records.
• Study the accounting system, procedure, internal controls and internal checks existing for
the NFPO and verify the applicability of the same.
• Stay updated with respect to all applicable and relevant statutes.
• Set the materiality level for the audit program of the NFPOs.
• Determine the nature and timing of audit reports and other communications to be issued
II. Specific items to be verified:
A. Receipts:
1. Contributions and grants received for specific projects and programs:

• Check agreements with donors and grant letter to ensure that funds received have
been accounted for.
• In case of any foreign contributions, the same have to be reported and disclosed as
per the relevant laws and regulations for the time being in force.
2. Receipts from funds raising programs:

• Verify in detail the internal control system and ascertain who are:
✓ The persons responsible for collection of funds
✓ The Mode of receipt
• Audit processes shall oversee if the funds are counted and deposited in the bank daily
3. Membership fees:
• Check the fees received with corresponding entries made in the members register.
• Ensure a proper demarcation between:
✓ Annual fees and Fees that are a part of periodic revenues; and
✓ Life Membership fees that are generally a part of the capital
corpus.
• Reconcile the fees received with the fees to have been received in the course of the
current / relevant reporting period.
4. Subscriptions:
• Check subscription fees received with the subscription register and receipts
issued.
• Reconcile subscription received with printing and dispatch of
corresponding magazine/circulars/periodicals.
• Check the receipts with any applicable/available subscription rate
schedule.
5. Interest and Dividends:

• Check the interest and dividends received and receivable with investments held during
the year.
B. Expenses
Ensure that all the expenses such as establishment expenses, project expenses and
specific expenses are recorded and disclosed as per the rules and regulations of all
applicable laws and regulations for the time being in force.
C. Assets and Liabilities:
1. Vouch all acquisitions or sales of fixed assets as regards proper authorization. Further check
that charge if any against any asset has been properly provided for.
2. Check the investment register and investments physically to ensure the NFPO has title to
these investment
3. Physically verify the cash in hand balances and also check the bank reconciliation statement
4. Obtain a certificate form the management as to the quantities and valuation of the stock
at hand.
5. Where loans are given these should be vouched as regards to their respective loan
agreements, counter-foils, etc.
Chapter 11: Completion and Review 203
Chapter 11: Completion and Review
Table of contents:
1. Adjusting, Non-adjusting and Subsequent Events
2. Going Concern
3. Overall review of financial statements
4. Evaluation of misstatement
5. Written representations
In the course of our previous lessons, we have focused n the process of executing an audit. There
are, however, some crucial areas and events in the execution of audit that command individual
guidance. This lesson takes us across those areas and matters.
Adjusting, Non-adjusting and Subsequent Events
Let’s say, Anadolu Isuzu – a Turkish Automaker places an order with Tata Steel for the purchase of
galvanized steel – a high tensile and durable variety of steel- for a large batch of its SUVs. Tata Steel
provides 5 months credit to Anadolu Isuzu who has a stellar reputation in the market for paying off
its vendors within the credit window. Consider the following timeline:
• The transaction is stamped, signed and sealed on 1 November 2022.

• Steel is cargo shipped on 20 November 2022 and received on 26 November 2022 in
Hydarpasa container docks in Turkey.
• The financial reporting period ends on 31 December 2022.
• Turkey suffers a major earthquake on 5 February 2022 leading to massive loss of life and
property all through the country. Anadolu Isuzu’s plant and entire business is destroyed in
the disaster.
• Anadolu Isuzu files for bankruptcy in on 25 February 2022 in all Turkish as well as
international courts that oversee the insolvency and bankruptcy regulation.
Let’s ask ourselves, the following simple questions –
• Could Tata Steel see this coming?

• Could they have predicted on 31 December 2022 that Turkey would face such a devastating
catastrophe?
Of course, they could not. They aren’t psychic or clairvoyant.
Now lets say that Tata Steel and Chevrolet India enter in a transaction where, the latter places an
order for galvanized steel for its car model “ Tavera”. This steel is meant to serve as material for the
last set of 10,000 units order Chevrolet India has received for its Tavera car model.
Chevrolet India however has been facing financial and litigation challenges in India for the past 5
years. The American parent of Chevrolet India is in public talks with regulators to exist the Indian
market and is in the process of filing for bankruptcy under the Insolvency and Bankruptcy code of
India as of 31 December 2023. Auto sector competitors are eagerly waiting to bid for its large
factory premises in Pune, India. Lets assume the transaction goes through on 1 December 2022 and
the payment is contractually agreed to be completed on 5 March 2023
Now, in this case if Chevrolet India is able to pay say 90 cents on the dollar, did Tata Steel forsee
this 10% hit ?
Quite obviously they did, as the indications of this were all over public domain.
The two cases listed above have one crucial distinguishing feature:
• Tata Steel could not predict the closure of Andalou Isuzu as at the date of financial
statements as there was no indication of the same
• Tata Steel could predict or foresee the closure of Chevrolet India as at the date of financial
statements as there were clear indications of the same.
While both events occur after the Balance Sheet date (31 December 2022), the existence of
indications of their occurrence is what demarcates these events.
Anadolu Isuzu – Non-Adjusting event Chevrolet India- Adjusting events

Events that arose after the reporting period Events that provide evidence of conditions that
and gave no indications of their existence as on existed at the end of the reporting period
the date of the financial statements
No adjustment is made to the financial Financial statements are adjusted to
statements only a disclosure in the foot notes accommodate and report these events and
to the financial statements is required. corresponding disclosures are made to ensure
complete presentation.
Governing financial reporting standard: IAS 10
• Both adjusting and non-adjusting events are events that occur after the date of financial
statements i.e. the Balance Sheet date. These events impact the process of audit as the
auditor has to ensure that adjusting events have been appropriately adjusted and disclosed
in the financial statements.
• Here the auditor has to determine, whether the events after the balance sheet date (which
can be adjusting or non-adjusting) impact the audit report. Events after the balance sheet
date that are subsequent in nature impact the audit report.
• A subsequent event is:
a. Event occurring between the date of the financial statements and the date of the auditor’s
report
b. Facts that become known to the auditor after the date of the audit report
Let us consider the below case to under the concept of subsequent events in greater depth:
The reporting period covered under the financial statements for the reporting entity is 1 January
2018 to 31 December 2018. The auditor submits his report on 25 march 2019 and the financial
statements are issued to the shareholder on 15 April 2019.
Relevant Dates and Time frames:

Time Frames Activity Conducted
1 January 2018 to Reporting period Generally, the audit process
31 December 2018 does not commenceafter the
reporting period ends.
In practical scenarios, the audit
commences little
towards the end of the
reporting period, say for
instance 1 November 2018.
1 January 2019 to Period of execution of audit Here we have assumed that
25 March 2019 proceduresand presentation of Audit the Audit report willbe
report to presented to management and
management and TCWG TCWG on 25
March 2019
25 March 2019 to Period for the management to: Here we have assumed that the
15 April 2019 AGM will be conducted on 15
• Announce for and conduct April where by the signed-
Annual General meeting audited financial statements
(AGM)of the Shareholders will be presented toall classes of
• Print, publish, distribute stakeholders.
and
upload Signed- Audited
FinancialStatements
Period between 31 This referred to as the period
December 2018 between the date of the
and 25 March 2019 financial statements and the
date of the audit report
Period between 25 This is referred to as the period

March 2019 and 15 after the date ofthe audit
April 2019 report but before the date the
financial
statements are issued
Period After 15 Corrections and recall to financial This is referred to as the period
April 2019 statements, only if applicable as per after the financialstatements
the facts of the given circumstances have been issued
Based on the definition of the term subsequent events we can assert that:
• Events occurring between 31 December 2018 (date of the financial statements) and 25
March 2019 (Date of the Audit Report) are subsequent events.
• Facts that become known to the auditor after 25 March 2019 (date of the auditor’s report)
are subsequent events.
• These events do not occur in the reporting period but if they are connected/related to
events/circumstances/transactions in the reporting period, they must be:
a. Adjusted; or
b. Disclosed; or
c. Both adjusted and disclosed
In the financial statements that cater to the reporting period.
The following section highlights the activities to be carried out and the responsibilities of the auditor
in the given time frames:
Events occurring between the date of the financial statements and the date of the auditor’s
report:
Time frame as per our case: 31 December 2018 to 25 March 2019
• The auditor shall perform audit procedures to obtain SAAE to ensure that events and
transactions which require adjustments or disclosure in the financial statements have been
identified.
• In determining the nature and extent of audit procedure, auditor shall:
✓ Obtain an understanding of the procedures through which management has
identified subsequent events
✓ Inquiring of the management as to occurrence of subsequent events which affect
the financial statements
✓ Read minutes of management meetings that have been held after the date of the
financial statements
✓ Read the entity’s subsequent financial statements, if any
✓ If the auditor identifies events that require adjustments or disclosures in the
financial statements, the auditor shall determine whether each such event is
appropriately disclosed and presented in the financial statements
✓ The auditor shall acquire a “Written Representation” form management that all
events occurring subsequent to the date of the financial statements and requiring
disclosure or adjustment have been adjusted or disclosed.
Facts that become known to the auditor after the date of the audit report but before the date of
the financial statements are issued
Time frame as per our case: This covers facts that become known to the auditor after 25 march
2019 but before 15 April 2019.
• The auditor has no obligation to perform any audit procedure regarding the financial
statements after the date of the audit report
• However, if a fact becomes known to the auditor that, had it been known to the auditor at
the date of the audit report – it may have caused the auditor to amend the auditor report
i.e.:
✓ an unmodified report would become modified; or
✓ A modified report would become unmodified; or
✓ A Qualification opinion would become an adverse opinion or disclaimer of opinion;
or
✓ An Adverse opinion would become a qualified opinion or a disclaimer of opinion;
or
✓ A disclaimer of opinion would become a qualified opinion or an adverse opinion.
• In this case the auditor shall:
✓ Discuss the matter with the management.
✓ Determine whether the financial statements need to be amended.
✓ Inquire how the management intends to address the matter in the financial
statements.
If the management amends the financial If the management does not amend the
statements financial statements
• Extend the audit procedures to the • The auditor shall modify the opinion if
date of the new audit report the report has not yet been provided to
• Provide a new auditor’s report on the the entity
amended financial statements • If not, the auditor shall notify the
management and TCWG not to issue
the financial statements to third
parties.
• If the management still issues the
financial statements the auditor shall
take appropriate action so as to
prevent reliance on auditor’s report.
Here it must be noted that if the applicable laws/regulations/financial reporting framework does
not prohibit the management from restricting the amendment of financial statements to the effect
of subsequent events, the auditor is permitted to restrict the audit procedures on subsequent
events to that amendment. In such a case the auditor shall:
• Amend the audit report to include an additional date restricted to that amendment
• Provide a new or amended audit report that contains an Emphasis of matter or other
matter paragraph which conveys that the auditor’ procedures on subsequent events are
restricted solely to amendments of financial statements.
Facts which became known to the auditor after the financial statements have been issued:
Time frame as per our case: This covers facts that become known to the auditor 15 April 2019.
• The auditor has no obligation to perform any audit procedure regarding such financial
statements.
• However if a fact becomes known to the auditor that has it been known to the auditor on
the date of the auditor’s report, may have caused the auditor to amend the auditor’s report
(refer the meaning of amendment of auditor’s report in the above section), the auditor
shall:
✓ Discuss the matter with the management.
✓ Determine whether the financial statements need to be amended.
✓ Inquire how the management intends to address the matter in the financial
statements.
• If the management amends the financial statements, the auditor shall:
✓ Carry out the audit procedures necessary in the circumstances on the amendment
✓ Review the steps taken by the management to ensure that anyone in receipt of the
previously issued financial statements together with the auditor’s report thereon
is informed of the situation.
✓ Extend the audit procedures to the date of the new auditor’ report.
✓ Provide a new auditor’s report on the amended financial statements
• In the amended auditor’s report , emphasis of matter paragraph referring to a note to the
financial statements that discussed the reason of amendment in financial statements
should be included.
Laundry list of specific inquiries to be made from the management:
1. Whether new commitments, borrowings or guarantees have been entered into

