AUDIT PRACTICE CPA A1.2 & ASSURANCE SERVICES Study Manual
User Manual:
Open the PDF directly: View PDF .
Page Count: 236 [warning: Documents this large are best viewed by clicking the View PDF Link!]
- CONTENTS
- Professional Appointments
- Acceptance
- Professional Responsibility and Liability
- Fraud
- Audit Evaluation and Review
- Going Concern
- Acceptance
- Fraud
- Selecting Items for Testing to Gather Audit Evidence
- Statistical Versus Non-statistical Sampling Approaches
- Sample Size
- Selecting the Sample
- Acknowledgment by Management of its Responsibility for the Financial Statements
- Representations by Management as Audit Evidence
- Documentation of Representations by Management
- Action if Management Refuses to Provide Representations
- Determining the Need to Use the Work of an Expert
- Competence and Objectivity of the Expert
- Scope of the Expert's Work
- Evaluating the Work of the Expert
- Reference to an Expert in the Auditor's Report
- Going Concern
- Audit Conclusions and Reporting
- If adequate disclosure is made in the financial statements, the auditor should express an unqualified opinion but modify the auditor's report by adding an ‘emphasis of matter’ paragraph that highlights the existence of a material uncertainty and draws...
- Segment reporting
- Earnings per share
- Discontinued operations
- Accepting appointment
- Carrying out procedure
- Reporting
- Elements of an assurance engagement
- Assurance given
- Accepting and continuing appointment
- Agreeing terms
- Planning and performing the engagement
- Materiality and engagement risk
- Reporting
- Need for assurance
- Possible assurance criteria
- Responsibility for risk assessment
- Assessing risk
- Responses to risk
- Value for money audits
- Engaging in e-commerce
- Business risks
- Internal controls issues
- Security
Page 0
Twinning Arrangement to develop Capacity Building for ICPAR
CPA
Certified Public Accountant Examination
Stage: Advanced Level 1 A1.2
Subject Title: Audit Practice and Assurance
Services
Study Manual
INSIDE COVER - BLANK
Page 1
s
INTRODUCTION
© CPA Ireland
All rights reserved.
The text of this publication, or any part thereof, may not be reproduced or transmitted in any
form or by any means, electronic or mechanical, including photocopying, recording, storage
in an information retrieval system, or otherwise, without prior permission of the publisher.
Whilst every effort has been made to ensure that the contents of this book are accurate, no
responsibility for loss occasioned to any person acting or refraining from action as a result of
any material in this publication can be accepted by the publisher or authors. In addition to
this, the authors and publishers accept no legal responsibility or liability for any errors or
omissions in relation to the contents of this book.
INSTITUTE OF
CERTIFIED PUBLIC ACCOUNTANTS
OF
RWANDA
ADVANCED Level 1
A1.2 AUDIT PRACTICE &
ASSURANCE SERVICES
First Edition 2012
This study manual has been fully revised and updated
in accordance with the current syllabus.
It has been developed in consultation with experienced lecturers.
Page 2
CONTENTS
BLANK
Page 3
s
CONTENTS
CONTENTS
Study
Unit
Title
Page
Introduction to the Course
7
1
Assurance and the Audit Function
13
Introduction
14
Assurance
14
Need for Regulation
16
The Audit Function
16
Small Entities
18
Methodology of an Audit
19
Sample Questions
20
2
Professional Conduct
21
Fundamental principles and guidance
22
Independence
23
Confidentiality
25
Areas of Controversy
26
Sample Questions
27
3
Professional Appointments
29
Advertising
30
Tendering
30
Acceptance
32
Agreeing the Terms
34
Books and Documents
35
Change in Auditors
36
Sample Questions
37
4
Professional Responsibility and Liability
39
Fraud
40
Professional Liability
45
Misconduct
48
Professional Indemnity Insurance
48
Sample Questions
49
5
Practice Management & Regulatory Environment
51
Risks to which firms are exposed
52
Quality Control
53
What are the Current Trends?
59
Corporate Governance
60
Law and Regulation
65
Sample Questions
70
Page 4
s
CONTENTS
Study
Unit
Title
Page
6
Audit Planning and Strategy
73
Audit Planning
74
Materiality
82
Risk
83
The Risk Approach
85
Systems and Controls
87
Cycles and Transactions
87
Balance Sheet Approach
87
Directional Testing
88
Analytical Procedures
88
Sample Questions
90
7
Audit Evidence
93
Audit Evidence Introduction
94
Related Parties
99
Management Representations
103
Using the Work of Others
105
Documentation
109
Sample Questions
109
8
Audit Evaluation and Review
111
Review Procedures
112
Opening Balances
113
Comparatives
115
Other Information
118
Subsequent Events
121
Going Concern
123
Compliance with International Financial Reporting Standards
127
Sample Questions
128
9
Audit Reports
131
Forming and Audit Opinion
132
The Problem of Communication
133
Electronic Reporting
134
Special Purpose Reports
135
Reporting to Management
136
Sample Questions
137
Page 5
s
CONTENTS
Study
Unit
Title
Page
10
Audit of Financial Statements
139
Introduction
140
Construction Contracts
140
Liabilities
147
Income
151
Expenses
153
Disclosures
154
Sample Questions
156
11
Audit Related and Assurance Services
159
Audit Related Services
160
Assurance Engagements
162
Risk Assessments
163
Performance Management
164
Systems Reliability
165
Electronic Commerce
168
Forensic Audits
169
Whistleblowing
170
Sample Questions
170
12
Internal Audit and Outsourcing
171
Internal Audit
172
Outsourcing
174
Impact of Outsourcing on an Audit
176
Sample Questions
177
13
Prospective Financial Information
179
Reporting on Prospective Financial Information
180
Accepting an Engagement
180
Procedures
180
Expressing an Opinion
181
Sample Question
182
14
Social and Environmental Audits
183
Implications for the Company
184
Implications for the Management
184
Measuring Social and Environmental Performance
185
Implications for the Statutory Audit
186
Implications of Assurance Services
187
Sample Question
188
Page 6
s
CONTENTS
Study
Unit
Title
Page
15
Group Audits
189
Group Accounting and the Holding Company Auditors
190
Principal Auditors and Other Auditors
190
The Consolidation Process
194
Joint Audits
195
Auditing Foreign Subsidiaries
196
Recent Developments
196
Sample Question
197
16
Solutions
199
Solution 1.1
199
Solution 1.2
199
Solution 2.1
200
Solution 2.2
201
Solution 2.3
202
Solution 3.1
203
Solution 3.2
204
Solution 3.3
204
Solution 4.1
204
Solution 4.2
206
Solution 4.3
206
Solution 5.1
207
Solution 5.2
207
Solution 5.3
207
Solution 5.4
208
Solution 6.1
209
Solution 6.2
212
Solution 7.1
214
Solution 7.2
217
Solution 8.1
218
Solution 8.2
220
Solution 8.3
220
Solution 9.1
220
Solution 9.2
221
Solution 9.3
221
Solution 9.4
222
Solution 10.1
223
Solution 10.2
224
Solution 11.1
227
Solution 11.2
227
Solution 12.1
228
Solution 13.1
229
Solution 14.1
231
Solution 15.1
232
Page 7
INTRODUCTION TO THE COURSE
Stage: Advanced Level 1
Subject Title: A1.2 Audit Practice & Assurance Services
Aim
The aim of this subject is to ensure that students can demonstrate the knowledge, skills and
competencies necessary to carry out the audit of an entity and undertake assurance
engagements, having due regard to the Institute’s and profession’s ethical standards in a
changing and complex business environment.
Audit Practice and Assurance Services as an Integral Part of the Syllabus
In carrying out the audit of an entity’s financial statements it is essential to fully understand
the application of the relevant International Standards in Auditing (ISAs), International
Accounting Standards (IASs) and International Financial Reporting Standards (IFRSs). Many
issues that face auditors frequently arise from the accounting treatment of certain financial
transactions in the financial statements of the entity.
The study of the subject Auditing at Advanced 1 Stage is an essential foundation for the study
of Audit Practice and Assurance Services at Advanced 2 Stage. Financial Accounting and
Information Systems (at Foundation 2 Stage) and Financial reporting and Company Law (at
Advanced 1 Stage) are also essential prerequisites for the study of Audit Practice and
Assurance Services.
Learning Outcomes
Upon successful completion of this subject students should be able to:
• Explain, interpret and apply the legal, regulatory and ethical framework to the
role of the auditor.
• Identify audit risks, and describe the procedures undertaken at the planning stage
to meet the objectives of the audit.
• Design, evaluate and report on internal control and financial reporting systems
and identify and communicate control risks, applying these skills to practical
situations in both manual and computerised environments.
• Describe the application of Computer Assisted Auditing Techniques.
• Design, plan and apply audit testing techniques and procedures in the practical
application of International Standards on Auditing (ISAs), International Standards
on Quality Control (ISQCs) and other technical pronouncements to auditing and
assurance situations.
Page 8
s
CONTENTS
• Evaluate the role of internal audit, including a comparison with the role of the
external auditor.
• Draw conclusions, having applied appropriate professional skill, scepticism and
judgement.
• Report to shareholders, management and other relevant parties in the course of
providing audit and assurance services.
• Plan and perform the necessary work and report on other assurance engagements
in the context of agreed terms of reference and the legal, regulatory and ethical
framework.
• Undertake audit and assurance engagements with reference to the best practices
and developments in Corporate Governance and their application to clients’
processes.
• Evaluate, explain and discuss issues and developments relating to auditing,
including audit expectations and developments in the regulation of audits.
• Demonstrate an ability to work within a professional and ethical framework.
Page 9
s
CONTENTS
Syllabus:
1. Legal and Regulatory Environment
• An in-depth knowledge of the Companies Acts / Orders and other company
law legislation affecting the auditor.
• Responsibilities imposed on auditors of Rwandan Stock Exchange listed
companies and legal responsibilities to shareholders.
• An in-depth knowledge of standards and other technical pronouncements
issued by the IASB and IAASB.
• A detailed appreciation of case law decisions and their implications for the
auditing process.
• An in-depth knowledge of other legal liabilities affecting auditors and
accountants in providing audit and assurance services.
2. Ethics
• Application of the ICPAR Code of Ethics.
• The fundamental principles of professional ethics.
• Threats and safeguards.
• Responsibilities to clients and colleagues.
• Other responsibilities and practices including:
– Changes in professional appointments.
– Use of lien in fee disputes.
– Advertising and publicity.
– Use of professional designations.
• Conflicts of interests.
• Code of confidentiality.
• Professional liability and indemnity.
• Misconduct and negligence.
3. Internal Controls and Financial Systems
• The definition of the control environment and control procedures.
• Effective internal controls.
• The limitations on the effectiveness of internal controls.
• Ascertaining and understanding internal control systems: narrative notes,
flowcharts, checklists, internal control questionnaires, walk through tests.
• Evaluations and assessment of accounting systems and internal control
systems and its subsequent impact on audit work.
• Reliance on internal controls and internal audit.
• The principles and control procedures in a computer environment including
system analysis and design considerations.
• The use of Computer Assisted Audit Techniques.
Page 10
s
CONTENTS
4. Risk Assessment & Audit Process
• New engagements.
• The strategic design and planning of an audit and knowledge of the client’s
business.
• The review of financial statements to include analysis and critical assessment.
• Quality control and recording of the audit.
• The evaluation and testing of control procedures and audit evidence.
• The design and carrying out of tests of substance on specific audit areas.
• Consideration of materiality, audit risk, reliance on other specialists, events
after the reporting period, contingencies, related parties.
• Use of experts.
• Characteristics of fraud and the responsibility of auditors for detecting
material misstatement due to fraud.
5. Reporting
• Reporting on Audited Financial Statements.
• Key concepts: opinion, true and fair view, materiality, statutory requirements.
• Basic elements of the Auditor’s Report.
• Modified Reports, differentiating between
– Matters that do not affect the auditor’s opinion, and
– Matters that do affect the auditor’s opinion.
• Circumstances giving rise to Modified Reports.
– Limitations on Scope.
– Disagreements with management.
• Auditor’s responsibility before and after the date of the Auditor’s Report.
• Auditor’s responsibility for other information in documents (e.g. Annual
Report) containing audited financial statements.
6. Special Audits and Other Assurance Engagements
• Relevant audit planning, execution (including internal control implications),
reporting and professional practice considerations concerning:
• Group audits, small business audits (including small business exemption), not-for-
profit audits, first time audits.
• Prospectuses and other offering documents (investment circulars): historical year-
end financial statements, interim financial statements, and future oriented
information.
• Other types of historical financial assurance engagements: financial statements
review engagement (Accountant’s Report), financial statements compilation
engagements (Compilation Report), audit or review of specific financial
information (e.g. sales figures for retail park leases), compliance with agreements
(e.g. loan covenants), agreed upon procedures.
• Assurance on internal controls in service organisations.
• Other types of audits: value for money/operational, social and environmental,
health and safety, whistleblowing, forensic (fraud identification, analysis and
assessment).
Page 11
s
CONTENTS
7. Corporate Governance
• Best Practice
• Audit Committees – structures, roles, benefits and drawbacks.
• Roles and effectiveness of Non-Executive Directors.
• Anti-Money Laundering Procedures.
8. Current Issues
• The current issues and developments relating to auditing, including audit
expectations and developments in the regulation of audits.
Page 12
BLANK
Page 13
s
Study Unit 1
Assurance and the Audit Function
Contents
A.
Introduction
B.
Assurance
C.
Need for Regulation
D.
The Audit Function
E.
Small Entities
F.
Methodology of an Audit
G.
Sample Questions
Page 14
s
ASSURANCE AND THE AUDIT FUNCTION
A. INTRODUCTION
There has been a huge growth in information that is available today in all aspects of business.
The use of the internet has made access easy and more and more information is been required
in all areas, not just financial.
This growth in information has led to a need for assurance as to the quality and reliability of
that information so that users can make informed decisions based on the information that is
available to them.
Audit and assurance services play a vital role in maintaining confidence and therefore
stability in the world economy. The markets need confidence and in order to get this
confidence they seek to reduce their exposure to risk. To reduce risk they need assurance
in the market.
B. ASSURANCE
The International Standards on Auditing (ISA) glossary of terms gives a definition of an
assurance engagement as “one in which a practitioner expresses a conclusion designed to
enhance the degree of confidence of the intended users other than the responsible party about
the outcome of the evaluation or measurement of a subject matter against criteria.”
In practice, this could be an auditor expressing an opinion to the shareholders of a company
on a set of financial statements prepared by management as to whether they have been
prepared in a true and fair manner in accordance with accounting standards and relevant
company law.
Any assurance engagement must have the following five elements:
• A three party relationship such as the Auditor reporting to a shareholder about the
actions of management.
• Some subject matter such as a set of financial statements.
• Suitable criteria such as the accounting standards and/or law.
• Sufficient appropriate evidence, in a form that is sufficient, reliable and relevant.
• A written report in an appropriate form.
Levels of Assurance
Various levels of assurance may be given but this depends very much on (1) the individual
engagement, (2) the criteria applied and (3) the subject matter. The glossary of terms refers
to two types:
• Reasonable level of assurance – subject matter materially conforms to criteria i.e.
accounts give a true and fair view having regard to the accounting standards and law.
• Limited level of assurance – no reason to believe that subject matter does not
conform to criteria. Essentially, a negative form of expression.
Page 15
s
Absolute assurance can never be given. There are inherent limitations of an audit that affect
the auditor’s ability to detect material misstatements in a set of financial statements.
The Limitations of an audit
• Every item is not checked. In fact, only test checks are carried out by auditors. It
would be impractical to examine all items within a class of transactions or account
balance. Hence, it is not really possible to give absolute assurance.
• Auditors depend on representations from management and staff. Collusion can
mitigate some good controls such as division of duties. There is always the
possibility of collusion or misrepresentation for fraudulent purposes.
• Evidence gathered is persuasive rather than conclusive. It often indicates what is
probable rather than what is certain.
• Auditing is not purely an objective exercise. Judgements have to be made in a
number of areas. The view in financial statements is itself based on a combination of
fact and judgement.
• The timing of an audit.
• An unqualified audit opinion is not a guarantee of a company’s future viability, the
effectiveness and efficiency of management, nor that fraud has not occurred in the
company.
So are there any benefits of an audit? Yes, there are.
• The shareholders of a company are given an independent opinion as to the true and
fair view of the accounts that have been prepared by management.
• The use made by third parties such as suppliers and banks of the accounts adds
confidence in the performance of a company.
• Auditors themselves can use the knowledge accumulated during the course of the
audit to provide additional services to the company such as the provision of
consultancy services or a management letter showing weaknesses in the business and
recommendations to alleviate such weaknesses in the future.
• While not responsible for detecting fraud, the very fact that an audit is carried out and
may uncover evidence of fraud, can help to mitigate against such risks.
Types of engagements
The type of assurance engagement will depend very much on the subject matter, whether it be
a set of accounts or an internal control system.
In order that an assurance engagement can be carried out, the subject matter must be:
• Identifiable
• Capable of consistent evaluation and measurement and
• Capable of being subject to procedures and evidence gathering.
Page 16
s
Types of assurance engagements include
• Audits and reviews (different levels of assurance)
• Reports on systems and controls as part of corporate governance framework
• Reports for lenders and other investors
• Reports on prospective financial information
• Risk assessments
• Business performance measurement
• Social and environmental issues and
• Value for money studies
Implications of assurance services
• Members of professions will need to have a good broad skills base to deal with the
various types of engagements and not just the standard audit.
• More types of engagements increase the potential liability of accountants. Clear
identification of what is extended liability is vital.
• There is the potential for increasing the expectations gap. Auditors’ view versus the
public’s view. The auditor is not responsible for preparation of accounts or the
detection of fraud.
C. THE NEED FOR REGULATION
Where there is reduced confidence in the markets and this leads to business failure, this in
turn leads to instability. As a result there is increased demand for regulation.
There has been regulation in the markets since the introduction of the concept of limited
liability. The requirement for audited financial statements is a way to protect the owners of a
business from unscrupulous management and also prevent the abuse of the limited liability
status.
D. THE AUDIT FUNCTION
What is an audit?
An audit is an exercise, of which the objective is, to enable an independent auditor to express
an opinion on whether a set of financial statements is prepared in a true and fair manner in
accordance with an identified financial reporting framework.
The same objective applies to the audit of financial or other information prepared in
accordance with appropriate criteria.
Page 17
s
Overview of Syllabus and audit
ISA (International standards on auditing) 200: Objective and general principles
governing an audit of financial statements sets out what audits are all about.
• The auditor should comply with the code of ethics for professional accountants issued
by the International Federation of Accountants (IFAC), ethical standards and the ethical
pronouncements issued by the auditor’s relevant professional body.
• The auditor should conduct an audit in accordance with International Standards of
Auditing and should plan and perform an audit with an attitude of professional
scepticism.
• ISA 200 also makes a very important point in that while the auditor is responsible for
forming and expressing an opinion on the financial statements, the responsibility for
preparing and presenting those financial statements lies with the management.
• Furthermore, the auditor does not have any responsibility with regard to the prevention
and detection of fraud. Again, that lies with the management. These points often form
the basis for the expectation gap mentioned above.
Types of audits
• Statutory audits as required by companies’ legislation.
• Non-statutory audits preferred by interested parties rather than been required by law.
For example, charities, societies, public interest companies etc.
• Small entity audits.
Legal &
Regulatory
environment
Risk
Assessment &
Audit process
Reporting
AUDIT
Ethics
Internal
controls &
financial
statements
Corporate
Governance &
current issues
Page 18
s
E. SMALL ENTITIES
Elements of a small entity would include:
• Small number of individuals re ownership and management.
• Basic record keeping.
• Limited internal controls with huge potential for management override of such
controls.
There are arguments for and against small company audits. Each of the stakeholders,
shareholders, management, employees, banks, suppliers and revenue commissioners has their
pros and cons.
• Reassurance given by audited accounts for shareholders not involved in management.
• On the contrary, where shareholders are part of management, the whole audit exercise
may not appear to be value for money.
• Audited accounts provide a good indication of a fair valuation for shares particularly
unquoted shares.
• An audit provides management with an independent check on the accuracy of their
financial statements. Also, some auditors do provide decent management letters.
• In reality, a more focused systems review or similar consultancy report would be of
more benefit to management.
• Employees can gain comfort from audited accounts as to their job security and for
wage negotiations. In reality, I don’t think this actually happens.
• Bank managers often rely on audited accounts when reviewing security in the event of
granting a loan.
• More importantly though, a bank manager may want to see a good credit history in a
company’s transactions with the bank.
• Suppliers can gain assurance from audited accounts when giving credit to customers.
• On the contrary, the accounts might be out of date and the customer could be
experiencing difficulties. Might be more appropriate to get relevant credit references.
• Rwandan Revenue Authority can rely on audited accounts to back up tax returns.
• In reality, revenue authorities generally accept sets of accounts prepared by
independent accountants.
Small company audits and potential problems
• Small companies create difficulties for auditors in that the auditor has to direct more of
his work in the verification of items by physical inspection and the vouching of third
party evidence, as he would otherwise probably do with larger company audits. The
general principles applied in an audit are the same for large and small companies. But
the specific testing may vary considerably.
• Due to the nature of small companies as noted above, problems can arise with the
reliability of internal control systems. In fact Control Risk is considered high. (ISA
200 defines control risk)
Page 19
s
• Lack of controls coupled with the risk of management override may lead to
difficulties such as the incompleteness of income or the recording of inappropriate
expenditure. In a larger company the system of internal control and a suitable staff
structure would provide a check against a persons work. In smaller companies, some
internal controls will be useful as a management check on staff, but will provide no
checking mechanism on management itself. Where there are limitations in the
effectiveness of internal controls, it has little value to the auditor in helping him form
an opinion on a set of financial statements. As a result he will need to increase his
substantive testing. Examples would be physically verifying additional assets
purchased throughout the year and obtaining third party confirmation from a bank as to
the small companies’ bank balances at the year-end.
• Another problem associated with small company audits is that the lack of an
appropriate internal control system coupled with the auditor’s inability to design or
carry out procedures to obtain sufficient, reliable and relevant evidence as to the
completeness and accuracy of the accounting records can create a limitation on the
scope of the auditor’s work. This can affect the type of audit report that is issued. For
example, you can have a qualified audit report where the scope limitation does not
prevent the auditor from expressing an opinion, or you can have a report where the
scope limitation is so significant that the auditor is unable to express an opinion.
F. METHODOLOGY OF AN AUDIT
• Determine the scope and the audit approach.
Legislation and the auditing standards lay down the scope for statutory audits. An
auditor should prepare a plan for his audit.
• Ascertain the system and controls.
Discuss the accounting system and the flow of documents with all the relevant
personnel in the company. Document all your notes. Some auditors do flow charts,
narrative notes and/or internal control questionnaires.
Get to know the client’s business.
Confirm that you have recorded the system accurately by carrying out walkthrough
tests.
• Assess the system and internal controls.
Evaluate the system as it is to weigh up its reliability and draw up a plan to test its
effectiveness. At this stage you could draw up a letter to management recommending
any improvements you consider from your findings. In addition, what you have
learned here may influence the type of further audit testing you may carry out later on.
• Test the system and internal controls.
Above, you evaluated the controls that are in place. You need also to test if they were
effective. Compliance tests will cover many more transactions than the walkthrough
tests. You need to carry out a representative sample through the accounting period.
If you can establish that the controls are indeed effective, you can reduce the amount
of detailed testing later on. However, if the controls turn out to be ineffective, then
more substantive tests will need to be carried out.
Page 20
s
• Test the financial statements.
This section covers the substantive testing which has been described earlier. You are
effectively trying to stand over the figures in the financial statements. Substantive
tests are audit procedures performed to detect material misstatements. Remember, if
you think that any error you might find in a class of transactions will not be
significant, then there is no point carrying out the substantive test.
• Review the financial statements.
After all the testing has been done and the evidence gathered, you should review the
accounts as to their overall reliability making a critical analysis of the content and
presentation.
• Express an opinion.
You need to evaluate all the evidence you have gathered and express an opinion on a
set of accounts by way of a written audit report.
You may in addition, write a management letter which can set out improvements you
recommend or to place on record specific points in connection with the audit.
Question 1.1
What are the limitations of an audit?
Question 1.2
You have been preparing accounts for Mr J. Butera for the last number of years which he
submits to the Revenue Authorities. His current turnover is RWF1million. Mr. Butera is
considering forming a company and has asked for your advice on a number of issues.
1. Are there any advantages to having a company audit.
2. Would the audit carried out on his company be similar to that of say Bank of Kigali
(BOK).
3. Is there anything other than an audit that would give him a degree of assurance.
Page 21
Study Unit 2
Professional Conduct
Contents
A.
Fundamental principles and guidance
B.
Independence
C.
Confidentiality
D.
Areas of Controversy
E.
Sample Questions
Page 22
s
A. FUNDAMENTAL PRINCIPLES AND GUIDANCE
ISA 200 sets out the general principles of an audit. The auditor should comply with the code
of ethics for professional accountants issued by the International Federation of Accountants.
Accountants require ethics because people rely on them for their expertise in specific areas.
Both the International Federation of Accountants (IFAC) and the Institute of Certified Public
Accountants of Rwanda (ICPAR) have issued a code of ethics of which the fundamental
principles of both associations are very similar.
The ICPAR ethical framework states principles and encourages the auditor to make their own
judgements. On the other hand the ethics as laid down by the IFAC provides more guidance
by way of examples of potential issues and safeguards to mitigate against those threats.
The ICPAR code of ethics lays out the fundamental principles as follows:
• Integrity. A member should be straightforward and honest in all professional and
business relationships.
• Objectivity. A member should not allow bias, conflict of interest or undue influence
of others to override professional or business judgements.
• Professional competence and due care. A member has a continuing duty to
maintain professional knowledge and skill at the level required to ensure that a client
or employer receives competent professional service.
• Confidentiality. A member should respect the confidentiality of information
acquired as a result of professional and business relationships and should not disclose
any such information to third parties without proper and specific authority unless
there is a legal or professional right or duty to disclose. Any information acquired
should not be used for the personal advantage of the member or third parties.
• Professional behaviour. A member should comply with relevant laws and
regulations and should avoid any action that discredits the profession.