2. Whether sales or acquisitions of assets have occurred or are planned
3. Whether there have been increases in capital or issuance of debt instruments such as the
issue of new shares or debentures or an agreement to merge or liquidate has been made
or is planned
4. Whether any assets have been appropriated by government or destroyed, for example by
fire or flood.
5. Whether there have been any developments regarding contingencies
6. Whether any unusual accounting adjustments have been made or are contemplated
7. Whether any events have occurred or are likely to occur that will bring into question the
appropriateness of accounting policies used in the financial statements
8. Whether any events have occurred that are relevant to the to the measurement of
estimates or provisions made in the financial statements
9. Whether any events have occurred that are relevant to the recoverability of assets.
Going concern as a basis of accounting
Under the going concern basis of accounting the financial statements are prepared on the
assumption that the entity will continue its operations for the foreseeable future.
The foreseeable future is considered to be a period of 12 months from the date of the financial
statements. In simple terms, going concern is an assumption that the entity will not shut shop within
the next 12 months. In such a case the assets and liabilities are reported at their carrying values
–
a. For assets : the values that the entity expects to recover from their application in business
b. For liabilities: the value that the entity is obligated to repay
In case the going concern assumption does not hold true i.e. the entity intends to shut shop within
the immediate next 12 months, it is a clear indication that –
a. the entity intends to dispose off the assets rather than apply them in business
b. use the proceeds of these assets to repay liabilities.
In such a case the financial statements are not prepared by reporting assets and liabilities at their
carrying value rather they are made by reporting the assets and liabilities at their recoverable
values.
General purpose financial statements are prepared using the going concern basis of accounting,
unless management intends to liquidate the entity or to cease operations or has no realistic
alternative but to do so.
Special purpose financial statements may or may not be prepared in accordance with a financial
reporting framework for which the going concern assumption is relevant.
When the going basis of accounting is appropriate, assets and liabilities are recorded on the basis
that the entity will be able to realize its assets and discharge its liabilities in the normal course of
business.
Management and Auditor’s responsibility for going concern:

Responsibility
Management Auditor
- Assess the ability of the entity to - To obtain SAAE regarding the
continue as a going concern even if the appropriateness of the going concern
financial reporting framework does basis of accounting in the preparation
not include an explicit requirement to of financial statements
do so. - To conclude based on the audit
- Make judgements at a particular point evidence obtained, whether a material
in time about inherently uncertain uncertainty exists about the entity’s
future outcomes of events or ability to continue as a going concern
conditions. The following factors are - These responsibilities exist even if the
relevant to that judgement: financial reporting framework used in
a. Degree if uncertainty associated the preparation of the financial
with the out come of an event or statements does not include an explicit
condition requirement for management to make
b. Size and complexity of the entity, a specific assessment of the entity’s

the nature and conditions of its ability to continue as a going concern
business and the degree to which - Absence of any reference to a material
it is affected by external factors uncertainty about the entity’s ability to
c. Information available at the time continue as a going concern in an
at which the judgement is made. auditor’s report cannot be viewed as a
d. Subsequent events may result in guarantee as to the entity’s ability to
outcomes that are inconsistent continue as a going concern.
with judgements that were - Carry out additional audit procedures
reasonable at the time they were when events or conditions that cast a
made. doubt on the going concern basis of
accounting are identified.
(Discussed below)
Going concern disclosures required to be made by Directors:
• Any material uncertainty regarding the future of the company should be disclosed by the
directors in the financial statements.
Material uncertainty exists when the:
✓ Magnitude of potential impact; and
✓ Likelihood of occurrence
Are such that a disclosure of the same is necessary to ensure fair presentation of
the financial information.
Disclosures in case of a material uncertainty should allow the users of financial information to
understand the following:
▪ The principle events or conditions that cast a significant doubt on the entity’s ability
to continue as a going concern
▪ Management’s plans to deal with these events
▪ The inability of the company to realize (sell) its assets and discharge its liabilities in
the normal course of business.
• Inability to assess the going concern assumption in the usual way
In case the directors have been unable to assess the going concern basis of accounting i.e.,
they have not been able to assess whether the company has the potential to exist beyond
12 months of the balance sheet date – this inability should be disclosed.
• Wherever the going concern assumption hods true, the financial statements are prepared
on a going concern basis. However, in cases where the going concern assumption does not
hold true, the financial statements are prepared on a realizable value basis.
Audit procedures when events or conditions that cast a doubt on the going concern basis of
accounting are identified:
If events or conditions have been identified that may cast a doubt on the entity’s ability to continue
as a going concern, the auditor shall obtain SAAE to determine whether or not a material
uncertainty exists related to events or conditions that may cast a significant doubt on the entity’s
ability to continue as a going concern through performing additional audit procedures, including
consideration of mitigation factors. These procedures will include:
a. Where the management has not yet performed an assessment of the entity’s ability to
continue as a going concern, requesting management to make its assessment.
b. Evaluating management’s plans for future actions, whether the outcome of these plans is
likely to improve the situation and whether management’s plans are feasible in the
circumstances.
c. Where the entity has prepared a cash flow forecast, evaluate the reliability of the
underlying data used to prepare the forecast and determine whether there is adequate
support for the assumptions underlying the forecast.
d. Considering whether any additional facts or information have become available since the
date on which the management made its assessment.
e. Requesting written representations from management and where appropriate those
charged with governance regarding their plans for future actions and feasibility of these
plans.
Additional procedures:
1. Analysing and discussing cash flow, profit and other relevant forecasts with management
2. Analysing and discussing the entity’s latest available interim financial statements
3. Reading the terms of debentures and loan agreements and determining whether any have
been breached.
4. Reading minutes of the meeting of shareholders, Those charged with governance and
relevant committees for reference to financing difficulties.
5. Inquiring of the entity’s legal counsel regarding the existence of litigation and claims and
the reasonableness of management’s assessment of their outcome and the estimate of
their financial implications.
6. Confirming the existence, legality and enforceability of arrangements to provide or
maintain financial support with related and third parties and assessing the financial ability
of such parties to provide additional funds
7. Evaluating the entity’s plans to deal with unfulfilled customer orders.
8. Performing audit procedures regarding subsequent events to identify those that either
mitigate or otherwise affect the entity’s ability to continue as a going concern.
9. Confirming the existence, terms and adequacy of borrowing facilities.
10. Obtaining and reviewing reports of regulatory actions.
11. Determining the adequacy of support for any planned disposal of assets.
If the financial statements have been prepared using the going concern basis of accounting but in
the auditor’s judgement, the management’s use of the going concern basis of accounting in the
preparation of the financial statements is inappropriate, the auditor shall express an adverse
opinion.
Events that may cast a significant doubt about the going concern assumption:
Financial events Operating events Other events