The circumstances in which members operate may give rise to specific threats to compliance
with the fundamental principles. However, it is impossible to define every situation that
creates such threats and to specify the appropriate mitigating action. In addition, the nature
of engagements and work assignments may differ.
The ICPAR conceptual framework requires each member to identify, evaluate and address
threats to compliance, rather than merely complying with a set of specific rules such as those
laid down by the IFAC.
If the threats are significant, then you need to identify and apply safeguards to eliminate the
risk or to reduce it to an acceptable manner. If no appropriate safeguards are available,
then you need to eliminate the activities causing the threat or decline the engagement or
discontinue it as the case may be.
Page 23
s
Advantages of a framework over a system of rules
• A framework forces you to consider the threats for every given situation and to act
accordingly.
• A framework prevents you from interpreting technical issues.
• Rules don’t always cover all situations.
• Rules need to be constantly amended to live in a rapidly changing environment.
B. INDEPENDENCE
An auditor needs to be and seen to be independent. He must have independence of mind
and independence in appearance.
Independence is a state of mind that permits the provision of an opinion without being
affected by influences that compromise professional judgement, allows an individual to act
with integrity and exercise objectivity and professional judgement.
An auditor needs to avoid facts and circumstances that are so significant that a reasonable and
informed third party would reasonably conclude an auditor’s integrity, objectivity or
professional scepticism had been compromised.
Public confidence in the operation of capital markets and in the conduct of public interest
entities depends upon the credibility of the opinions and reports issued by auditors.
What are the threats to independence?
ES 1 Integrity, objectivity and independence sets out the principal types of threats.
• Self interest:
A financial interest in a client, undue dependence on fees, close business relationship,
concern over losing a client, potential employment with client or loans from client.
• Self review:
Reporting on the operation of financial systems after you were involved in their
design and preparing the accounts now under audit.
• Management threat:
Making judgements and taking decisions which are the responsibility of management.
• Advocacy:
Acting as a legal advocate for client in litigation or promoting shares in the company.
• Familiarity:
Having close personal relationships developed with client personnel through long
association or a family relationship. Auditor may not be sufficiently questioning the
client’s point of view. Acceptance of gifts of significant value.
• Intimidation:
Threat of replacement due to disagreement.
Page 24
s
Review the Institute of Certified Public Accountants of Rwanda code of ethics together with
the IFAC code of ethics with regard to areas such as financial interests, loans and guarantees,
close business relationships, family and personal relationships, employments connections
with the client, long association with client personnel, provision of non-assurance services,
fees, gifts and hospitality and actual or threatened litigation.
Safeguards to independence
Safeguards that may eliminate or reduce threats to an acceptable level fall into two general
categories:
• Safeguards created by the profession, legislation or regulation and
• Safeguards in the work environment whether within the auditor’s own systems and
procedures or within the client company.
The first category includes:
• Educational, training and experience requirements for entry into the profession.
• Continuing professional development requirements.
• Corporate governance regulations.
• Professional standards.
• Professional or regulatory monitoring and disciplinary procedures.
• External review by a legally empowered third party of the reports, returns,
communications or information produced by a member.
The second category includes:
Firm wide safeguards
• Such as firms stressing the importance of compliance with the fundamental principles.
• The expectation that members will act in the public interest.
• Documented policies and procedures to implement and monitor quality control of
engagements.
• Documented policies regarding identification of threats, their evaluation and
application of safeguards.
• Documented independence policies.
• Policies and procedures to enable identification of interests and relationships between
auditor and client.
• Monitoring the fee income received.
• Timely communication of a firm’s policies and procedures to all staff and appropriate
training thereof.
• Implementing a quality control system and appointing a member of senior
management.
• Advising all staff of the clients from whom they must be independent.
• A suitable disciplinary mechanism to promote compliance with policies.
Page 25
s
Engagement specific safeguards
• Involving an additional professional accountant to review the work done.
• Consulting independent third parties.
• Disclosing the nature of services provided and extent of fees charged to those charged
with client governance.
• Rotating senior audit team personnel.
Safeguards within client systems and procedures
• Persons other than management ratify auditor appointment.
• Client has competent employees with experience to make decisions.
• The client has a corporate governance structure that provides appropriate oversight
and communications regarding the firm’s service.
Specific safeguards in relation to independence are mentioned in the ICPAR and IFAC
guidance and cover such areas are financial interest, loans, close business relationships, fees
and litigation.
International standard on quality control sets out the standards and provides guidance
regarding a firm’s responsibilities for its system of quality control for audits.
• The firm should establish a system of quality control designed to provide it with
reasonable assurance that the firm and its personnel comply with professional
standards and regulatory and legal requirements.
• The firm’s system of quality control should include policies and procedures
addressing elements such as leadership responsibilities, ethical requirements,
acceptance of engagements, human resources, engagement performance and
monitoring.
The quality control policies and procedures should be documented and communicated
to the firm’s personnel.
C. CONFIDENTIALITY
There is a duty of confidence to the client but there are several exceptions noted.
The principle is twofold. One, you should refrain from disclosing any information acquired
without proper authority to do so unless there exists a legal or professional right or duty to
disclose.
Secondly, you should refrain from using any information acquired for your own personal
advantage or that of a third party.
A member should maintain confidentiality even in a social environment and even needs to
comply with the principle even after the end of the professional relationship. The member
can only use prior experience.
Page 26
s
Exceptions when member may be required to disclose:
• Disclosure permitted by law and authorised by client.
• Disclosure by law e.g. production of documents during course of legal proceedings or
disclosure to appropriate public authorities of infringements of law that have come to
light.
Money Laundering
Theft and Fraud Offences Duty to report where books of account are not been kept.
• Professional duty or right to disclose when not prohibited by law, such as to comply
with quality assurance reviews, to respond to an inquiry by an institute, to protect the
professional interests of a member in legal proceedings or to comply with technical
standards and ethical requirements.
Having decided that there should be some disclosure, the auditor must consider-
• Whether the interests of any parties could be harmed by such disclosure and whether
the auditor will incur legal liability as a result of the disclosure.
• Whether all relevant facts are known and substantiated.
• The type of communication that is expected and to whom it should be addressed.
Under ISA 250 consideration of laws and regulations in an audit of financial statements,
if auditors become aware of a suspected or actual occurrence of non-compliance with law and
regulation which give rise to a statutory right or duty to report, they should report it to the
proper authority immediately.
In all cases of disclosure where there is a duty of confidentiality, you should seek legal
advice.
D. AREAS OF CONTROVERSY
Independence
• Multiple services
Many audit firms are moving away from their traditional roles and are offering a
wider variety of work to their clients. Audit is sometimes even seen as a loss leader
in gaining other lucrative work.
Having more legislation in this area, could restrict clients in whom they could choose
to give them business and any synergies found in the auditor also providing additional
services would be lost.
Note, in the USA, SEC guidance suggests that an auditor is not independent in
relation to a listed company if they provide certain non-audit services, such as
bookkeeping, internal audit, management or human resources functions.
• Specialist services
Services such as valuation of intangible assets, property or unquoted investments
where carried by a firm who are also a company’s auditors can lead to a self review
threat. A firm should not therefore audit a client’s accounts which include specialist
work carried out by themselves.
Page 27
s
• Second opinions
Second opinions are acceptable but not if the current auditors are pressurised to accept
the second opinion. In order to avoid this, there should be constant communication
between the two auditors.
The second firm has a duty to seek permission from the client to approach the current
auditors. Without such communication, the second opinion may be formed
negligently, as the second opinion may not be based on the same set of facts or is
based on inadequate evidence.
Confidentiality
• Conflicts of interest
Conflicts of interest can arise when a firm has two or more audit clients, and the
clients are in direct competition with each other e.g. major banks.
An audit firm can argue that different audit teams are involved and this can maintain
independence and confidentiality. However, clients may not perceive it this way and
could well move the audit to another firm.
Takeovers also need special consideration. You could be the auditor to both
companies in a takeover. In these cases, the auditor should not be the principal
advisors to either and should not issue any assessment reports on either party other
than the actual audit reports.
• Insider dealing
Auditors can be seen as insiders as they often have access to very sensitive
information. Auditors should see the duty not to deal as an insider as an extension of
their duty of confidentiality to their clients. Again, it is not just in relation to third
parties but also to their own personal gain.
Question 2.1
You are a partner in an audit firm. A number of issues have emerged in relation to some of
your clients. You are asked to document your considerations on each of the issues, noting the
threat arising, the significance of that threat and any factors you have taken into account, and,
if relevant, any safeguards you could apply to eliminate or mitigate against that threat.
1. JNS Ltd
2. John is the most junior member of your audit team of eight. He has just invested in a
personal pension plan that invests in all listed companies.
3. White LTD
4. You are the partner leading up a high powered team carrying out due diligence work
on Black LTD, a company, your client, White LTD, is considering taking over. Paul,
your deputy has mentioned that he met the daughter of the MD of Black LTD during
the initial phases of the work and is going to ask her out.
Page 28
s
5. Take it Easy LTD
6. You have been associated with this audit for ten years, four as audit engagement
partner. You are just back from a six week cruise with the MD on his yacht.
Question 2.2
Here is an example of a press report which appeared in recent years which dealt with issues
of objectivity and independence within a firm of multinational firm of accountants.
“..a partner in the firm was told by the regulatory body that he must resign because he was in
breach of the body’s independence rules, as his brother in law was the financial controller of
an audit client. He was told that the alternative was that he could move his home and place of
work at least 400 miles from the offices of the client, even though he was not the reporting
partner. This made his job untenable. The regulatory body was seen as taking its rules to
absurd lengths by the accounting firm. Shortly after this comment, the multinational firm
announced proposals to split the firm into three areas between audit, tax and business
advisory services; management consultancy; and investment advisory.”
Discuss the above events and the impact they may have on the public perception of integrity,
objectivity and independence.
Question 2.5
Where auditors are perceived not to be independent is a real cause for concern. Where
auditors provide non audit services to their clients, their objectivity may well be impaired by
undue dependence on those clients. In addition, further concerns may arise in the situation
where audit clients hire staff who were previously employed by their auditors. In this case
the objectivity of future audits may be at risk.
1. Describe the problems that may arise if an audit client hires, as finance director, a
former audit partner.
2. Are there any advantages to a client of their auditor becoming an executive in their
company?
3. How does current ethical guidance attempt to deal with these potential problems
surrounding an auditor becoming an executive and what additional safeguards if any
may help the situation?
Page 29
Study Unit 3
Professional Appointments
Contents
A.
Advertising
B.
Tendering
C.
Acceptance
D.
Agreeing the Terms
E.
Books and Documents
F.
Change in Auditors
G.
Sample Questions
Page 30
s
PROFESSIONAL APPOINTMENTS
A. ADVERTISING
ISA 200 sets out the ethical principles governing the auditor’s professional responsibilities.
One of them is professional behaviour. A member is expected to comply with relevant laws
and regulations and should avoid any action that discredits the profession.
Now, auditors are like anyone else in business and in business it is necessary to advertise.
But this advertising should be aimed at informing the public in an objective manner and
should be in good taste.
The Institute of Certified Public Accountants of Rwanda have stated they will use the IFAC
code of ethics as their basis and thus imply that in promoting themselves and their work,
members should be honest and truthful and should not make any exaggerated claims for
the services they are able to offer, the qualifications they possess or the experience they have
gained. In addition, they should not make any disparaging references or unsubstantiated
comparisons to the work of others.
Use of logos
Persons can only use the designated letters of a profession after their name such as in
advertisements when they are members of the said profession.
A firm must have a practicing/auditing certificate to describe themselves as registered
auditors.
Fees
If reference is made in promotional material to fees, the basis on which the fees are
calculated should be stated. The greatest care should be taken to ensure that any reference
does not mislead as to the precise range of services and time commitment that the reference is
intended to cover.
The danger of giving a misleading impression is great when there are constraints in respect of
space limits for advertisements. It is for this reason that it is generally inappropriate to
advertise fees. It is probably better to advertise free consultations to discuss fee issues.
B. TENDERING
Client companies can change auditors. In this regard a firm may be approached to submit a
tender for an audit. When approached to tender, an audit firm must consider whether they
want to do the work and they must have regard for the ethical considerations, such as
independence and professional competence. In addition, they need to consider fees and some
other practical issues.
Fees
A member may quote whatever fee is deemed to be appropriate. The fact that one may
quote a lower fee than another auditor is not in itself unethical. However, it does raise the
Page 31
s
risk of a threat to the principles of professional competence and due care in that the fee
quoted may be so low as to make it appear to be difficult to perform the audit to the expected
standards.
Therefore, it is wise to set out the basis of the calculation of the fee. The following factors
should be considered when setting out a fee:
• What does the job involve. Is it audit and/or tax or is there some other complicated
work involved.
• Which staff will need to be involved, numbers and quality. How long will they be
required. Is the nature of the business complex.
• What charge out rates are to be applied.
The practice of undercutting fees has been called lowballing and can be seen in action
generally where large audits are concerned. We have seen that having a lower fee may
seem to have a negative impact on an auditor’s perceived independence but there are other
factors to be considered:
• Auditors operate in a market like any other business where supply and demand very
often dictate the price.
• Fees may be lower due to reasons such as better internal audit functions and
simplified group structures within client companies.
• Auditing firms have increased productivity, whether through the use of more
sophisticated IT or experience gained through understanding the client’s business.