- Net liability or net - Management - Non-compliance with
current liability intention to liquidate capital or statutory
position the entity or to cease requirements
- Fixed term borrowings operations - Pending legal or
approaching maturity - Loss of key regulatory
without realistic managerial persons proceedings against
prospects of renewal without replacement the entity that may if
or repayment - Loss of a major successful result in
- Excessive reliance on market, key claims that the entity
short term borrowings customers, franchise, is unlikely to be able
to finance long term license or principal to satisfy
assets suppliers - Changes in law or
- Indications of - Labour difficulties regulation or
withdrawal of financial - Shortages of government policy
support by creditors important supplies expected to adversely
- Negative operating - Emergence of a highly affect the entity
cash flows indicated by successful competitor - Uninsured or under
historical or insured catastrophes
prospective financial when they occur
statements
- Adverse key financial
ratios
- Substantial operating
losses or significant
deterioration in the
value of assets used to
generate cash flows
- Arrears or
discontinuance of
dividends
- Inability to pay
creditors on due dates
- Inability to comply
with terms of loan
agreements
- Change from credit to
cash on delivery
transactions with
suppliers
- Inability to obtain
financing for essential
new product
development or other
essential investments
Implications of going concern as the basis of presenting financial statements on the audit report:
Material uncertainty regarding the going Audit opinion stands modified

concern assumption is not adequately disclosed
Directors do not present financial statements Audit opinion stands modified
on an appropriate basis – i.e.
• Going concern assumption is not
applied when it should be; or
• Going concern assumption is applied
when it should not be
Going concern uncertainties are properly Unmodified opinion is issued with additional
disclosed communication
Overall review of financial statements before issuance of the audit opinion
Prior to issuing the audit opinion, the auditor shall conduct a final overall review of the financial
statements. This shall include:
• Compliance check to ensure that all applicable laws and regulations for the time being in
force have been complied with in the preparation of the financial statements.
• Check to ensure that all the applicable financial reporting frameworks have been complied
with in the preparation of the financial statements.
• All bases of conclusion of the audit opinion are adequately reflected in the financial
statements
• Analytical procedures to ensure that the financial statements are consistent with the
auditor’s understanding of the entity.
• Review and check of the uncorrected misstatements to assess whether a material
misstatement arises in case these uncorrected items are aggregated. In case this risk exists,
the auditor shall discuss the same with the management.
Evaluation of misstatements identified during the audit
A misstatement maybe defined as a difference between amounts, classification, presentation or

disclosure of a reported financial statement item and the amount, classification, presentation or
disclosure that is required for the item to be in accordance with the applicable financial reporting
framework. Misstatements can arise due to fraud to error.
Misstatements that the auditor has accumulated during the audit and that have not been corrected
are called uncorrected misstatements.
The objective of the auditor with respect to misstatements is to evaluate:
a. The effect of identified misstatements in the audit

b. The effect of uncorrected misstatements if any on the financial statements
The auditor shall accumulate misstatements identified during the audit other than those that are
clearly trivial.
Causes of Misstatements:
Misstatements may result from:
a. An inaccuracy in gathering or processing data from which financial statements are prepared
b. An omission of an amount or disclosure
c. An incorrect accounting estimate arising from overlooking, or clear misrepresentation of
facts
d. Judgements of management concerning accounting estimates that the auditor considers
unreasonable or the selection and application of accounting policies that the auditor
considers inappropriate
Consideration of identified misstatements as the audit progresses:
The auditor shall determine whether the overall audit strategy and audit plan need to be revised if:
a. The nature of identified misstatement s and the circumstances of their occurrence indicate
that ither misstatements may exist that, when aggregated with misstatements
accumulated during the audit, could be material.
b. The aggregate of misstatements accumulated during the audit approaches materiality
determined during the phase of audit planning.
If at the auditor’s request, management has examined a class if transaction, account balance or
disclosure and corrected misstatements that were detected, the auditor shall perform additional
audit procedures to determine whether misstatements remain.
Communication and correction of misstatements:
• The auditor shall communicate on a timely basis all misstatements accumulated during the
audit with the appropriate level of management and shall request management to correct
those misstatements
• If the management refuses to correct some or all of the misstatements communicated by
the auditor, the auditor shall obtain an understanding of the management’s reasons for not
making the corrections.
Evaluating the effect of uncorrected misstatements:
1. Prior to evaluating the effect of uncorrected misstatements, the auditor shall reassess
materiality determines in accordance to the audit plan to confirm whether it remains
appropriate in the context of the entity’s financial results.
2. The auditor shall determine whether the uncorrected misstatements are material
individually or in aggregate having regard to the following:
a. The size and nature of misstatements, both in relation to particular classes of
transactions, account balances or disclosures and the financial statements as a whole
and the particular circumstances of their occurrence; and

b. The effect of uncorrected misstatements related to prior periods on the relevant
classes of transactions, account balances or disclosures, and the financial statements
as a whole.
Written representation:
The auditor shall request a written representation from management and where appropriate those
charged with governance whether they believe the effects of uncorrected misstatements are
immaterial, individually and in aggregate to the financial statements as a whole. A summary of such
items shall be included in or attached to the written representation.
Communication with those charged with governance
• The auditor shall communicate with those charged with governance uncorrected
misstatements and the effect that they individually or in aggregate may have on the opinion
in the auditor’s report, unless prohibited by law or regulation with a request that
uncorrected misstatements be corrected.
• The auditor shall also communicate with those charged with governance the effect of
uncorrected misstatements related to prior periods on the relevant classes of transactions,
account balances or disclosures, and the financial statements as a whole.
Documentation:
Audit documentation for the evaluation of misstatements shall include:
• The amount below which misstatements would be regarded as clearly trivial

• All misstatements accumulated during the audit and whether they have been corrected
• The auditor’s conclusion as to whether uncorrected misstatements are material,
individually or in aggregate, and the basis for that conclusion.
Written representations (WR)
A written representation is a statement by the management provided to the auditor to confirm

certain matters or to support other audit evidence. Written representations in this context do not
include:
a. Financial statements
b. Financial statement assertions
c. Supporting books or records
Written representations are necessary information that the auditor requires in connection with the
audit, hence they are recognized as audit evidence as a response to inquiries.
Although written representations provide necessary audit evidence, they do not provide sufficient
and appropriate audit evidence on their own about the matters with which they deal or represent.
The reliability of the auditor on written representations is dictated by the prevalent effectiveness
of internal control. This is summarized as under:
Effectiveness of Control Risk Degree of Need to acquire Overall degree

internal controls reliability on SAAE from of audit risk if
written external WR are relied
representations sources upon
High Low High Low Low
Low High Low High High
Auditor’s role while dealing with written representations:
• Obtain written representations form management that the management believes that it
has fulfilled its fundamental responsibilities (discussed below).
• To support audit evidence relevant to the financial statements or specific assertions in the
financial statements by means of written representations, if determined necessary by the
auditor or if required under other standards of auditing.
• To respond appropriately to written representations provided by management or if

management does not provide written representations requested by the auditor.
Written representations pertaining to management responsibilities:
Management Responsibilities with respect to

Preparation and presentation Information provided to the Description of management
of Financial Statements auditor responsibilities in the written
representations
Written representations Written representation Written representations must
specifying that the specifying that the describe the management
management has fulfilled its management has provided responsibilities in the manner
responsibility for the the auditor with all relevant in which these responsibilities
preparation and presentation information agreed in the are described in the terms of
of financial statements as per terms of audit engagement the audit engagement
the applicable financial and that all transactions have
reporting framework been recorded and are
reflected in the financial
statements
Date of WR and periods covered by WR:
• The date of WR should be as near as possible to the date of the auditor’s report. However,
it should not be after the date of the auditor’s report. The WR shall be for all financial
statements and periods referred to in the audit report.
• IN some circumstances it may be appropriate for the auditor to obtain a WR about a

specific assertion in the financial statements during the course of the audit. Where this is
the case, it maybe necessary to request an updated WR.
• The WR are for all periods referred to in the auditor’s report because management needs
to reaffirm that the WR it previously made with respect to the prior periods remain
appropriate. The auditor and the management may agree to a form/format of WR that
updates the WR relating to the prior periods by addressing whether there are any changes
to such WR and if so what they are.
• Situations may arise where current management were not present during all periods
referred to in the auditor’s report. Such newly appointed management persons may assert
they are not in a position to provide some or all of the WR because they are not in place
during the period. This fact however does not diminish such person’s responsibilities for
the financial statements as a whole. Accordingly, the requirement for the auditor to request
from the WR that cover the whole of the relevant period still applies.
Form/Format of written representations:
• The WR shall be in the form of a representation letter addressed to the auditor.
• If law or regulation requires management to make written public statements about

responsibilities, the relevant matters covered by such statements need not be included in
the representation letter.
Auditor’s duties when reliability of written representations is doubtful:
• If the auditor has concerns about the competence, integrity, ethical values or diligence of
the management, the auditor shall determine the effect on the reliability of the WR and
audit evidence in general.
• In particular if WR are inconsistent with other audit evidence, the auditor shall perform
audit procedures to attempt to resolve the matter.
• If the auditor concludes that the WR are not reliable, the auditor shall take appropriate
action which includes determining the impact on the opinion.
• If the auditor believes that there is sufficient doubt about the integrity of management, he
shall issue a disclaimer of opinion.
Auditor’s duties when requested written representation is not provided:
• The auditor shall discuss the matter with the management.
• The auditor shall re-evaluate the integrity and reliability of the management.
• The auditor shall appropriate action including determining possible effects on the opinion
• Under these circumstances the auditor shall issue a disclaimer of opinion.

Chapter 12: Reporting 220
Chapter 12: Reporting
Table of contents:
1. Objectives of the independent auditor’s report
2. Title and addressee
3. Auditor’s opinion
4. Basis for opinion
5. Key Audit Matters Section
6. Additional Communications:
- Material uncertainty related to going concern
- Emphasis of matter
- Other matter
7. Other information section
8. Responsibilities of the management and the auditor
9. Report on other legal and regulatory requirements
10. Signature, auditor’s address and date
11. Communicating with those charged with governance (TCWG)
Commonly used abbreviations:

• SAAE : Sufficient and appropriate audit evidence
Objectives of the independent auditor’s report
Remember the good old days of school? The summer holidays and the joys it brought it along? But
before the summer holidays came the open house – where your annual performance report card
was handed over to you. The report card communicated to you and your parents the quality of your
academic performance and areas of improvement, if any. It was a statement issued by the school
to your stakeholders regarding your performance. An audit report is just like an annual performance
report; however, it does not touch upon areas of improvement. The audit report only
communicates whether the financial statements are reliable – whether they transparently depict
every material event, transaction and account balance that was affected throughout the year. This
report increases the communicative appeal of the financial statements.
The audit report is a word of assurance on whether the users of financial information can place
their reliance on the financial statements and the information communicated there in to make
decisions regatrding their participation and association with the reporting entity.
The audit report signifies the completion of the audit process and underscores the auditor’s
objectives of:
a. Forming an opinion on the financial statements based on an evaluation of conclusions

drawn from the audit evidence obtained
b. Expressing the opinion clearly through a written report.
The report has various heading and sub-headings which are elaborately discussed in this lesson.
Finally, the audit report boils down to just one thing –Whether or not the financial statements have
been prepared in all material respects as per the applicable financial reporting framework.
The audit report is broken down in the following sections, each of which has been discussed in the
course of this lesson:
• Title and addressee

• Auditor’s opinion
• Basis for opinion
• Key Audit Matters Section
• Additional Communications:
- Material uncertainty related to going concern
- Emphasis of matter
- Other matter
• Other information section
• Responsibilities of the management and the auditor
• Communicating with those charged with governance (discussed separately in the lesson)
• Report on other legal and regulatory requirements
• Signature, auditor’s address and date
Title and Addressee
• The title of the audit report identifies the report as an Independent Auditor’s report
• The auditor identifies the intended user of the report and show to whom to auditor owes
a duty of transparent reporting and care
The process of audit and the conclusive audit report:
The process of audit is executed in four stages, namely:
• Stage 1: Audit execution planning

• Stage 2: Audit risk and internal control evaluation
• Stage 3: Testing and evidence collection
• Stage 4: Reporting
(Stages 1-3 have been discussed in our previous chapters and this lesson is focused on the final stage of Reporting.)
The stage of reporting has a two-fold objective for the auditor:
1. To form an opinion on the financial statements based on evaluation of conclusions drawn

based on the audit evidence acquired; and
2. To clearly express this opinion through a written report that also describes the basis for
the opinion.
The process of audit is completed when the auditor submits the “Audit Report”. The audit report
contains the auditor’s opinion on the financial statements. The auditor’s opinion is driven by
whether the financial statements are prepared in all material respects in accordance to the
applicable financial reporting framework.
To form this opinion, the auditor needs to conclude as to whether he has obtained reasonable
assurance that the financial statements as a whole are free of material misstatements, whether
due to fraud or error. This conclusion takes into account:
1. Whether SAAE has been obtained
2. Whether uncorrected misstatements either individually or in aggregate are material
An audit report conclusively communicates to all users of the financial statements, the auditor’s
opinion on those financial statements. This conclusion pronounces whether the financial
statements give a true and fair view.
The preparation of financial statements requires compliance with the prescriptions of the
financial reporting framework. In order to ensure the financial statements meet the information
requirements of a wide array of stakeholders and users of financial information, the management
maybe required to provide disclosures beyond those specifically required by the applicable
framework.
Auditor’s opinion
The auditor’s opinion is a conclusive communication on whether the financial statements present
a true and fair view. This opinion needs to be absolute and sacrosanct. However, it must be
appreciated that audit is a subjective process driven by the professional judgement of the auditor.
Hence, this opinion to be issued is categorized as under:
a. Unmodified Opinion (No further sub-categories)

b. Modified Opinion (Three sub-categories discussed below)
Unmodified Opinion:
An Unmodified opinion on the financial statements is issued by the auditor when, based on the
SAAE acquired, when the auditor holistically concludes that:
1. The financial statements are prepared in all material aspects in accordance with the
applicable financial reporting framework; and
2. The financial statements are presented fairly in all material respects in accordance with
the applicable financial reporting framework.
For the auditor’s opinion to be unmodified, the following conditions must be satisfied:
1. The financial statements adequately disclose all significant accounting policies.

For instance, the management’s decision to apply the revaluation model to report
Property, plant and equipment along with the frequency with which the revaluation is
conducted must be adequately disclosed.
2. The accounting policies must be appropriate and consistently applied.

Once the management of the reporting entity chooses to apply the revaluation model, this
model should be consistently applied for all future accounting periods. Only in cases where
this accounting policy does not fairly present management assertions and financial
information, should there be a change.
3. The accounting estimates made by the management must be reasonable.

The useful life of tangible and intangible assets is a matter of management estimate and
judgement driven by the utility of the asset operations and administration. These
estimates of useful life should be reasonable and should be supported with suitable
technical evaluation.
4. Information presented in the financial statements should be relevant, reliable,

comparable and understandable.
Investors, lenders, suppliers, etc. base their participative decisions on the information
reported in the financial statements. Hence this information should be such that it enables
sound decision making which can be done by using trend analysis, ratio analysis, common
size and comparative financial analysis, etc.
5. The financial statements should provide adequate disclosures to enable the users of
financial statements to understand the effect of material transactions and events.
Material events like the launch of a new product segment/service line or diversification in
a new sphere of activity , large revenue generating transactions of a recurring or non-
recurring nature should be distinctly highlighted to provide decision making basis for users
of financial information.
6. The terminology used in financial statements must be appropriate.

Modified Opinion:
A modified opinion is issued in the following circumstances:
a. The auditor based on the audit evidence obtained concludes that the financial statements
as a whole are not free from material misstatements. This maybe due to one of all of the
following reasons:
• Inappropriate selection of accounting policies
A manufacturing entity which produces distinct and separable units of goods opts
to value inventory by the application of weighted average method as opposed to
FIFO.
• Inappropriate application of selected accounting policies
A reporting entity using the revaluation model inaccurately credits the first/ initial
revaluation gain to the income statement as opposed to the accurate treatment of
crediting the same to the statement of other comprehensive income.
• Inappropriate or inadequate disclosures in the financial statements
A fixed asset register that does not disclose the amount of accumulated
depreciation for each class of asset from the date of purchase to the date of
presentation of financial statements.
b. The auditor is unable to obtain SAAE to conclude that the financial statements as a whole
are free from material misstatements owing to the following reasons:
• Limitations imposed by the management

The following are instances of limitations imposed by the management:
➢ Management prevents the auditor from observing the counting of physical inventory
➢ Management prevents the auditor from requesting external confirmation of specific
account balances
• Circumstances beyond the entity’s control
The following are examples of circumstances beyond the entity’s control:
➢ The entity’s accounting records gave been destroyed

➢ The accounting records of a significant component such as a material subsidiary have
been ceased indefinitely by the government
• Circumstances related to the nature and timing of the auditor’s work
The following are instances where the nature and timing of the auditor’s work preclude the
auditor from acquiring SAAE:
➢ In cases where the entity is able to exercise significant influence it is required to apply
the equity method of accounting however the auditor is unable to obtain SAAE to
determine whether the equity method has been appropriately applied.
➢ The timing of the auditor’s appointment is such that the auditor is unable to observe
the counting of the physical inventories.
The above circumstances result in the financial statements as a whole not being free from material
misstatements. The above instances arise in cases where the reporting entity has not complied with
the applicable financial reporting framework owing to which the financial statements do not
present a true and fair view.
Alternatively, it may so happen that the auditor is unable to acquire SAAE. This inability to acquire
SAAE leaves the auditor not being able to conclude whether or not the financial statements are
materially misstated. This automatically leads to a doubt in the auditor’s judgement regarding
whether the financial statements present a true and fair view.
In cases where the financial statements do not present a true and fair view or where the auditor
is unable to conclude owing to the lack of SAAE, the auditor issues a modified opinion.
Modifications to the audit opinion are of three types, depending on the nature of material
misstatement:
1. Qualified opinion.
2. Adverse opinion.
3. Disclaimer of opinion.
De-jargonizing Pervasiveness:
Negative nonetheless but imagine, a patient who has contracted an infection. The degree and
quantum of treatment and medication depend on the severity of the infection and the spread in
the body of the patient. Now, the infection could be restricted to a specific part of the body i.e. it
has not spread. However, the infection being localized can result in the spread being contained or
that specific part of the body being severely damaged. A severe infection that has spread across the
body of a patient calls for more serious medical examination and supervisory care. In general, the
medical course of action is dictated by:
A. The spread of the infection across the patient’s body.

B. The containment of the infection in a specific part of the body and the extent of damage it
has caused there to.
C. The degree of spread across the body and the damage it has or can cause elsewhere
Just as we as human beings are affected by infections, financial statements are impacted and
affected by Misstatements.
Misstatements are infection to the financial statements that are caused due to fraud or error or
both. The natural defence mechanism of the financial statements, like our immune system, is an
effectively operating system of internal control. The quantum of the spread and impact on financial
statements owing to the misstatements is measured using a metric called “pervasiveness.”
A matter is considered to be pervasive if in the auditor’s judgement:
• The effects of the misstatement are not confined to specific elements, accounts or items of
the financial statements
• If so confined they represent or could represent a substantial portion of the financial
statements
• In relation to disclosures are fundamental to user;s understanding of the financial
statements.
A pervasive matter must be fundamental to the financial statements, therefore rendering them
unreliable as a whole.
Qualified Opinion:
A qualified opinion is issued in both:
a. Situations where the auditor acquires SAAE;

b. Situations where the auditor is unable to acquire SAAE
Qualified opinion in situations where the auditor is able to acquire SAAE:
On the basis of SAAE the auditor concludes that the misstatements individually or in aggregate are
material but not pervasive.
Qualified opinion in situations where the auditor is unable to acquire SAAE:
The auditor is unable to acquire SAAE on which he can base his opinion. However, the auditor’s
professional judgement leads him to conclude that even if not detected the effects of
misstatements on the financial statements could be material but not pervasive.
Adverse Opinion:
To issue an adverse opinion it is a must that SAAE be acquired.
Since an adverse opinion takes into consideration both the materiality and pervasiveness of the
misstatement, it cannot be issued unless SAAE has been acquired by the auditor.
An adverse opinion is issued when the misstatements identified by the auditor are both material
as well as pervasive.
Disclaimer of opinion – to be or not to be ?
A disclaimer of opinion is issued in cases where the auditor is unable to acquire SAAE on which to
base the opinion. The lack of SAAE leads to an inconclusiveness as there maybe misstatements
that are still undetected. These undetected misstatements can be both material as well as
pervasive.
In such a scenario, the auditor is unable to express an opinion on the financial statements. This
inability to express an opinion arises on account of not being able to assess the cumulative effect
of undetected misstatements on the overall view that financial statements present.
Examples of scenarios where the auditor is unable to acquire SAAE are as under:
1. Failure by the reporting entity to maintain adequate accounting records