Practical issues
It is important that the auditor also considers a number of other issues:
• Can the audit assignment be fitted in to the audit firms current work plan.
• Is their suitable audit staff available.
• Will any specialist skills be required. What are the future plans for the company.
• Is there any training required for current staff and what will be the cost of that
training.
• What work does the client actually want. Audit and/or tax.
• Is this the first time the company has been audited.
• Whether the client is seeking to change its auditors and if so what is the reason behind
it.
Submitting an audit proposal
There is no set format. In fact, the client may dictate the format whether it be a written
submission or a presentation to the board of directors.
Whatever the form of the tender submission, the following matters should be included in the
proposal:
• The audit fee and the basis for its calculation
• An assessment of the needs of the client
Page 32
s
• How the firm means to meet the needs of the client
• Any assumptions made to support the proposal
• The audit approach to be adopted by the firm
• A brief outline of the firm
• Details and background of the key audit staff on the proposed engagement.
Evaluating the tender
Different clients will have different ways of evaluating a tender. Some of the more general
points are listed below. It is important to bear these in mind when preparing a proposal:
• Fee. This can be the most vital point. Some clients go straight to this figure and don’t
even bother with the rest of the document.
• Professionalism. Auditors are expected to be professional. Remember, the audit team
and the tender documents are often the first factors on which a prospective client forms
an impression.
• Proposed audit approach. Clients are always looking for the least amount of
disruption to their already busy schedules, so the shortest number of days on-site may
be the key to winning a tender.
• Personal service. Fostering relationships is vital. Client should always feel he is
getting value for money.
C. ACCEPTANCE
You have submitted a tender. You have been successful and the client has offered you the
audit. Before you accept and commence the audit you should carry out a number of
procedures in order to comply with the provisions in ISQC1 quality control (section 26 to
28).
Before accepting the assignment
• Make sure there are no ethical issues which would prevent you from accepting this
assignment.
• Make sure that you are professionally qualified to carry out the work requested and
that your firm has the resources available in terms of staff, expertise and time.
• Check out references for the directors of the client firm especially if they are unknown
to the audit firm.
• Consult previous auditors as a matter of professional courtesy and establish from them
whether there is anything that you ought to know about this vacancy.
After accepting the assignment
• Make sure the resignation of the previous auditors has been properly carried out and
that the new appointment is valid. A resolution by shareholders of the company is
required.
• Submit a letter of engagement to the directors of the client company and ensure it is
accepted and signed before any audit work is carried out.
Page 33
s
ISQC1 states that a firm should establish policies and procedures for the acceptance and
continuance of client relationships and specific engagements, designed to provide it with
reasonable assurance that it will only undertake or continue relationships and engagements
where it:
• Has considered the integrity of the client and does not have any information that would
lead it to conclude that the client lacks integrity,
• Is competent to perform the engagement and has the capabilities, time and resources to
do so and
• Can comply with the ethical requirements.
The firm should obtain such information as it considers necessary in the circumstances before
accepting an engagement with a new client, when deciding whether to continue an existing
engagement and when considering acceptance of a new engagement with an existing client.
Where issues have been identified and the firm decides to accept or continue the relationship
or a specific engagement, it should document how the issues were resolved.
In short, a firm must:
• Obtain relevant information
• Identify relevant issues
• Resolve issues that are identified, and document that resolution.
Integrity of client
Matters to be considered:
• Identity and business reputation of owners, key management and those charged with
governance.
• Nature of the client’s operations and its business practices.
• Attitude of the owners, key management and those charged with governance towards
matters such as aggressive interpretation of accounting standards and the internal
control environment.
• Client’s attitude to fees.
• Indications of inappropriate limitation in the scope of work.
• Indications that client may be involved in money laundering or other criminal
activities.
• Reasons given for non-reappointment of previous auditors.
Information can be gathered through communications with previous auditors or other
professionals who may have provided services and through other third parties such as
bankers, legal counsel and industry peers. There are also a multitude of relevant databases
where one can do some background research.
Competence of the firm
Matters to be considered:
• Has the firm got sufficient knowledge of the relevant industry and the relevant
regulatory environment.
• Are there sufficient personnel within the firm having the necessary capabilities and
competence and are experts/specialists available when needed.
Page 34
s
• Are competent individuals available to perform engagement quality control reviews.
• Will the firm be able to complete the engagement within the reporting deadline.
Other issues
• Where a potential conflict of interest is identified, the firm should consider whether it
is appropriate to accept the engagement.
• Need to consider any significant matters that may have arisen during the current or
previous engagements of whatever description.
ISQC1 goes on to state that where the firm obtains information that would have caused it to
decline an engagement if that information had been available earlier, policies and procedures
(on the continuance of the engagement and the client relationship) should include
consideration of:
• The professional and legal responsibilities that apply to the circumstances, including
whether there is a requirement for the firm to report to the person or persons who made
the appointment or, in some cases, to regulatory authorities, and
• The possibility of withdrawing from the engagement or from both the engagement and
the client relationship.
Some suggested procedures would include discussing with appropriate client management the
appropriate action that the firm might make based on the relevant facts and circumstances.
Also, the firm should document the significant issues, consultations, conclusions and the
basis for those conclusions.
D. AGREEING THE TERMS
Once an engagement has been accepted it is important to agree the terms. It is essential that
both parties fully understand what the agreed services are. Any misunderstanding could lead
to a breakdown in the relationship and could result in legal action.
ISA 210: terms of audit engagements establishes standards and provides guidance on:
• Agreeing the terms of an engagement with the client and
• The auditor’s response to a request by a client to change those terms to one that
provides a lower level of assurance.
It states that the auditor and the client should agree on the terms of the engagement. The
agreed terms would need to be recorded in an audit engagement letter or other suitable form
of contract. The terms should be recorded in writing.
The objective and scope of an audit and the auditor’s obligations may be established by law,
but the auditor may still find that an audit engagement letter will be informative for their
clients.
The main points to be clarified in the letter of engagement would include:
• Confirmation of the auditor’s acceptance of the appointment.
• The auditor is responsible for reporting on the accounts to the shareholders
Page 35
s
• The directors of the company have a statutory duty to maintain the books of the
company and are responsible for the preparation of the financial statements.
• The directors are responsible for the prevention and detection of fraud.
• The fact that because of the test nature and other inherent limitations of an audit, there
is the unavoidable risk that some material misstatements may remain undiscovered.
• The scope of the audit including reference to appropriate legislation and standards.
• There should be unrestricted access to whatever books and records the auditor needs
in the performance of his duties.
Other points to be included:
• Arrangements regarding the planning and performance of the audit.
• The expectation of receiving from management written confirmation regarding
representations made in connection with the audit.
• Request for the client to confirm in writing the terms of the letter.
• The fee to be charged and the credit terms.
• The form of any reports or other communication of results of the engagement.
Other issues
• On recurring audits, the auditor should consider whether circumstances require the
terms of the engagement to be revised and whether there is a need to remind the client
of the existing terms of the engagement.
• An auditor who, before the completion of the engagement, is requested to change the
engagement to one which provides a lower level of assurance, should consider the
appropriateness of doing so. Where the terms are changed, both parties should agree on
the new terms. Note, the auditor should not agree to a change of engagement where
there is no reasonable justification for doing so.
E. BOOKS AND DOCUMENTS
ISQC1 states that the firm should establish policies and procedures for the retention of
engagement documentation for a period sufficient to meet the needs of the firm or as required
by law or regulation.
Unless otherwise specified by law or regulation, engagement documentation is the property
of the audit firm. The firm may, at its discretion, make portions of, or extracts from,
engagement documentation available to clients, provided such disclosure does not undermine
the validity of the work performed, or, in the case of assurance engagements, the
independence of the firm or its personnel.
Audit working papers belong to the auditor and cannot be taken over by another set of
auditors taking over the audit assignment. In practice, the previous auditors provide the new
auditors with enough carry over information such as the lead schedules behind the make up
of the financial statements.
The auditor owes a duty of confidentiality to the client, so documents about the client should
not be given to third parties unless:
Page 36
s
• The client agrees to the disclosure
• The disclosure is required by law or court order
• Disclosure is otherwise in accordance with the rules of professional conduct.
The previous auditors should ensure that all the books and documents belonging to the client
are returned promptly. In some cases, the previous auditors are allowed to keep the books
where they are exercising a lien. This is a suppliers right to retain possession of a customer’s
property until the customer pays up what is owed.
There are strict conditions when this can be enforced:
• The books and documents must actually belong to the client
• The auditor must have got them by proper means
• The actual work must have been done and a fee note raised and given to the client
• The fee must relate to the held documents.
Financial statements and tax compliance work belong to the client, even if the
auditor/accountant has prepared them.
F. CHANGE IN AUDITORS
Companies do actually change their auditors. It is important that auditors understand why a
company may seek to change their auditor in a bid to prevent this from happening to them.
The following sets out the reasons why this can happen:
Audit fee
Many companies perceive that an audit has very little value. In turn this makes the audit fee
a very sensitive issue.
• The fee may be perceived to be too high. Remember, a lot of the audit work may be
done off site and the hours charged at the firms office will belong to the managers and
partners, so the client might not understand why the fee is so high.
• It may not be seen as good value for money. For example, a client may have important
tax work carried out for him. The fee charged may be way lower than that of the audit,
probably due to the time involved, yet the client might see the value of this work far
greater than that of the audit.
• The current fee might not appear to be very competitive. Other similar firms may be
getting audit services for less.
• The client may put the audit out to tender to see whether the price is actually
negotiable, even though he may have no intention of changing his auditor.
• The audit fee may breach the recommended level of overall practice fees as laid down
by ethics and auditor may have no other alternative but to resign.
Audit firm may not seek re-election
• The auditor may choose not to stand for ethical reasons, such as he doubts the integrity
of management
• Conflicts of interest may have arisen such as competition between clients or maybe he
has been offered some lucrative work by the client and he may have to resign the audit
Page 37
s
• The auditor may have a disagreement with the client such as in the formulation of
accounting policies
• The auditor may simply not want to reduce his audit fee.
Size of the company
• The company may be growing at such a rate that the audit firm no longer has the
necessary resources, staff, time, and expertise, to allow it to retain the audit.
Remember the principle of professional competence and due care.
• Alternatively, the company may be constricting and it now finds that it can avail of the
audit exemption specified under relevant jurisdiction regulations.
• There is very little that the auditor can do in each of these cases.
Other reasons
• With small companies, the audit is almost a personal service. If the relationship
breaks down, there may be no where to go except discontinue the relationship. Within
a big firm with big audit clients, you could simply change the engagement partner.
• As part of the safeguards against the threats to independence, audit rotation was put
forward. This is where the audit moves to another firm although in the previous point,
rotating to another engagement partner within the same firm will mean the same thing.
Question 3.1
A B Ltd, a large quoted company, was founded and controlled by Mr. Narang. The principle
business of the company was to develop undeveloped land in city centres into apartment
blocks. In 2010, the Revenue Authorities became suspicious of the nature of the operations
been carried out by the company and instigated an investigation.
The investigation highlighted weak organisational internal controls and non-existence in
many cases. Payments to unknown persons and fictitious consultancy firms were found. In
addition Mr Narang maintained a secret expense account that was used to disburse funds to
himself. The board of directors did not know of the existence of the account which was
maintained by the audit engagement partner. The auditors were heavily criticised in the
report.
Winalot & Co the firm of auditors had an aggressive marketing campaign and had increased
its audit fees substantially over a number of years. They had accepted the audit appointment
in 2008 after the previous auditor had been dismissed. The audit report for 2007 had been
heavily qualified on the ground of poor internal control and lack of audit evidence. Mr
Narang had approached several firms of auditors in order to ascertain whether they would
qualify the audit report given the present system of internal controls. Winalot said it was
unlikely that they would qualify the report. They realised that Mr Narang was opinion
shopping but were prepared to give an opinion in order to attract the client to their firm.
The PLC subsequently filed for insolvency and the auditors were sued for negligence by a
creditor.
Page 38
s
You are required to:
1. Describe the procedures that an audit firm should carry out before accepting a new
client with a potentially high audit risk.
2. Detail the ethical problems raised by the maintenance of the secret expense by the
audit partner.
3. Suggest measures to try and minimise the practice of opinion shopping by
prospective audit clients.
4. Explain how audit firms can reduce the risk of litigation and its effects upon the
audit practice.
Question 3.2
Why would an auditor not seek re-election and what practical issues should an auditor
consider when submitting a tender.
Question 3.3
Discuss accountants and the advertising of fees.
Page 39
Study Unit 4
Professional Responsibility and Liability
Contents
A.
Fraud
B.
Professional Liability
C.
Misconduct
D.
Professional Indemnity Insurance
E.
Sample Questions
Page 40
s
PROFESSIONAL RESPONSIBILITY AND LIABILITY
A. FRAUD
An auditor’s main concern in an audit is the risk of a material misstatement in the financial
statements. These material misstatements can arise from fraud or error.
An error is an unintentional misstatement in the financial statements, whether an omission
of an amount or a disclosure. It can be a mistake in gathering or processing data for the
accounts, an incorrect accounting estimate or a mistake in the application of accounting
principles.
Fraud is an intentional act by one or more individuals among management, employees or
third parties, involving the use of deception to obtain an unjust or illegal advantage.