2. Refusal by the management to provide written representation
3. Failure by the client to provide evidence over a single balance which represents a
substantial proportion of the assets or profits or over multiple balances in financial
statements.
Basis of Opinion
The basis for opinion is the professional standards that the auditor has followed in order to be
able to form his opinion, whether unmodified or modified, on the financial statements. When the
auditor modifies his opinion, the basis for opinion section will explain the reason why the opinion
has been modified – which balance or transaction was misleading, materially misstated or lacked
SAAE.
The basis of arriving upon an audit opinion has been discussed in the table below:
Sr. Was SAAE Do MMS Are the Audit Nature of Short Cut
No acquired? exist based MMS Opinion Modification
on SAAE Pervasive in
acquired? their
impact?
1 Yes No No Unmodified Not True and Fair
applicable as:
1. There are no
MMS
2. Financial
statements
comply with
applicable
financial
reporting
framework
2 Yes Yes No Modified Qualified Material but
Opinion Not Pervasive
3 No The auditor The auditor Modified Qualified Material but
based on his based on his Opinion Not Pervasive
professional professional
judgement judgement
opines that opines that
undetected the
MMS exist. undetected
There is no MMS are
SAAE to not
prove this Pervasive
4 Yes Yes Yes Modified Adverse Material and
Opinion Pervasive
5 No They may or They may or Modified Disclaimer of Cannot
may not may not be Opinion determine /
exist – the Pervasive– Cannot issue an
auditor is the auditor opinion
unable to is unable to
determine determine
MMS – Material Misstatement

Key Audit Matters: (Applicable only for listed entities)
Key audit matters are those matters that, in the auditor’s professional judgement, were of most
significance in the audit of the financial statements of the current period. These matters are
selected from matters communicated with those charged with governance. In the process of
understanding what KAM actually are, we should understand what they are not.
Key Audit matters are not:
1. A substitute for the auditor expressing a modified opinion when the same is required as
per the circumstances of a specific audit engagement.
2. A separate opinion on individual matters
3. A substitute for disclosures in the financial statements that the financial reporting
framework requires management to make, or that are otherwise necessary to achieve fair
presentation.
In simple terms, KAM are not events or circumstances that lead to a modified opinion. These events
are however of such utmost significance in the professional judgement of the auditor that they are
specifically highlighted in the audit report for users of financial information to take note of.
Purpose of communication of KAM:
1. To enhance the communicative value of the auditor’s report by providing greater

transparency about the audit that was performed.
2. To provide additional information to intended users of financial statements to assist them
in understanding those matters that in the auditor’s professional judgement were of most
significance in the audit of the financial statements of the current period.
3. To assist intended users in understanding the entity and areas of significant management
judgement in the audited financial statements.
4. To provide a basis to further engage with the management and those charged with
governance about certain matters relating to:
a. The entity;
b. The audited financial statements;
c. Audit that was performed.
Communicating KAM:
The auditor shall describe each KAM, using an appropriate sub-heading, in a separate section of the
auditor’s report under the heading “Key Audit Matters”
The introductory language in this section of the auditor’s report shall state that:
a. KAM are those matter that in the auditor’s professional judgement were of most
significance in the audit of the financial statements of the current period; and
b. These matters were addressed in the context of the audit of the financial statements as a
whole, and in forming the auditor’s opinion thereon, and the auditor does not provide a
separate opinion on these matters.
The auditor shall communicate KAM with those charged with governance. Here the auditor
shall communicate why a specific matter or matters have been highlighted as KAM. In cases
where there are no KAM to communicate, the auditor shall convey the same to those charged
with governance.
Matters that are included in KAM:
We have clearly understood so far that KAM are not a substitute for modified opinions. They are
significant matters that the auditor chooses to additionally disclose in the auditor’s report to ensure
its better communicative value and support transparency and understanding of financial
information. The following is a list of matters that are generally included by the auditor as KAM:
• Significant fraud risk

• Measurement and reporting of goodwill
• Valuation of assets that rely on fair value for reporting such as financial instruments
• Revenue recognition
• Material provisions such as restricting, amalgamation, absorption, internal reconstruction
• Implementation of new information systems
• Areas that use significant auditor judgements
• Subsequent events
• Areas which in the auditor’s professional judgement pose a significant risk of material
misstatement.
Summary of KAM:
✓ Matters that give rise to a modified or adverse opinion or are matters of material
uncertainty are inherently KAM. However, they are not described in the KAM section of the
audit report.
✓ This is purely because the audit opinon section of the audit report amply clarifies these
matters and KAM deals with matters that are significant but do not require or invite
modifications.
✓ References can be drawn to the KAM section by the auditor while issuing a modified
opinion.
Additional Communications:
In certain circumstances auditors are required to make additional communication’s in the auditor’s
report event though the financial statements show a true and fair view. Issues requiring
communication include:
a. Uncertainties relating to the going concern basis of accounting (Has been discussed in
Lesson 11)
b. Emphasis of matter paragraph
c. Other matters paragraph
Emphasis of Matter (EOM):
Ever heard the term, “Stating the obvious”? Well, most of us choose not to state the obvious in
general conversational parlance. But when the obvious is quite important, it does not hurt to
“emphasize” upon it. The auditor does exactly that by the medium of the EOM paragraph.
EOM is an additional communication made in the auditor’s report. These communication are made
when the auditor considers it necessary to draw the attention of the users of financial information
to matters presented/disclosed in the financial statements that are of such importance that they
are fundamental to the users understanding of the financial statements.
EOM is a paragraph that is included in the auditor’s report. This paragraph draws reference to a
matter that has been appropriately presented/disclosed in the financial statements. However, in
the auditor’s professional judgement this matter is of such significance that it is fundamental for
users of financial statements and information to understand the same.
EOM is not a way to modify the audit opinion. EOM is used by the auditor to communicate
significant matters that are not:
a. Reasons for issuing a modified opinion

b. KAM to be separately communicated.
Matters that are covered in EOM:
We have clearly understood so far that EOM are not a substitute for modified opinions or KAMs.
They are significant matters that have been appropriately presented or disclosed that the auditor
chooses to additionally emphasize upon in the auditor’s report to ensure its better communicative
value and support transparency and understanding of financial information. The following is a list
of matters that are generally emphasized upon by the auditor in the EOM section:
➢ An uncertainty related to the future outcome of an unusually important or significant

litigation or regulatory action.
For instance, when Nestle was under trial in India for the allegation of harmful heavy metals
like benzene and arsenic being present in their flagship product Maggi noodles. The
outcome of this litigation was imperative for Maggi noodles to be allowed to manufactured
and sold in India.
➢ A significant subsequent event that occurs between the date of the financial statements
and the date of the auditor’s report.
For instance, a major debtor that has shown signs of irregularity in payments files for
bankruptcy.
➢ Early application of a new accounting standard.

IFRS 16: Leases become mandatorily applicable on or after 1 January 2019. However, many
IFRS implementing entities chose to adopt this standard earlier on due to the reporting
benefits it provided for disclosing operational leases in the books of the lessee.
➢ Major catastrophes that have a significant impact on the entity’s financial position.
Metinvest an international steel and mining group reported major losses owing to the
Russia-Ukraine war of 2022.
In case of all the examples listed in italics above, while the accounting treatment and
disclosures may have been as per the applicable financial reporting framework, the impact
of the events was so significant that the users of the financial statements simply had to be
appraised of these said events and occurrences.
Use of the EOM paragraph:
EOM paragraph is required in the following circumstances:
1. To describe a justified change in accounting principle or policy that has been dealt with
appropriately in the financial statements.
For instance an entity may opt to report its financial assets at Fair Value through the Income
statement as opposed to measuring the m at Amortized cost in case the intent of holding
undergoes a change.
2. Subsequently discovered facts that lead to a change in audit opinion.
Owing to additional SAAE the auditor may opine that the financial statements are indeed
materially misstated and may choose to qualify such financials. The evidence that resulted
in such a change in opinion can be disclosed in the EOM para.
3. Financial statements when prepared in accordance with a special purpose framework.
Placement of EOM para:
➢ Placement of the EOM para depends on the nature of information to be communicated.

➢ EOM para is included after the basis of opinion section
➢ In case the auditor wants to include KAMs, the EOM para maybe included before or after
such KAMs depending on the auditor’s professional judgement.
Summary of EOM para:
• EOM is not a means to highlight immaterial misstatements.

• EOM merely emphasizes on matters and events that have been appropriately
presented/disclosed.
• EOM is not used to modify the audit opinion
• EOM is not used to highlight matters already covered in KAM
• Whether to include a matter or event in EOM or KAM or Other Matters is driven by the
auditor’s professional judgement.
Other Matters (OM) paragraph:
OM is an additional communication made in the auditor’s report. These communications are made
when the auditor considers it necessary to draw the attention of the users of financial information
to matters not presented/disclosed in the financial statements that are of such importance that
they are fundamental to the users understanding of the financial statements.
OM is not a way to modify the audit opinion. OM is used by the auditor to communicate significant
matters that are not:
c. Reasons for issuing a modified opinion

d. KAM to be separately communicated.
Matters that are covered in OM:
We have clearly understood so far that OM are not a substitute for modified opinions or KAMs.
They are significant matters according to the auditor that have not been appropriately presented
or disclosed that the auditor chooses to additionally report in the auditor’s report to ensure its
better communicative value and support transparency and understanding of financial information.
The following is a list of matters that require communication via the OM section:
• Alerts in the audit report that restrict its usage.