Auditors do not make legal determination of whether fraud has actually occurred, the
auditor is concerned with fraud that causes a material misstatement in the financial
statements.
Responsibility
ISA 240: the auditor’s responsibility to consider fraud in an audit of financial
statements, states quite clearly in paragraph 240.13 that the primary responsibility for the
prevention and detection of fraud rests with the management and those charged with
governance of the entity. It is their responsibility to establish a control environment to assist
in achieving the orderly and efficient conduct of the entities operations. It is up to them to
put a strong emphasis within the entity on fraud prevention.
The auditor does not have a specific responsibility to prevent or detect fraud, but he must
consider whether it has caused a material misstatement in the financial statements.
Types of fraud
There are two types of intentional misstatement:
• Fraudulent financial reporting
• Misappropriation of assets
Fraudulent financial reporting
This may be accomplished by the following:
• Manipulation, falsification, or alteration of accounting records or supporting
documentation from which the accounts are prepared
• Misrepresentation in or intentional omission from the accounts of events, transactions
or other significant information
Page 41
s
• Intentional misapplication of accounting principles relating to amounts, classification,
manner of presentation or disclosure.
Specifically fraud can be committed by management overriding controls using techniques
such as:
• recording fictitious journal entries
• inappropriately adjusting assumptions
• omitting, advancing or delaying recognition of events or transactions in the correct
accounting period
• Concealing or not disclosing facts that could affect amounts recorded in the financial
statements
• Engaging in complex transactions that are structured to misrepresent the financial
position
• Altering records and terms related to significant and unusual transactions.
Misappropriation of assets
This involves the theft of a company’s assets. While management are in a position to be able
to disguise or conceal misappropriations in ways that are difficult to detect, small and
immaterial amounts misappropriated are often perpetrated by employees.
Misappropriations can be accomplished in a number of ways:
• Embezzling receipts
• Stealing physical assets or intellectual property
• Causing a entity to pay for something they never received
• Using an entity’s assets for own personal use.
The misappropriation of assets is often accompanied by false or misleading records or
documents in order to conceal the fact that the assets are missing.
Why is there fraud
Fraud occurs because
• There is an incentive or pressure to commit fraud
• A perceived opportunity to do so
• Rationalisation of the act.
• Individuals may be living beyond their means
• Management is under pressure to reach targets
• An individual may believe internal controls can be over-ridden.
The auditors approach in relation to fraud
ISA paragraph 240.3 states that in planning and performing the audit to reduce risk to an
acceptable level, the auditor should consider the risks of material misstatement in the
financial statements due to fraud.
Page 42
s
1. Maintain an attitude of professional scepticism
2. Audit team should discuss the entity’s susceptibility to fraud
3. Carry out risk assessment procedures
4. Respond to the assessed risks
5. Consider whether any identified misstatement is indicative of fraud
6. Obtain written representations from management relating to fraud
7. Communicate with management
ISA 240.24 states that the auditor should maintain an attitude of professional scepticism
throughout the audit, recognising the possibility that a material misstatement due to fraud
could exist notwithstanding the auditors past experience with the entity about the honesty and
integrity of management.
Members of the engagement team should discuss the susceptibility of the entity’s financial
statements to material misstatements due to fraud. (ISA 240.27)
The engagement partner should consider which matters are to be communicated to members
of the audit team not involved in the discussion (ISA 240.29).
The discussion may include:
• An exchange of ideas about how and where a company may be susceptible to fraud,
how management could conceal fraud and how assets could be misappropriated.
• A consideration of circumstance that might lead to aggressive earnings management
• A consideration of known factors both external and internal that may create an
incentive or pressure from management or others to commit fraud
• A consideration of management involvement in the supervision of employees with
access to cash or other assets susceptible to misappropriation
• A consideration of any unusual or unexplained changes in behaviour or lifestyle of
management or employees that has come to the teams’ attention
• Emphasising the importance of professional scepticism
• A consideration of the types of circumstances that might indicate fraud
• A consideration of how unpredictability will be incorporated into the audit
• A consideration of audit procedures that might be selected to respond to any suspicions
of fraud
• A consideration of any allegations that have come to the auditors attention
• A consideration of the risk of management override of controls.
Risk assessment procedures
The auditor should undertake risk assessment procedures in order to obtain an understanding
of the entity and its environment, including its internal control.
As part of this work the auditor performs procedures to obtain information that is used to
identify the risks of misstatement due to fraud. These procedures include:
• Making inquiries of management as to how they identify and respond to the risks of
fraud
• Consider whether fraud risk factors are present
Page 43
s
• Consider the results of analytical procedures and any other relevant information
When obtaining an understanding of the entity and its environment, including its internal
control, the auditor should make inquiries of management regarding:
• Management’s assessment of the risk of fraud
• Management’s process for identifying and responding to the risks
• Management’s communication to those charged with governance
• Management’s communication, if any, to employees regarding its views on business
practices and ethical behaviour.
The auditor should make inquiries of management, internal audit and others within the entity,
to determine whether they have knowledge of any actual or suspected fraud.
The auditor should obtain an understanding of how those charged with governance exercise
oversight of management processes for identifying and responding to risks and the internal
control that management has established to mitigate these risks.
The auditor should make inquiries of those charged with governance to determine whether
they have knowledge of any actual or suspected fraud.
When obtaining an understanding of the entity and its environment, the auditor should
consider whether the information obtained indicates that one or more fraud risk factors are
present.
Fraud risk factors are detailed in appendix 1 of ISA 240.
When performing analytical procedures, the auditor should consider unusual or unexpected
relationships that may indicate risks of material misstatements due to fraud.
When identifying and assessing the risks of material misstatement at the financial statement
level, and at the assertion level for classes of transactions, account balance and disclosures,
the auditor should identify and assess the risk of material misstatement due to fraud. Those
assessed risks that could result in a material misstatement are significant risks and
accordingly, the auditor should evaluate the design of the related controls and determine
whether they have been implemented.
The auditor identifies the risks of fraud, relates the identified risks to what can go
wrong at the assertion level and considers the likely magnitude of a potential
misstatement.
Responses to risk
The auditor should determine overall responses to address the assessed risks of material
misstatement due to the fraud at the financial statement level and should design and perform
further audit procedures whose nature, timing and extent are responsive to the assessed
risks at the assertion level.
Page 44
s
The auditor should respond in the following ways:
• A response that has an overall effect on how the audit is conducted
• A response to identified risks at the assertion level
• A response to identified risks where management override controls are involved.
In determining overall responses to address the risk of material misstatement due to fraud at
the financial statement level the auditor should consider
• the assignment and supervision of personnel
• the accounting policies used
• Incorporate an element of unpredictability in the selection of the nature, timing and
extent of audit procedures.
Audit procedures responsive to risks at assertion level may change the nature, timing and
extent of audit procedures such as:
• Audit evidence may need to be more reliable and relevant or to obtain additional
corroborative information. Physical inspection or observation may become more
important.
• Timing of substantive tests may need to be modified, for example in revenue
recognition testing.
• Sample sizes may need to be increased.
• (see appendix 2 ISA 240)
To respond to the risk of management override of controls, the auditor should design and
perform audit procedures to
• test the appropriateness of journal entries
• review accounting estimates and
• obtain an understanding of the business rationale of significant transactions that are
outside the normal course of business for the entity.
Evaluation of audit evidence
The auditor evaluates whether the risks of material misstatement are appropriate based on the
evidence gathered. He must also consider the reliability of management representations and
must obtain from the management in writing, that the management accepts its responsibilities
in relation to the prevention and detection of fraud and has made all relevant disclosure to the
auditors.
The auditor must document:
• The significant decisions reached during the audit team discussion of fraud
• The identified and assessed risks of material misstatement due to fraud
• The response to the assessed risks
• Communication to management
Page 45
s
Reporting
The auditor should communicate to the appropriate level of management any identified fraud.
Where the fraud involves management or key employees in internal control operations, the
auditor should communicate as soon as possible any such fraud to those charged with
governance.
The auditor may have a statutory duty to report fraudulent behaviour to a regulator outside
the entity.
Withdrawal from audit
The auditor should consider resigning from the audit if exceptional circumstances arise that
would bring into question the auditor’s ability to continue in office.
If the auditor withdraws, he should discuss with the appropriate level of management as to
the reasons and should consider whether there are legal or professional requirements to report
to third parties.
B. PROFESSIONAL LIABILITY
Auditors may have professional liability under statute law and in the tort of negligence.
Statute law
There are occasions when auditors have professional liability under statute law:
• In insolvency legislation, the auditor could be found to be an officer of the company
and thus could be charged with a criminal offence in connection with the winding up of
the company.
• An auditor could be found to be guilty of insider dealing, which is a criminal offence.
• Auditors could be found guilty of a criminal offence in respect of money laundering
issues as to their failure to report any known suspicions to the proper authority.
Tort of negligence
Negligence is based on customary/common law. It seeks to provide compensation to loss
suffered by one due to another’s wrongful neglect.
To succeed, an injured party must prove:
• A duty of care existed
• The duty of care was breached
• The actual breach caused the loss.
Who would take an action against an Auditor
If an auditor gave an incorrect audit opinion the following parties might take an action:
• The company
• The shareholders
Page 46
s
• The bank
• Other lenders
• Other interested third parties
The key difference between all the above mentioned parties is the nature and duty of care
owed to them by the auditor.
Audit client
An auditor owes a duty of care to the company as it is the audit client. The company has a
contract with the audit firm. Therefore, the duty of care is automatic under law.
The company is all the shareholders acting as a body; it cannot be represented by one
shareholder alone.
The standard of work of the auditor is generally defined by legislation. A number of
judgements exist which have gauged the level of care as specific legislation does not exist
which states clearly how an auditor should discharge his duty of care.
EG. Re Kingston cotton mills 1896 Court of Appeal, England
“.it is the duty of the auditor to bring to bear on the work he has performed that skill, care and
caution which a reasonably competent, careful and cautious auditor would use. What is
reasonable skill, care and caution, must depend on the particular circumstances of the case.”
EG. Re Thomas Gerrard & son Ltd 1967 Chancery Division, England
“…the real ground on which re Kingston cotton mills….is, I think, capable of being
distinguished is that the standards of reasonable care and skill are, upon the expert evidence,
more exacting today than those which prevailed in 1896.”
EG. Re Fomento(sterling area) Ltd v Selsdon fountain pen co Ltd 1958
“…they must come to it with an inquiring mind, not suspicious of dishonesty…..but
suspecting that someone may have made a mistake somewhere and that a check must be
made to ensure that there has been none.”
Auditors have to be careful in forming an opinion and they must give consideration to all
relevant matters.
If an opinion reached by an auditor is one that no reasonably competent auditor would be
likely to reach, then the auditor would possibly be held for negligence.
Third parties
The auditor can only owe a duty of care to parties other than the audit client, if one can be
established.
Third parties will include any individual shareholders, potential investors and the bank. In
these cases, there is no contract with the audit firm. Therefore, there is no implied duty of
care.
Page 47
s
Case law seems to suggest that the courts have been reluctant to attribute a duty of care for
third parties to the auditor.
EG. Caparo industries plc v Dickman and others 1990 England House of Lords - Tort
Caparo relied on a set of accounts to purchase shares in a company. Subsequently, they
alleged that the accounts were misleading. They argued the auditors owed a duty of care.
The House of Lords found that there was no duty of care. The audit complied with the
company’s legislation and there was no mention in that legislation to suggest that auditors
should protect the interests of investors.
EG. James McNaughton paper group Ltd v Hicks Anderson 1990
The position held that a restrictive approach was now adopted to any extension of the scope
of the duty of care beyond the person directly intended by the auditor. In addition, all
circumstances should now be taken into account in deciding on a duty of care.
However, in 1995, a high court judge made an award against BDO as their joint audit of a
company in which ADT were investing was held to be a contractual relationship with ADT.
Problems however still arise after this case law. The reality is that third parties do rely on
audited accounts. The perception is if you are required to file your accounts with for
example the Office of Registrar General in Rwanda, then this information must be credible
and independent.
It seems unfair that auditors should bear full responsibility for something for which they do
not have the primary responsibility.
In recent times, directors of companies are required by law not to make misleading
statements to auditors.
Banks and other major lenders appear to have a more special relationship than other third
parties.
Loan facilities will often contain clauses requiring audited accounts and up to date financial
information on a regular basis. This may be seen to document a relationship with the auditor
that establishes a duty of care.
EG. Royal Bank of Scotland v Bannerman, Johnstone Maclay and other 2002
The bank provided an overdraft facility to the company, who it is claimed misstated its
position due to a fraud. It was argued that the auditors neglected to find the fraud.
The judge found that the auditors had a duty of care. They knew that the bank need audited
accounts as part of the overdraft arrangement and could have issued a disclaimer to the bank.
But they didn’t and this was an important factor in deciding that they did owe a duty of care.
Litigation avoidance
One way of dealing with litigation is to try and avoid it.
How?
• Have clear client acceptance procedures, screen new clients, use an engagement letter.
• Perform all audit work in accordance with standards and best practice.
• Have sensible and effective quality control procedures in place.
Page 48
s
• Issue appropriate disclaimers. Auditors may attempt to limit their liability by issuing
disclaimers, although this may not always be effective in law.
C. MISCONDUCT
Misconduct includes any act or default that is likely to bring discredit to the member, relevant
firm or registered student.
A member should comply with relevant laws and regulations and should avoid any action that
discredits the profession.
A member found guilty of misconduct by a competent court shall be liable to disciplinary
action, the penalties for which are at the discretion of the professional bodies committees
dealing with this area.
Misconduct could include:
• Deception
• Forgery
• Theft
• Dishonesty.
Honesty and integrity is a fundamental principle for auditors as they are in a position of
trust. Dishonesty therefore would be taken very seriously.
D. PROFESSIONAL INDEMNITY INSURANCE
Most professions insist that auditors take out professional indemnity insurance.
This is insurance against civil claims made by clients and third parties arising out of the work
undertaken by a firm.
Fidelity guarantee is insurance against liability arising through any acts of fraud or
dishonesty by an employee of a firm in respect of money or goods held in trust by the firm.
Insurance is important in order to compensate the client as it is highly unlikely that a firm
would have the necessary resources to fully compensate a client. It also provides some
protection for the firm against bankruptcy.
There is a downside to the insurance. It is quite expensive and there may also be limits to the
cover. There is also the risk that some auditors will take less care than their duty requires as
they have a safety net if something goes wrong.
It is also common for the insurance requirement to remain in place after a member ceases to
engage in public practice.
The major accountancy firms have been interested in trying to limit their liability for
partners in the event of negligence.
Page 49
s
Question 4.1
Write a note, where you must consider the extent to which an auditor should be responsible
for detecting fraud when auditing the accounts of limited companies.
1. Outline the extent to which an auditor is responsible for detecting fraud.
2. Discuss whether it would be reasonable to extend the auditor’s responsibilities and are
there any practical problems of extending such responsibilities?
3. Conclude on and define the extent to which you consider it reasonable for an auditor to
be responsible for detecting fraud.
Question 4.2
In an action for negligence, what must occur in order to proceed?
Question 4.3
What practical actions can an auditor apply in order to avoid litigation?
Page 50
BLANK
Page 51
s
Study Unit 5
Practice Management & Regulatory Environment
Contents
A.
Risks to which firms are exposed
B.
Quality Control
C.
What are the Current Trends?
D.
Corporate Governance
E.
Law and Regulation
F.
Sample Questions
Page 52
s
PRACTICE MANAGEMENT & REGULATORY ENVIRONMENT
A. RISKS TO WHICH FIRMS ARE EXPOSED
A key risk facing any audit firm is that the business will fail. In this respect an audit firm is
no different from any other business venture.
Risks specific to audit firms:
• Litigation against the firm
• Client loss (changes in auditors!!)
• Disciplinary action by the professional body
• Loss of key audit personnel
• Competition
Diagram 1
Loss of the
litigious
client
Loss of
other
clients
To competitors
Loss of key
audit personnel
Bad
publicity
Litigation against
audit firm
Disciplinary
action by
Professional
Body
Client
Loss
Risk of Business
failure
Page 53
s
Risk Management
As part of managing their own business effectively, auditors should have a system of risk
management in place.
They should identify the risks and take steps to mitigate against these risks. For example, an
auditor can mitigate against business risks by taking out key person (keyman) insurance and
putting in place client care procedures.
In general, the risk of business failure for audit firms can be mitigated by observing
regulatory or professional requirements. Such requirements can be found within the
International standards on auditing and the code of ethics. The standards give a good
framework within which auditors can operate.
This framework ensures that there is a standard level of quality and consistency between all
audit firms. If the international standards on auditing are not followed by auditors, they run
the risk of disciplinary action by their respective professional bodies. In addition, where
there is negligence, there is also the risk of litigation and thus the risk of business failure.
B. QUALITY CONTROL
Auditing standards stress the importance of quality control, both at the audit firm level and
the audit engagement level.
ISQC1 Quality Control for firms that perform audits and reviews of historical financial
information, and other assurance and related services engagements helps audit firms
establish quality standards for their own business, while ISA 220 Quality Control for audits
of historical financial information requires firms to implement quality control procedures
over individual audit assignments.
Quality control at firm level
ISQC1 (11) establishes that the firm should establish a system of quality control designed to
provide it with reasonable assurance that the firm and its personnel comply with professional
standards and regulatory and legal requirements, and that reports issued by the firm or
engagement partners are appropriate in the circumstances.
A system of quality control consists of policies designed to achieve the objectives and the
procedures necessary to implement and monitor compliance with those policies.
All quality control policies and procedures should be documented and communicated to the
firm’s personnel (ISQC1(17)).
Elements of a system of quality control:
• Leadership responsibilities for quality within the firm
• Ethical requirements
• Acceptance and continuance of client relationships and specific engagements
Page 54
s
• Human resources
• Engagement performance
• Monitoring
Leadership
The aim is to instill such policies and procedures in that the internal culture of the firm is
one where quality is essential and should be considered to be the norm. Leadership must
come from the top down and with that in mind the standard recommends that a senior
management person should assume the overall responsibility.
ISQC1(19) sets out that any person assigned the overall responsibility for a firm’s quality
control system should have sufficient and appropriate experience and ability and the
necessary authority to assume that responsibility.
Ethics
The firm should establish policies and procedures designed to provide it with reasonable
assurance that the firm and its personnel comply with relevant ethical requirements. Such
ethical requirements include the fundamental principles of integrity, objectivity, professional
competence & due care, confidentiality and professional behaviour.
Acceptance and continuance of client relationships and specific
engagements
A firm should establish policies and procedures for the acceptance and continuance of client
relationships and specific engagements. They should be designed to provide it with
reasonable assurance that it will only undertake or continue relationships and engagements
where it has considered (1) the integrity of the client and does not have information that
would lead it to conclude that the client lacks integrity, (2) is competent to perform the
engagement, (3) has the capabilities, time and resources to do so and (4) can comply with
ethical requirements.
Human Resources
An audit firm’s desire for quality will require policies and procedures on ensuring excellence
in its staff. It should have sufficient personnel with the necessary experience, competence
and ethical principles necessary to perform audits in accordance with the professional
standards and regulatory and legal requirements.
Such policies and procedures will address the following issues:
• Recruitment
• Performance evaluation
• Capabilities
• Competence
• Career development
• Compensation
• Estimation of personnel needs
Page 55
s
Capabilities and competence can be developed through:
• Professional education
• Continuing professional development and training
• Work experience
• On the job training
Engagement performance
ISQC1(32-47) states that the firm should establish policies and procedures designed to
provide it with reasonable assurance that engagements are performed in accordance with
professional standards and regulatory and legal requirements, and that the firm or the
engagement partner issues reports that are appropriate in the circumstances.
Through its policies and procedures, the firm seeks to establish the consistency in the quality
of engagement performance. This is often accomplished through written or electronic
manuals, software tools or other forms of standardized documentation.
Ensuring good engagement performance involves a number of issues:
• Direction
• Supervision
• Review
• Consultation
• Resolution of disputes
Consultation
In ISQC1.34 the firm should establish policies and procedures designed to provide it with
reasonable assurance that:
• Appropriate consultation takes place on difficult or contentious matters
• Sufficient resources are available to enable appropriate consultation
• The nature and scope of such consultations are documented
• Conclusions resulting from consultations are documented and implemented
Where an audit firm is small, this may necessitate external consulting.
Resolution of disputes
A firm should establish policies and procedures for dealing with and resolving differences of
opinion.
Quality control review
A firm should establish policies and procedures requiring, for appropriate engagements, a
quality control review that provides an objective evaluation of significant judgments made
on an assignment and the conclusions reached in forming an opinion on a set of accounts.
An audit firm must have standards as to what constitutes a suitable quality control review.
These standards should cover:
• The nature, timing and extent of such a review,
Page 56
s
This could be discussions with an engagement partner, a review of financial statements
and consideration of whether reporting is appropriate. May involve some selective
review of working papers particularly where there was significant judgment applied,
• The criteria of eligibility of the reviewer,
The individual selected should have sufficient technical expertise and should be
objective.
• The documentation required -
It should show that the review was competed before the audit report is signed off.
In respect of a listed company, a quality control review must be carried out before the
audit report is signed off.
In respect of a listed company, a review should consider:
• The engagement teams evaluation of independence
• Significant risks identified and the responses to those risks
• Judgments with respect to materiality and significant risks
• Whether appropriate consultation has taken place
• Significance of misstatements identified, both amended and un-amended
• Matters to be communicated to management
• Whether selected working papers support conclusions reached
• Whether report to be issued is appropriate
Monitoring
Firms must have policies and procedures in place to ensure that their quality control system
is:
• Relevant
• Adequate
• Operating effectively
• Complied with in practice
In order to achieve the objectives, a firm must monitor the quality control system. This
should be reported to the management of the firm on an annual basis.
Types of monitoring activities:
• Ongoing evaluation and/or
• Periodic inspection of selected audits
Deficiencies found may be one-offs, but systematic or repetitive deficiencies will require
corrective action such as:
• Taking appropriate remedial action relating to an individual
• Changes to the quality control system
• Pointers to the training dept.
• Disciplinary action against those who fail to comply with the policies and
procedures
Page 57
s
Quality control at audit engagement level
ISA 220.2 states that the engagement team should implement quality control procedures that
are applicable to the individual audit engagement. This standard applies the principles laid
down in the ISQC1.
The engagement partner should
• Take responsibility for the overall quality on each audit engagement to which the
partner is assigned.
• Consider whether members of the engagement team have complied with ethical
requirements.
• Form a conclusion on compliance with independence requirements that apply to the
audit engagement.
• Be satisfied that appropriate procedures regarding the acceptance and continuance of
client relationships and specific audit engagements have been followed, and that
conclusions reached in this regard are appropriate and have been documented.
• Be satisfied that the engagement team has the appropriate capabilities, competence and
time to perform the audit engagement in accordance with professional standards and
regulatory and legal requirements, and to enable an auditor’s report that is appropriate
in the circumstances.
• Take responsibility for the direction, supervision and performance of the audit
engagement in compliance with professional standards and regulatory and legal
requirements.
Engagement performance
ISA 220.21 states that the engagement partner should take responsibility for the direction,
supervision and performance of the audit engagement in compliance with professional
standards and regulatory and legal requirement, and for the auditor’s report that is issued to
be appropriate in the circumstances.
The audit engagement can be directed by informing members of the team of:
• Their responsibilities such as maintaining an objective state of mind, an appropriate
level of professional scepticism and performing the work in accordance with due care.
• The nature of the entity’s business
• Risk related issues
• Problems that may arise
• The detailed approach to the performance of the engagement.
Supervision includes:
• Tracking the progress of the engagement
• Considering the capabilities and competence of members of the team, whether they
have sufficient time, they understand their instructions, and whether the work is being
carried in accordance with the planned approach.
• Addressing significant issues as they arise, considering their significance and
modifying the planned approach appropriately.
Page 58
s
• Identifying matters for consultation by more experienced engagement team members
during the engagement.
Review responsibilities are determined on the basis that the more experienced members of
the audit engagement, review work performed by less experienced persons. The reviewers
consider whether:
• The work has been performed in accordance with professional standards
• Significant matters have been raised for further consultation.
• Appropriate consultations have taken place and the consultations have been
documented and implemented.
• There is a need to revise the nature, timing and extent of the work performed.
• The work performed supports the conclusions reached and is appropriately
documented.
• The evidence obtained is sufficient and appropriate to support the auditor’s report.
• The objectives of the audit engagement procedures have been achieved.
Before the auditor’s report is issued, the engagement partner, through review of the audit
documentation and discussion with the engagement team, should be satisfied that sufficient
appropriate audit evidence has been obtained to support the conclusions reached and for the
audit report to be issued.
When difficult or contentious issues arise, the team should consult on the matters and
document the conclusions.
If the differences arise as between partner and audit team, or partner and quality control
reviewer, the differences should be resolved according with the firm’s policies.
In some circumstances, it may be appropriate for the engagement team to consult outside the
firm, for example, where the firm lacks the internal resources.
Quality control review
For audits of financial statements of listed companies, the engagement partner should:
• Appoint a quality control reviewer.
• Discuss with the reviewer significant matters which have arisen during the audit.
• Not issue the audit report until completion of the review.
Monitoring
The engagement partner should consider:
• Whether deficiencies noted from the results of the firm’s monitoring process may affect
the audit engagement.
• Whether the measures the firm took to rectify the situation are sufficient in the context
of the audit.
A deficiency in the firm’s system of quality control does not indicate that a particular audit
engagement was not performed in accordance with professional standards.
Page 59
s
C. WHAT ARE THE CURRENT TRENDS?
There are three distinct types of audit firms.
• Big four1
• Medium sized
• Small
Their size is classified by their fee income earned.
Mergers
There is merger activity at all levels as firms attempt to consolidate their position or attempt
to move up the ladder.
The merger activity among the big four raises issues about monopolies. This can result in
reduced choices for larger clients. Also, conflicts of interest may arise.
The current debate about the audit exemption limits under certain jurisdiction regulationsand
the fact that it is going to rise substantially could have a significant impact on the client base
of small audit firms. They may be forced to merge to compete for the larger audit clients.
Globalization
This concerns the big four and the larger of the medium sized firms.
There are two approaches to globalization:
• Affiliation
Mainly affects the big four. It allows a brand name to develop.
• Co-operation
Mainly affects the medium firms. It is international co-operation through a network of
sister companies.