• Subsequently discovered facts that lead to a change in audit opinion (Alternatively, EOM
may be used for such matters)
• The financial statements of the prior period were audited by a predecessor auditor and the
predecessor’s audit report is not reissued
• A report on compliance included in the auditor’s report on the financial statements
• Matters that under the law or generally accepted practice require or permit the auditors to
provide further explanation of their responsibilities.
• To communicate that the auditor’s report is intended solely dore the intended users and
should not be distributed to or used by other parties.
• To explain why the auditor has not resigned when a pervasive inability to obtain SAAE is
imposed buy je management
• To communicate audit planning and scoping matters where the law permits or requires.
• Where the entity prepares one set of accounts in accordance with a general-purpose
framework and another set-in accordance with a different one.
For instance, the holding company and consolidated financial statements are prepared as
IFRS while the subsidiary present in Munich resorts to German GAAP.
Placement of OM para:
• When the OM para is included to draw the user’s attention to a mater relating to other
reporting responsibilities addressed in the auditor’s report, the para maybe included in the
Report on Other Legal and Regulatory Requirements section.
• When relevant to all auditor’s responsibilities or user’s understanding of the auditor’s
report. The OM para may be included as a separate section following the Report on the
Other Legal and Regulatory Requirements.
Summary of OM para:
• OM is not a means to highlight immaterial misstatements.

• OM merely communicates matters and events that have been not been
presented/disclosed.
• OM is not used to modify the audit opinion
• OM is not used to highlight matters already covered in KAM
• Whether to include a matter or event in EOM or KAM or Other Matters is driven by the
auditor’s professional judgement.
Other information section
Other information refers to:
a. Financial information, other than the financial statements and auditor’s report thereon
b. Non-financial information, other than the financial statements and auditor’s report
thereon
Examples of other information include:
• Chair’s report
• Corporate social responsibility report and statements
• Operating and financial review
• Social and environmental reports
• Corporate governance statements
• Any other report or statement that adds value in understand the information contained in
the financial statements.
The other information section within the audit report:
• Identifies the ither information obtained by the auditor prior to the date of the auditor’s
report
• States that the auditor has not audited the other information and accordingly does not
express an opinion or conclusion on that information
• Includes a description of the auditor’ responsibilities with respect to other information
• States either that the auditor has nothing to repost or provides a description of any
identified material misstatement for additional articulation.
The final version of other information must be acquired before the date of the audit report. The
auditor must read the same to identify any:
a. Material inconsistencies with the financial statements.

b. Material inconsistencies with the knowledge that the auditor has gained in the course of
the audit.
If any material inconstancies are identified, the auditor shall:
a. Perform additional audit procedures to evaluate the inconsistency

b. Discuss the matter with management and request for correction
c. In case of refusal of the management to make the necessary correction, communicate the
matter with TCWG
d. If the matter stays uncorrected despite communicating with TCWG, the auditor shall
highlight the same in the other information section
In case the uncorrected inconsistencies cast a doubt in the mind of the auditor regarding the
integrity of the management, withdrawal form the audit engagement is advised.
Responsibilities of the management and the auditor
• This section highlights and demarcates the responsibilities of the auditor and the
management which leads to minimization of an expectation gap
• The management is responsible for the preparation of the financial statements as per the
applicable financial reporting framework. Furthermore, the management is also
responsible for maintaining the requisite degree of internal controls.
• The auditor is responsible to perform the audit of the financial statements and
communicate the opinion there on to all the users of financial information. The required
opinion is based on the considerations of:
✓ Risk assessment
✓ Internal control effectiveness
✓ Going concern basis of accounting
✓ Appropriate selection and application of accounting policies
Report on other legal and regulatory requirements
• Additional reporting responsibilities are highlighted here, if any

• Jurisdictional and supplementary legal or regulatory requirements of reporting are
covered here.
Signature, auditor’s address and date
Signature Identifies the audit form responsible for the auditor’s report and opinion.
In cases of listed companies, the report includes the name of the engagement
partner
Address Identifies the specific office of the engagement partner responsible for the report
in case of any queries
Date Identifies the date up to which the audit work has been performed.
Any information after this date is not considered by the auditor when forming
the opinion
Communicating matters with Those Charged with Governance (TCWG)
TCWG are those persons or organizations with responsibility for overseeing the strategic direction
of the entity and obligations related to the accountability of the entity. They include management
personnel.
For instance, in the case of all Tata group entities, Tata Sons acts as the principal holding and
governing entity. Tata Sons is the apex decision making authority for all Tata group entities like
Tata Power, Motors, Chemical, Motors Finance, Capital, Tata Consulting Services (to name a few)
Chairman Emeritus-
Mr. Ratan N. Tata
Chairman of the Board

Mr. Natarajan
Chandrashekharan
Board of Directors Board of Directors Board of Directors
Management Team Management Team Management team
This section of the lesson highlights the matters that the auditor of say Tata Motors Ltd. – CA
Shiraz Vastani of BSR & Co. LLP (KPMG) , would communicate with the Audit Committee of Tata
Motors, The Chairman of the Board of Tata Sons and the Chairman Emeritus of Tata Sons, all of
whom are charged with the governance of Tata Motors, the reporting entity.
The need and importance of the auditor communicating with TCWG:
Effective two-way communication between the auditor and TCWG plays a key role in assisting:
a. Auditor and TCWG in understanding matters related to the audit in context, and in
developing a constructive working relationship.
b. The auditor in obtaining from TCWG information relevant to the audit. For example,
TCWG may assist the auditor in understanding:
✓ The entity and its environment
✓ Appropriate sources of audit evidence
✓ Providing information about specific transactions or events
c. TCWG in fulfilling their responsibility to oversee the financial reporting process thereby
reducing the risk of material misstatement on the financial statements.
The process of communicating with TCWG enables the auditor to achieve the following
objectives:
a. To communicate clearly with TCWG responsibilities of auditor and planned scope and
timing of audit
b. To obtain from TCWG information relevant to audit
c. To provide TCWG with timely observations that are significant and relevant in overseeing
final reporting process
d. To promote effective two-way communication between the auditor and TCWG
Matters to be communicated with TCWG:
Auditor’s responsibility in relation to the financial statement audit:
The auditor shall communicate with TCWG that:

a. The auditor is responsible for forming and expressing an opinion on the financial
statements; and
b. The audit of financial statements does not relieve management and TCWG of their
responsibilities
Planned scope and timing of audit:
The auditor shall communicate with TCWG an overview of the planned` scope and timing
of the audit, which includes communicating about the significant risks identified by the
auditor. It may include:
a. How the auditor plans to address the significant risks of material misstatement
whether due to error or fraud.
b. How the auditor plans to address areas that have a higher assessed risk of material
misstatement
c. Auditor’s approach to internal control
d. Application of the concept of materiality
Significant findings from the audit:
The auditor shall communicate with TCWG:

a. The auditor’s views about the significant qualitative aspects of the entity’s accounting
practices, including:
- Accounting policies
- Accounting estimates
- Financial statement disclosures
b. Significant difficulties if any, encountered during the audit:

Examples of these difficulties include:
• Significant delays by management to provide required information
• An unnecessarily brief time within which to complete the audit
• Extensive unexpected effort required to obtain SAAE
• Unavailability of expected information
• Restrictions imposed on the auditor by the management
• Management’s unwillingness to make or extend its assessment of the entity’s ability to
continue as a going concern when requested
c. Unless all of TCWG are involved in managing the entity:

• Significant matters arising from the audit that were discussed, or subject tp
correspondence with management; and
• Written representations the auditor is requesting
d. Circumstances that affect the form and content of the auditor’s report, if any
e. Any significant matters that in the auditor’s professional judgement, are significant to
the oversight of the financial reporting process.
Auditor’s independence:
In case of listed entities, the auditor shall communicate with TCWG:
a. Statement that the engagement team and others in the firm have complied with
relevant ethical requirements regarding independence
b. All relationships and other matters between the firm, network firms, and the entity
that bear on independence; and
c. Related safeguards applied to eliminate identified threats to independence or reduce
them to an acceptable level.
Timing of communication with TCWG:
Stage of audit Matters to be communicated

Planning • Significant risks identified by the
auditor
• Auditor’s plan to address the identified
risks
• Auditor’s approach to internal control
relevant to the audit
• Application of materiality in context of
the audit
During the audit Any matter that must be communicated that
impacts the execution of the audit, ought to be
communicated without delay.
For instance, difficulty/challenges in acquiring
SAAE on which the audit opinion will be based.
Conclusion of the audit Major findings in the audit
Audit opinion including KAM, EOM, OM
The auditor must take care not to compromise the effectiveness of the audit by communicating
too much information about the planned scope and timing of the audit to such an extent that
the audit procedures become too predictable.
Summary of International Standard on Auditing (ISA) 242
Summary of International Standard on Auditing (ISA)
ISA 200 Overall Objectives of the Independent Auditor and the Conduct of an Audit in
Accordancewith International Standards on Auditing.
• To obtain reasonable assurance about whether the financial statements as a

whole are freefrom material misstatement, whether due to fraud or error.
• To express an opinion on whether the financial statements are prepared,
in all materialrespects, in accordance with an applicable financial
reporting framework.
• To report on the financial statements, and communicate as required
by the ISAs, inaccordance with the auditor's findings.
Responsibilities of management:
• Preparation of the financial statements in accordance with the applicable

financial reportingframework, including their fair presentation.
• Internal control is necessary to enable the preparation of financial statements
that are freefrom material misstatement, whether due to fraud or error.
• To provide the auditor with:
- Access to all information relevant to the preparation of the financial statements
- Unrestricted access to persons within the entity from whom the
auditor determines itnecessary to obtain evidence.
Risk:
• Audit: the risk of issuing an inappropriate opinion.