The benefits of globalization are that audit firms can now meet the needs of international
companies.
However, there can be dramatic knock on effects for international firms e.g. Andersens
(Enron’s auditors).
Divesting Services
Consultancy is one of the key services which have been divested from the audit firms. The
independence ethics are certainly fuelling this.
Quality Control Regulations
These regulations impact differently on large and small firms. Small firms may need to hire
external experts.
1 Being PricewaterhouseCoopers (PwC), Deloittes, KPMG and Ernst & Young. All are in Rwanda
Page 60
s
D. CORPORATE GOVERNANCE
In the previous sections we looked at frameworks within which audit firms operated. Now,
we will look at frameworks, for client companies, to ensure that they deal fairly with their
members.
A string of high profile scandals and frauds in the 1980’s and the 1990’s forced for example,
the UK government to set up voluntary codes of best practice to enforce good practice by
directors and to communicate the adherence to good practice by management to the
shareholders.
It was vital that companies were managed well i.e. there was good corporate governance.
For example: The Cadbury report (in the UK) defines Corporate Governance as:
“The system by which companies are directed and controlled”.
Why is good corporate governance important?
Shareholders and managers are usually separate in a company and it is important that the
management of a company deals fairly with the investment made by the owners.
In smaller companies, shareholders are fully informed about the management of the business
as they are often the directors themselves. However, in large companies the day to day
running of a company is the responsibility of the directors. Shareholders only get a look-in at
the Annual Meeting.
In addition, auditors only report on the truth and fairness of financial statements. They do not
report on how the shareholders’ investment is being managed and whether their investment is
subject to fraud.
Codes of best practice
Two prominent codes have been formed and are considered best practice in modern times.
1. The Cadbury report
2. The Combined code
The Cadbury Report
The Cadbury report was issued in 1992. Its terms of reference considered:
• The responsibilities of executive and non-executive directors and the frequency, clarity
and form in which information should be provided to shareholders.
• The case for audit committees, their composition and role.
• The responsibilities of auditors and the extent and value of the audit.
• The links between auditors, shareholders and the directors.
The Cadbury report was aimed at directors of all UK PLCs, but directors of all companies are
encouraged to apply the code. Directors should state in the financial statements, normally
through the directors’ report, whether they comply with the code and must give any reasons
for non-compliance.
Page 61
s
The Cadbury report covered a number of areas including the board of directors, non-
executive directors, executive directors and the audit function. Some of the provisions
include:
Board of Directors
• They should meet on a regular basis.
• They should have clearly accepted divisions of responsibilities, so no one person has
complete power.
• The posts of chairman and CEO should be separate.
• Decisions which require a single signature or several signatures need to be laid out in a
formal schedule and procedures must be put in place to ensure that the schedule is
followed. It will probably include material acquisitions and disposals of company
assets, investments, capital projects, borrowings and foreign currency transactions.
Non-executive directors
• They are not involved in the day to day running of the company and should bring their
independent judgment to bear in the affairs of the company. Such affairs may include
key appointments and standards of conduct.
• There should be no business or financial connection between the company and the non-
executive directors other than fees and a shareholding.
• Their fees should reflect the time they spend on the business.
• They should not participate in share option schemes or pension schemes.
• Appointments of non-executive directors should be for a specific term and automatic
re-appointment is discouraged.
• Procedures should exist whereby they may take independent advice.
• A remuneration committee consisting of non-executive directors should decide on the
level of pay for executive directors.
Executive directors
• They run the company on a day to day basis and should have service contracts in place
of not more than three years in length, unless approved by the shareholders.
• Directors’ emoluments should be fully disclosed in the accounts and should be analysed
between salary and performance based pay.
Audit
• The code states that the audit is the cornerstone of corporate governance. It is an
objective and external check on the stewardship of management.
• Some flaws exist in the framework for auditing, such as choices in accounting
treatments, poor links between shareholders and auditors, price competition between
audit firms and the “expectations gap” between auditors and the public.
• Disclosing fees for audit in the financial statements should safeguard against the threat
of objectivity where auditors offer other services to their audit clients.
• Formal guidelines concerning audit rotation should be drawn up by the accounting
profession.
• The accountancy profession should be involved in setting criteria for the evaluation of
internal control.
Page 62
s
• There is a need for auditors to report on going concern. This is now reflected in
auditing standards.
The Cadbury code is quite detailed and could be cumbersome for small companies. With this
in mind a special version was formed for small listed companies (Cisco code). Reduction in
required numbers of non-executive directors and the non- requirement to split roles of CEO
and chairman are the main differences.
The Combined Code
For example the UK stock exchange issues guidance on a regular basis. In 1998, it issued the
combined code. This combined key guidance from various reports including the Cadbury
report into the one code.
Some of its principles included:
• Every company should have an effective board.
• There should be clear divisions of responsibilities at board level.
• There should be an appropriate balance of executive and non-executive directors.
• A formal procedure for appointments to the board should exist.
• The board should receive timely information in order to discharge its duties.
• All directors should maintain and upgrade their skills and knowledge.
• There should be an annual evaluation of its own performance.
• All directors should be submitted to re-election at appropriate time intervals.
• There should be appropriate levels of remuneration that is sufficient to attract, retain
and motive individuals of the necessary quality required.
• A significant portion of pay should be performance related.
• A formal procedure for the fixing of pay levels should exist and no director should have
a hand in fixing his/her own pay.
• The board should present a balance assessment of the company’s performance.
• The board should implement a good system of internal control.
• The board should have meaningful communication with the shareholders and should
use the Annual Meeting to communicate with investors.
For example the UK Stock exchange rules require that the annual report includes a statement
of how a company has applied the principles of the combined code and must disclose whether
there has been compliance with those principles. Auditors should review this statement.
Although the stock exchange rules require the code to be complied with, there is no statutory
duty for companies to do so. It is in fact a voluntary code.
This allows for flexibility in its application although shareholders will be aware of the
position due to the disclosure requirements. There is a view though that the disclosure of
non-compliance is insufficient as the Annual Meeting is not sufficient protection for
shareholders.
In addition, being a voluntary code allows companies to opt out to the detriment of their
shareholders and there are companies which, while unlisted, should be encouraged to apply
the codes.
Page 63
s
Making the code obligatory may create an excessive burden of requirement especially for
smaller companies.
Audit Committees
Audit committees are generally made up of non-executive directors. They are perceived to
increase confidence in financial reports.
Recommendations contained in the combined code include
• Audit committee should comprise at least three non-executive directors (two for smaller
companies).
• Its main role and responsibilities should be clearly set out in written terms of reference.
• The committee should be provided with sufficient resources to undertake its duties.
Role and responsibilities
• To monitor the integrity of the financial statements and other formal announcements.
• To review the internal financial controls and the company’s control and risk
management systems.
• To monitor and review the effectiveness of the internal audit function.
• To make recommendations regarding the appointment of external auditors and their
remuneration.
• To monitor and review the external auditor’s independence and objectivity.
• To develop and implement policy on the engagement of the external auditor in other
non-audit services.
Advantages of an audit committee
• Provides an independent point of contact for the external auditor, particularly in the
event of disagreements.
• Can create a climate of discipline and control.
• Increased confidence in the credibility and objectivity of financial reports, by
increasing the quality of the financial reporting and enabling the non-executive
directors to contribute an independent judgment.
• Internal auditors can report directly to the committee thereby providing a greater degree
of independence from management.
• The existence of such a committee should make the executive directors more aware of
their duties and responsibilities.
• Can act as a deterrent to fraud or illegal acts by executive directors.
Disadvantages of an audit committee
• Can be difficult to source sufficient non-executive directors with the necessary
competence to be effective.
• Auditors may not raise issues of judgment where there are formalised reporting
procedures.
• Costs may increase.
• Findings are generally not made public, so it is not always clear what they actually do.
Page 64
s
Internal control effectiveness
Internal control is an essential tool in having good corporate governance.
The directors of a company are responsible for putting in place an effective system of
internal control. An effective system of internal control will help management safeguard the
assets of a company, prevent and detect fraud and therefore, safeguard the shareholders’
investment.
In addition, it helps ensure reliability of reporting and compliance with laws. The use of the
word help denotes the fact that there are inherent limitations in any system of internal
controls and as such there can be no such thing as absolute assurance.
The directors need to set up internal control procedures and need to monitor these to ensure
that they are operating effectively.
The system of internal control will reflect the control environment which depends a lot on the
attitude of the directors towards risk.
A company may decide to set up an internal audit function to monitor and assess the system
of internal control.
The combined code recommends that the board of directors reports on the review of internal
controls. This assessment should cover the changes in risks which the company faces and its
ability to respond to these changes, the scope and quality of management’s monitoring of risk
and internal control and the extent and frequency of reports to the board. It should also assess
the significant controls, failings and weaknesses that might have a material impact on the
accounts.
Auditors should assess the review carried out by the directors. They should assess whether
the company’s summary of the process of review is supported by documentation prepared by
the directors and that it reflects that process.
This review is not as defined as an audit. Therefore, it is only possible to give limited
assurance. For this reason, the auditors are not expected to assess whether the director’s
review covers all risks and controls and whether the risks are satisfactorily addressed by the
internal controls.
In order to avoid any misunderstandings, a paragraph is inserted into the audit report setting
out the scope of the auditor’s role.
Auditors should bring to the attention of directors any material weaknesses they find in the
system of internal control.
Auditors may report by exception if problems arise such as:
• The auditors understanding of the review process differs somewhat from what the
board says.
Page 65
s
• The processes that deal with material internal control aspects do not reflect what the
auditor believes.
• The board failing to make appropriate disclosures, failing to conduct a review or makes
disclosures which are not consistent with what the auditor already knows.
E. LAW AND REGULATION
The previous sections referred to codes which, by and, large are voluntary codes.
Companies, however, are statutory bound to comply with laws and regulations.
Some of the laws and regulations affecting companies are:
• Company law
• Health and safety regulations
• Employment law
• Civil law, both tort and contract
• Environmental law and regulation
• Customary law where not covered by statute
ISA 250: consideration of laws and regulations in an audit of financial statements
establishes standards and guidance on the auditor responsibilities to consider laws and
regulations in an audit of financial statements.
ISA 250.2 states that when designing and performing audit procedures and in evaluating
and reporting the results thereof, the auditor should recognise that non-compliance by the
entity with laws and regulations may materially affect the financial statements.
As with the system of internal control, an audit cannot be expected to detect non-compliance
with all the laws and regulations applicable to a company. Detection, regardless of
materiality, requires consideration of the implications for the integrity of management or
employees and the possible effect on other aspects of the audit.
Non-compliance can be intentional or unintentional acts of omission or inclusion by the
entity.
Non-compliance is a legal determination and is beyond the auditor’s professional competence
and while an auditor’s experience and training may well provide a basis for recognition,
ultimately, it can only be determined by a court of law.
The further removed the non-compliance is from the events and transactions normally
reflected in the financial statements, the less likely the auditor is to become aware of it or
recognise non-compliance.
Responsibility of Management
It is management’s responsibility to ensure that the entity’s operations are conducted in
accordance with laws and regulations. The responsibility for the prevention and detection of
non-compliance rests with management.
Page 66
s
The following policies and procedures may assist management in discharging its
responsibilities:
• Monitoring legal requirements and ensuring that operating procedures are designed to
meet these requirements.
• Instituting and operating appropriate internal control.
• Developing, publicising and following a code of conduct.
• Ensuring employees are properly trained and understand the code of conduct.
• Monitoring compliance with the code of conduct and acting appropriately to discipline
employees who fail to comply with it.
• Engaging legal advisors to assist in monitoring legal requirements
• Maintaining a register of significant laws with which the entity has to comply within its
particular industry and a record of complaints.
In larger companies, these policies and procedures may be supplemented by an internal audit
function and an audit committee possibly split between a legal dept. and a compliance
function.
Directors of the company have responsibility to provide information required by the auditor,
to which they have a legal right of access. Such legislation also provides that it is a criminal
offence to give the auditor information or explanations which are misleading, false or
deceptive.
The auditor’s consideration
The auditor cannot be held responsible for preventing non-compliance, although an annual
audit may act as a deterrent.
Even though an audit is properly planned and performed in accordance with standards, there
is the unavoidable risk that some material misstatements will not be detected in the financial
statements. The risk is higher with regard to material misstatements resulting from non-
compliance with laws and regulations due to factors such as:
• There are many laws and regulations that typically do not have a material effect on the
financial statements (mainly operational aspects) and are not captured by the entity’s
information systems.
• The effectiveness of audit procedures is affected by the inherent limitations of internal
control and the use of testing.
• Much of the audit evidence obtained is persuasive rather than conclusive.
• Non-compliance may involve conduct designed to conceal it, such as collusion,
forgery, omission, senior management override of controls or intentional
misrepresentations made to the auditor.
ISA250(12 -17) states that auditors should plan and perform the audit with an attitude of
professional scepticism recognising that the audit may reveal conditions or events that would
lead to questioning whether an entity is complying with laws and regulations.
The auditor would test for compliance with specific laws and regulations only if engaged to
do so.
Page 67
s
In order to plan the audit, the auditor should obtain a general understanding of the legal and
regulatory framework applicable to the entity and the industry and how the entity is
complying with that framework. The auditor should recognise that some laws may give rise
to business risks that have a fundamental effect on the operations of the entity. For example,
non-compliance with the licensing laws relating to a bank could force it out of business.