• Inherent: the susceptibility of an assertion about a class of transaction (e.g.
revenue) or account balance (e.g. receivables) to material misstatement
before the consideration of anyrelated internal controls.
• Control: the risk that material misstatement will not be prevented, detected or
corrected bythe entity’s internal control.
• Detection: the risk that audit procedures do not detect material misstatements.
An auditor must perform the audit with professional scepticism: an attitude that
includes a questioning mind, being alert to conditions which indicate possible
misstatement due to error orfraud, and a critical assessment of audit evidence.
Inherent limitations of audit:
Audit evidence is persuasive rather than conclusive because of:
• The nature of financial reporting

• The nature of audit procedures
• The need to conduct an audit within a reasonable time and at a reasonable cost.
ISA 210 Agreeing the Terms of Audit Engagements
The auditor should establish whether the preconditions for an audit are present:
• Determine whether an acceptable financial reporting framework is to be applied in the

preparation of the financial statements; and
• Obtain agreement of management that it acknowledges and understands its responsibilities.
Contents of engagement letter:
• Objective and scope of the audit.

• Responsibilities of the auditor.
• Responsibilities of management.
• Identification of the applicable financial reporting framework.
• Expected form and content of any reports to be issued.
ISA 220 Quality Control for an Audit of Financial Statements
The firm should have a system of quality control to ensure:
• Compliance with professional standards, and

• Reports issued are appropriate in the circumstances.
The engagement partner takes responsibility for the overall quality of the engagement, including the
direction, supervision and performance of the engagement.
An engagement quality control reviewer must be assigned for listed entities and high riskengagements
focusing on significant matters and areas involving significant judgment.
The firm's quality control processes must be monitored to ensure they are relevant, adequate and
operating effectively.
ISA 230 Audit Documentation
Objective of documentation:
• Evidence of the basis for the independent auditor's report

• Evidence that audit planned and performed in accordance with ISAs and legal/regulatory
requirements.
Audit documentation should enable an experienced independent auditor with no previous

connection to the audit to understand:
• Nature, timing & extent of audit procedures performed:

• Results of audit procedures performed.
• Significant conclusions and professional judgments made in reaching those conclusions.
ISA 240 The Auditor's Responsibilities Relating to Fraud in an Audit of Financial Statements
• Identify risks of material misstatement due to fraud.

• Obtain sufficient appropriate evidence regarding assessed risks.
• Respond appropriately to fraud or suspected fraud identified.
Definition: An intentional act involving the use of deception to obtain an unjust/illegal advantage.
Two types of fraud:
1. Fraudulent financial reporting.

2. Misappropriation of assets.
Audit procedures must be performed to:
• Test the appropriateness of journal entries.

• Review accounting estimates for bias.
• Identify significant transactions outside the normal course of business.
ISA 250 Consideration of Laws and Regulations in an Audit of Financial Statements
Auditor’s objectives:
• Obtain sufficient appropriate evidence regarding compliance with

provisions oflaws/regulations that may materially affect FS.
• Perform audit procedures to identify instances of non-compliance that may
materially affectFS.
• Respond appropriately to identified or suspected non-compliance during the audit.
ISA 260 Communication With Those Charged With Governance
Those charged with governance:
• Those with responsibility for overseeing the strategic direction of the entity.
Matters to be communicated:
• Auditor’s responsibility in relation to the FS audit

• Planned scope and timing of audit
• Significant findings from audit
• Auditor’s independence (listed companies).
ISA 265 Communicating Deficiencies in Internal Control to Those Charged with Governance and
Management
Reporting responsibilities:
• Significant deficiencies, to those charged with governance

• Significant deficiencies and other deficiencies, to an appropriate level of management.
What makes deficiencies significant?:
• Likelihood of material misstatement in the FS.

• Susceptibility to loss or fraud of the related asset.
• Volume of activity in the related account balance.
• Interaction of the deficiency with other deficiencies.
ISA 300 Planning an Audit of Financial Statements
Benefits of planning:
• Helps the auditor to devote appropriate attention to important areas of the audit.
• Helps identify and resolve potential problems on a timely basis.
• Assists in the selection of a suitable audit team.
• Helps the direction and supervision of the audit team.
• Assists the auditor to perform an efficient and effective audit.
Content of audit strategy:
• Characteristics of the engagement

• Reporting objectives (e.g. reporting timetable)
• Factors significant in directing the team’s efforts
• Results of preliminary engagement activities
• Nature, timing and extent of resources.
Content of audit plan:
Nature, timing and extent of:
• Planned risk assessment procedures.

• Planned further audit procedures at the assertion level.
• Other planned procedures are required to comply with ISAs.
ISA 315 Identifying and Assessing the Risks of Material Misstatement Through Understanding
the Entity and its Environment
Required understanding of entity and environment:
• Industry/regulatory factors affecting FS

• Nature of the entity:
- operations
- ownership and governance
- how it is financed.
• Accounting policies
• Objectives and strategies
• Financial performance.
Components of internal control:
• Control environment
• Entity’s risk assessment process
• Information system relevant to financial reporting
• Control activities
• Monitoring of controls.
Financial statement assertions:
• Transactions and events and related disclosures: Occurrence; completeness;

accuracy; cut-off; classification; presentation.
• Account balances and related disclosures: Existence; rights & obligations;
completeness;accuracy, valuation & allocation; classification; presentation.
ISA 320 Materiality in Planning and Performing an Audit
Materiality: Misstatements, including omissions, are considered to bematerial if they, individually or

in the aggregate, could reasonably be expected to influence the economic decisions of users taken
on the basis of the financial statements.
Performance materiality: An amount set at less than materiality for theFS as a whole, to reduce to an
appropriately low level the probability that the aggregate of uncorrected and undetected
misstatements exceeds materiality for the FS as a whole.
ISA 330 The Auditor's Responses to Assessed Risks
The auditor shall design and perform audit procedures whose nature,timing and extent are based
on and are responsive to the assessed risks of material misstatement.
Substantive procedures: To detect material misstatements at assertion level, comprising tests of

details and analytical procedures.
Test of controls: To evaluate the operating effectiveness of controls inpreventing, or detecting

and correcting material misstatements at theassertion level.
ISA 402 Audit Considerations Relating to an Entity Using a Service Organisation
The auditor of the user entity must obtain an understanding of the services provided by the
service organisation and their effect on the user entity’s internal control relevant to the audit,
sufficient to identify andassess the risks of material misstatement and perform audit procedures
responsive to those risks.
An understanding of the services provided by the service organisationmay be obtained from the
client.
If sufficient understanding is not obtained from the client, the auditorshould perform one or more
of the following procedures:
• Obtaining a type 1 or type 2 report

• Contacting the service organisation
• Visiting the service organisation and performing tests of controls
• Using another auditor to perform procedures and provide information
about the relevantcontrols.
ISA 450 Evaluation of Misstatements Identified During the Audit
A misstatement is:
A difference between the amount, classification, presentation, or disclosure of a reported
financial statement item and the amount, classification, presentation, or disclosure that is
required for the item to be in accordance with the applicable financial reportingframework.
Misstatements can arise from error or fraud.
Requirements:
• Accumulate misstatements identified during the audit.

• Determine whether the audit strategy and audit plan needs to be revised.
• Communicate all misstatements accumulated with the appropriate level of
management ona timely basis.
• Determine whether uncorrected misstatements are material. [11]
• Request a written representation that uncorrected misstatements are not
material. A summary of the uncorrected misstatements shall be included in
the written representation.
ISA 500 Audit Evidence
Characteristics:
• Sufficiency: measure of quantity, affected by quality of evidence and risk of material

misstatement.
• Appropriateness: measure of quality, linked to relevance and reliability.
Relevance: linked to FS assertions.
Reliability:
• Independent evidence is more reliable than client generated.

• Internally generated evidence is more reliable when related internal controls are effective.
• Evidence obtained directly by the auditor is more reliable than evidence obtained indirectly.
• Documentary evidence is more reliable than oral.
• Original documents are more reliable than copies or documents transformed
into electronicform.
Procedures:
• Inspection
• Observation
• External confirmation
• Recalculation
• Reperformance
• Analytical procedures
• Enquiry.
ISA 501 Audit Evidence – Specific Considerations for Selected Items
The auditor should obtain sufficient appropriate evidence regarding:
• Existence and condition of inventory.

• Completeness of litigation and claims involving the entity.
• Presentation and disclosure of segment information.
ISA 505 External Confirmations
External confirmations provide more persuasive evidence as the evidence is obtained directly by
the auditor from an independent source. This is important where there is a higher assessment of
auditrisk.
Definitions:
External confirmation – Audit evidence obtained by the auditor directly from a third party in
paperform or by electronic or other medium.
Positive confirmation request – A request for the third party to confirm whether they agree or
disagree with the information in the request, or provide the requested information.
Negative confirmation request – A request for the third party to respond directly to the auditor
onlyif they disagree with the information provided in the request.
ISA 520 Analytical Procedures
Definition:
Evaluation of financial information through analysis of plausible relationships among both

financial and non-financial data. May be used as a substantive procedure. Must be used at the
completion stage when forming an overall conclusion to ensure the financial statements are
consistent with theauditor's understanding of the entity.
ISA 530 Audit Sampling
Definitions:
• Audit sampling: The application of audit procedures to less than 100% of items within a
population to provide the auditor with a reasonable basis to draw conclusions on the
entirepopulation.
• Sampling risk: The risk the auditor’s conclusion based on the sample may be different
fromthe conclusion if the entire population were subjected to the same audit procedure.
• Non-sampling risk: The risk the auditor reaches an erroneous conclusion for any reason
notrelated to sampling risk.
• Statistical sampling: Random selection of the sample and the use of probability theory to
evaluate results.
• Tolerable misstatement: A monetary amount set by the auditor in respect of which the
auditor seeks to obtain an appropriate level of assurance that the monetary amount set
bythe auditor is not exceeded by the actual misstatement in the population.
Factors affecting sample sizes for substantive procedures:
• The higher the assessed risk of material misstatement, the larger the sample size.
• The more the auditor is relying on other procedures, the smaller the sample size.
• The greater the level of assurance the auditor requires, the larger the sample size.
• The lower the tolerable misstatement, the larger the sample size.
• The greater the amount of misstatement the auditor expects to find, the
larger the samplesize.
• When a population can be appropriately stratified, the aggregate of the
sample sizes will beless than the sample size if one sample had been tested
from the whole population.
• For large populations, the size of the population has little effect on the sample size.
ISA 540 (Revised) Auditing Accounting Estimates and Related Disclosures
Obtain sufficient and appropriate evidence about whether accounting estimates and related
disclosures are reasonable in the context of the financial reporting framework.
Audit procedures required will vary in relation to the estimation uncertainty.
Professional scepticism should be increased in relation to the assessed level of inherent risk, and
where accounting estimates are subject to a greater degree of estimation uncertainty.
The auditor is required to:
• Separately assess inherent risk and control risk to assess the risk of material misstatement.
• Respond to the risk of a material misstatement by:
- Reviewing events after the reporting period
- Testing how management made the estimate
- Developing an independent estimate
• Request written representation from management about whether the methods,
significantassumptions and data using in making the estimates are appropriate.
ISA 560 Subsequent Events
Obtain sufficient appropriate evidence about whether events occurring between the date of the
financial statements and the date of the auditor's report that require adjustment of or disclosure
inthe financial statements are appropriately reflected in those financial statements.
Between the date of the financial statements and the date of the auditor’s report, perform
procedures to identify events that require adjustment or disclosure in the financial statements.
No obligation to perform audit procedures after the date of the auditor’s report. If a fact becomes
known that would cause the auditor to amend the auditor’s report, discuss the matter with
management and determine whether the financial statements need amendment.
If an amendment is required and management do not amend the financial statements and then
issue the financial statements, the auditor must take action to prevent reliance on the auditor’s
report.
ISA 570 Going Concern
Auditor must:
• Obtain sufficient appropriate evidence regarding the appropriateness of management's

useof the going concern basis of accounting.
• Conclude whether a material uncertainty exists about the entity's ability to continue as a
going concern.
• Report in accordance with ISA 570.
ISA 580 Written Representations
Definition:
A written statement by management is provided to the auditor to confirm certain matters or to

support other audit evidence.
Contents:
• Management responsibility for the preparation of FS.

• Completeness of information provided to the auditor.
• All transactions recorded in FS.
• Plans that may affect the carrying value of the assets.
• As required by other ISAs
ISA 610 Using the Work of Internal Auditors
Evaluating the internal audit function:
• The extent to which the internal audit function's organisational status and
relevant policiesand procedures support the objectivity of the internal
auditors.
• The level of competence of the internal audit function.
• Whether the internal audit function applies a systematic and disciplined
approach, includingquality control.
Evaluating the internal audit work:
• The work was properly planned, performed, supervised, reviewed and documented.
• Sufficient appropriate evidence has been obtained.
• The conclusions reached are appropriate in the circumstances.
• The reports prepared are consistent with the work performed.
Using internal audit to provide direct assistance
The external auditor may use the internal audit function to providedirect assistance with the
external audit under the supervision andreview of the external auditor.
Direct assistance cannot be provided in countries where national law prohibits such assistance.
• Internal auditor must be objective and competent.

• External auditor must not assign work which is judgmental, a high
risk of materialmisstatement or with which the internal auditor has
been involved.
• External auditor must not use the internal auditor excessively.
• Management must agree not to intervene with the work.
• Internal auditor must observe confidentiality.
ISA 620 Using the Work of an Auditor's Expert
The auditor must:
• Evaluate the competence, capability and objectivity of the expert.

• Obtain an understanding of the field of expertise.
• Agree in writing the work to be performed.
• Evaluate the adequacy of the expert’s work for audit purposes.
ISA 700 (Revised) Forming an Opinion and Reporting on Financial Statements
Content of an independent auditor’s report:
• Title
• Addressee
• Auditor’s Opinion
• Basis for Opinion
• Going Concern
• Key Audit Matters (listed companies)
• Other Information
• Responsibilities of Management for the Financial Statements
• Auditor’s Responsibilities for the Audit of the Financial Statements
• Name of Engagement Partner (listed entities)
• Signature of the Auditor
• Auditor's address
• Date of the Auditor’s Report
ISA 701 Communicating Key Audit Matters in the Independent Auditor's Report
Key audit matters (KAM) Are those that in the auditor's professional judgment were of most
significance in the audit and are selected from matters communicated with those charged with
governance.
KAM include:
• Areas of higher assessed risk of material misstatement

• Significant auditor judgments relating to areas of significant management judgment
• Significant events of transactions that occurred during the period.
The description of each KAM will address:
1. Why it is considered a key audit matter

2. How the matter was addressed in the audit.
ISA 705 Modifications to the Audit Opinion in the Independent Auditor's Report
Definitions:
• Modified opinion: qualified, adverse or disclaimer of opinion

• Pervasive: not confined to specific elements or representing a substantial
proportion of asingle element
Modifications:
• FS as a whole is not free from material misstatement

I. Material but not pervasive: qualified
II. Material and pervasive: adverse
• Unable to obtain sufficient appropriate evidence

I. Material but not pervasive: qualified
II. Material and pervasive: disclaimer
When the auditor modifies the opinion, the basis for the opinion is amended to ‘Basis for
QualifiedOpinion’, ‘Basis for Adverse Opinion’ or ‘Basis for Disclaimer of Opinion’ as appropriate.
The ‘Basisfor...’ section includes a description of the matter giving rise to the modification.
ISA 706 Emphasis of Matter Paragraphs and Other Matter Paragraphs in the Independent
Auditor's Report
Emphasis of matter
Refers to matters appropriately presented or disclosed that are fundamental to the user’s
understanding of the other matters
• Refers to matters relevant to the user’s understanding of the audit, the auditor's
responsibilities or the auditor's report.
ISA 720 The Auditor’s Responsibilities Relating to Other Information in Documents Containing
Audited Financial Statements
Auditor responsibilities:
• Read other information to identify material inconsistencies with the FS or the auditor’s
knowledge which indicates material misstatement of the FS or the other information.
If an inconsistency is identified:
• Perform procedures to conclude whether it is the financial statements or the other

informationthat requires amendment.
• If other information is wrong, ask management to correct it.
• If the matter remains uncorrected, describe the inconsistency in the Other Information
section of the auditor’s report or withdraw from the engagement where withdrawal is
possible.
CHAPTER WI
SE
FULLLENGTH MOCKS
UNITTESTS

AA Dec23

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

AA Dec23

Uploaded by

Copyright:

Available Formats

WHYZELL?

Chapter 1: Introduction to Auditing ................................................................................................... 12

‘By the ACCA, for the ACCA’

For June 2023 to March 2024 examination sittings

Planning how to study

How to approach the exam

Syllabus wise study material

Apply Your Knowledge

Nimbus™ Preparation tools

Interactive notes with gamification

Question Bank & Test Series

Flashcards and Interactive mind maps for revision

Flashcards help students quiz themselves, which is more effective as a revision

Examining team guidance/Exam technique & reports

Question practice – ACCA practice platform

Past Exam library

Introduction to the syllabus

On successful completion of this exam, candidates should be able to:

The syllabus is assessed by a three-hour computer-based examination. All questions are

Total 100 marks

International accounting standards

IAS 1 Presentation of financial statements

IAS 16 Property, plant and equipment

IAS 20 Accounting for government grants and

Chapter 1: Introduction to Auditing

1. Users of financial information

Users of Financial Information

Class of stakeholder Decision to be taken

Auditors – The providers of assurance

A. Audits required under law or regulation:

• Audits required to be conducted under corporate laws

B. Voluntarily performed audits:

Inherent Limitations of audit

1. The nature of financial reporting:

a. Useful lives of assets employed by the organization which impacts depreciation

2. Nature of audit procedures:

3. Balancing costs and benefits:

4. Inconclusive nature of audit evidence:

5. Risk based approach to audit:

Class of Decision to be taken What impacts this decision?

Customers Whether to continue association For customers quality is vital and

The answer to this lies in materiality.

• Misstatements, including omissions, are considered to be material if they, individually or in

Determination of Performance Materiality:

Establishing what is “Clearly Trivial”:

Stepwise approach to materiality:

1. Obtain preliminary financial data

Performance of the audit and distinction of audit from an investigation

Chapter 2: Rules and Regulation

1. The three-fold initiative

The three-fold initiative

Corporate Laws Auditing and Assurance Ethics

Coverage of Entities for the purposes of Audit

Appointment of Auditor – Membership with Recognized Supervisory Bodies

For instance, in India, to be appointed as an auditor an individual must be a Chartered Accountant in

Appointment as a company auditor:

• The Board of Directors of the company

The appointment of an individual or a firm as an auditor of a company is a watertight process that

• Professional capacity and experience of the individual or partners in case of a firm/LLP

Restrictions on Appointment as auditor under corporate laws:

a. Accounting and book keeping services

Restrictions on Appointment as auditor under codes of professional ethics:

• Independence of the auditor

• Inability to execute the audit under given circumstance