One of the most difficult distinctions in practice is deciding which laws are central to which
businesses and when.
To obtain a general understanding of laws and regulations, an auditor would ordinarily:
• Use the existing understanding of the entity’s industry, regulatory and other external
factors.
• Inquire of management concerning their policies and procedures regarding compliance
and as to the laws and regulations that may be expected to have a fundamental effect on
the operations of the entity.
• Discuss with management the policies or procedures adopted for identifying, evaluating
and accounting for litigation claims and assessments.
• Discuss the legal and regulatory framework with auditors of subsidiaries.
ISA25018-29 lays out that, after obtaining the general understanding, the auditor should
design procedures to help identify possible or actual instances of non-compliance with the
laws and regulations, which are central to the entity’s ability to conduct its business and
hence to its financial statements.
Further, the auditor should obtain sufficient, appropriate audit evidence about compliance
with those laws and regulations, which the auditor recognises as having an effect on the
determination of material amounts and disclosures in the financial statements.
Some of the laws and regulation include ones which prohibit a company from making
distributions except out of distributable profits and laws which require the auditor to
expressly report on non-compliance such as maintenance of proper books of account or
disclosures of directors’ remuneration.
Other than those mentioned above, the auditor does not perform other audit procedures on the
entity’s compliance since this would be outside the scope of the audit.
The auditor should be alert to the fact that audit procedures applied for the purposes of
forming an opinion on the financial statements, such as reading of minutes, may highlight
possible instances of non-compliance. In addition, non-compliance issues might incur
obligations for audit firms to report money laundering offences.
It should be noted though that there is a distinction between checking systems of compliance
and checking actual compliance.
The auditor should obtain written representations from management that they have
disclosed to the auditor all known actual or possible non-compliance with laws and
regulations whose effects should be considered when preparing the financial statements. In
addition, where applicable, the written representations should include the actual or contingent
consequences which may arise from the non-compliance.
Page 68
s
In the absence of audit evidence to the contrary, the auditor is entitled to assume the entity is
compliant with these laws and regulations.
The auditor’s responsibility in expressing an opinion on financial statements does not extend
to determining whether the entity has complied in every respect with tax legislation. The
auditor only needs sufficient audit evidence to give a reasonable assurance that the tax
amounts in the financial statements are not materially misstated.
ISA 250 A1 – A21 gives a number of examples where non-compliance may have occurred.
What to do when non-compliance is discovered
When the auditor becomes aware of non-compliance, the auditor should obtain an
understanding of the nature of the act and the circumstances in which it has occurred, and
sufficient other information to evaluate the possible effect on the financial statements.
The auditor must consider:
• The potential financial consequences such as fines, penalties and/or litigation.
• Whether the potential financial consequences require disclosure.
• Whether these consequences are so serious they call into question the truth and fairness
of the accounts.
When the auditor believes there is non-compliance, he must document the findings and
discuss them with management. Bear in mind that the discussions with management should
be subject to compliance with legislation relating to “tipping off” particularly with any
requirement to report findings direct to a third party.
When adequate information about suspected non-compliance cannot be obtained, the auditor
should consider the effect of the lack of sufficient appropriate audit evidence on the audit
report. He should consider the implications in relation to the reliability of management
representations.
Reporting of non-compliance
As soon as possible, the auditor should communicate with management, or obtain audit
evidence that management are appropriately informed, regarding non-compliance that comes
to the auditor’s attention. If in the auditor’s judgment, the non-compliance is intentional
and/or material, the auditor should communicate without delay.
If the auditor suspects senior management, then he should communicate to the next higher
level, such as the audit committee. Failing that, he should seek legal advice.
In the case of money laundering it may be appropriate to report the matter direct to the
appropriate authority.
Audit report implications
• If the auditor concludes that the non-compliance has a material effect on the accounts
and has not been properly reflected, he should express a qualified or adverse opinion.
Page 69
s
• If the auditor has not been able to obtain sufficient evidence to evaluate whether a
material non-compliance has occurred, he should qualify his report or issue a disclaimer
of opinion on the basis of a scope limitation.
Third part reporting
Although the auditor has a duty of confidentiality, where non-compliance gives rise to a
statutory duty to report, the auditor should do so without undue delay.
Withdrawal from the engagement
The auditor may conclude that withdrawal is necessary when remedial action is not taken,
even when the non-compliance is not material. Resignation is a step of last resort.
Money Laundering
Money laundering is a very hot topic in recent times.
Money laundering is the process by which criminals attempt to conceal the true origin and
ownership of the proceeds of their criminal activity, allowing them to maintain control over
the proceeds and ultimately, providing a legitimate cover for the source of their income.
Anti-money laundering legislation imposes a duty to report money laundering in respect of
the proceeds of all crime. Audit firms are required to report suspicions that a criminal
offence has been committed, regardless of whether the offence has been committed by a
client or by a third party. In addition, they need to be alert to the danger of making
disclosures that are likely to tip off a money launderer, as this is a criminal offence
There is no legal right not to make a report and the auditor is not constrained by his
professional duty of confidence, although in all cases any such reporting must be made in
good faith. In this case, he is protected by law from having the client take a civil case against
him. However, if he did not have reasonable grounds on which to make a report to a third
party, he may be sued by his client for breach of confidentiality.
Under legislation, all businesses (including audit firms) are required to set up systems to
prevent money laundering such as:
• Appointing a money laundering reporting officer, who reports direct to the Police.
• Undertaking customer due diligence, mandatory verification of identification.
• Reporting suspicions of money laundering.
• Maintaining specific records, for a minimum period of five years.
• Put in place internal controls to ensure continued compliance with the legislation
• Training staff in all of these issues.
Failure to do these is a criminal offence.
Problems for auditors
The duty of confidentiality, which will probably require further ethical guidance, is a problem
for the auditor, although firms should not risk breaking the law by not reporting.
Normal reporting requirements may conflict with money laundering offences.
Page 70
s
For example, reporting a suspicion may have a material impact on the accounts which should
be disclosed to the shareholders in an audit report. However, this may be considered to be
tipping off. Even resigning your position could be seen as tipping off.
Question 5.1
There has been an increase in the size of audit firms and this has been a source of concern to
regulators and clients. Some audit firms feel that mergers between the largest firms of
auditors are necessary in order to meet the global demand for their services. However, clients
are concerned that such mergers will create monopolistic market for audit services which will
not be in anyone’s best interests.
You are required to explain why:
1. The larger audit firms might wish to merge.
2. These mergers have the potential to create problems.
Question 5.2
A key risk facing audit firms is that their business will fail. What factors causes this risk?
Question 5.3
Explain how an audit can be lost due to its size.
Question 5.4
Read Ltd carries on a wholesale book operation. To the end of 2010 the growth in turnover
to RWF25m has continued to match the rate of inflation. Costs have been contained by
reducing staff numbers from 96 to 90. The asset turnover is holding at five times. The
accountant has prepared draft accounts and has included a directors’ responsibilities
statement.
“The directors are required by company law to prepare financial statements for each financial
period which give a true and fair view of the state of affairs of the group as at the end of the
financial period and of the profit and loss for that period. In preparing the financial
statements, suitable accounting policies have been used and applied consistently, and
reasonable and prudent judgment and estimates have been made, applicable accounting
standards have been followed. The directors are also responsible for maintaining adequate
accounting records, for safeguarding the assets of the group and for preventing and detecting
fraud and other irregularities.”
On reading the statement, a director comments that the statement included aspects he had
always assumed were the responsibility of the auditor and complained about all these
irrelevant new rules.
He requested that the accountant should prepare a memo for the board of directors what is
going on.
Page 71
s
Assume you are the accountant and draft a memo for the board explaining:
1. The background to the directors’ responsibilities statement and its inclusion in the
annual report
2. What is meant by a true and fair view and how the board can assess whether the
financial statements give a true and fair view and recommend adequate steps for
safeguarding the assets and preventing and detecting fraud.
Page 72
BLANK
Page 73
s
Study Unit 6
Audit Planning and Strategy
Contents
A.
Audit Planning
B.
Materiality
C.
Risk
D.
The Risk Approach
E.
Systems and Controls
F.
Cycles and Transactions
G.
Balance Sheet Approach
H
Directional Testing
I.
Analytical Procedures
J.
Sample Questions
Page 74
s
AUDIT PLANNING AND STRATEGY
A. AUDIT PLANNING
ISA 300: planning an audit of financial statements establishes standards and guidance on
the considerations and activities applicable to planning an audit.
The auditor should:
• Plan the audit so that the engagement will be performed in an effective manner.
• Perform certain procedures at the beginning of the audit, namely, the continuance of the
client relationship, evaluation of compliance with ethical requirements including
independence and establishing an understanding of the terms of the engagement.
• Establish the overall audit strategy and set out the scope, timing and direction of the
audit.
• Develop an audit plan in order to reduce audit risk to an acceptably low level.
• Update and change the audit strategy and plan as necessary during the course of the
audit.
• Plan the nature, timing and extent of direction and supervision of the audit team and a
review of their work.
• Document the overall audit strategy and the audit plan, including any significant
changes made during the audit engagement.
• Prior to starting an initial audit, perform procedures regarding the acceptance of the
client relationship and the specific audit engagement, and communicate with the
previous auditor in compliance with relevant ethical requirements.
Adequate planning helps to ensure that:
• Appropriate attention is devoted to the important areas
• Potential problems are identified and resolved on a timely basis
• The audit engagement is properly organised and managed
• There is proper assignment of work to engagement members
• There is direction and supervision of team members and review of their work
• There is proper co-ordination of work done by experts.
The nature and extent of planning activities will vary according to the size and complexity of
the entity, the auditor’s previous experience with the entity and changes in circumstances that
occur during the audit engagement.
The establishing of the overall strategy involves considering the important factors that will
determine the focus of the audit team’s effort, such as the:
• The determination of appropriate materiality levels,
• Preliminary identification of areas where there may be higher risks of material
misstatement,
• Preliminary identification of material components and account balances,
• Evaluation of whether the auditor may plan to obtain evidence regarding the
effectiveness of internal control,
• The identification of recent significant entity-specific, industry, financial reporting or
other relevant developments.
Page 75
s
The appendix of ISA 300 sets out examples of matters the auditor may consider in
establishing the overall audit strategy. It is split between the scope of the audit engagement,
the reporting objectives, timing of the audit and communications required and the direction of
the audit.
ISA 315: Understanding the entity and its environment and assessing the risks of material
misstatement establishes standards and guidance on obtaining an understanding of the entity
and its environment including its internal control, and on assessing the risks of material
misstatement in a financial statement audit.
The auditor should:
• Obtain an understanding of the entity and its environment, including its internal
control. This understanding should be sufficient to identify and assess the risks of
material misstatement of the financial statements whether due to fraud or error, and it
should be sufficient to design and perform further audit procedures.
The auditor may obtain this understanding through:
- Performing risk assessment procedures such as inquiries of management and
others within the entity, analytical procedures, and observation and inspection.
- Determining whether changes have occurred that may affect the relevance of
information, obtained in prior periods, in the current audit.
- Ensuring that members of the engagement team discuss the susceptibility of the
entity’s financial statements to material misstatements.
• Obtain an understanding of relevant industry, regulatory, and other external factors
including the applicable financial reporting framework.
• Obtain an understanding of the nature of the entity, such as its operations, ownership,
governance, types of investments it is making, structure and financing.
• Obtain an understanding of the entity’s selection and application of accounting policies
and consider whether they are appropriate for its business and consistent with the
applicable financial reporting framework and accounting policies used in the relevant
industry.
• Obtain an understanding of the entity’s objectives and strategies, and the related
business risks that may result in material misstatements of the financial statements.
• Obtain an understanding of the measurement and review of the entity’s financial
performance such as internal management information (budgets, variance analysis,
dept. reports) and external information (analyst’s reports and credit rating agency
reports). When the auditor intends to make use of the performance measures, he should
consider whether the information provides a reliable basis and is sufficiently precise for
such a purpose.
• Obtain an understanding of internal control relevant to the audit. This involves
evaluating the design of a control and determining whether it has been implemented.
Not all controls are relevant to the auditor’s risk assessment.
• Obtain an understanding of the control environment. The control environment sets
the tone of an organisation, influencing the control consciousness of its people. It is the
foundation for effective internal control, providing discipline and structure.
• Obtain an understanding of the entity’s process for identifying business risks relevant to
financial reporting objectives and deciding about actions to address those risks, and the
results thereof.
Page 76
s
• Obtain an understanding of the information systems, including the related business
processes, relevant to financial reporting.
• Understand how the entity communicates financial reporting roles and responsibilities
and significant matters relating to financial reporting.
• Obtain a sufficient understanding of control activities to assess the risks of material
misstatements and to design further audit procedures responsive to assessed risks.
Examples of specific control activities include authorisation, performance reviews,
information processing, physical controls and segregation of duties.
• Obtain an understanding of how the entity has responded to risks arising from IT. The
auditor considers whether the entity has responded adequately to the risks arising from
IT by establishing effective general controls and application controls.
• Obtain an understanding of the major types of activities that the entity uses to monitor
internal controls over financial reporting, including those related to those control
activities relevant to the audit, and how the entity initiates corrective actions to its
controls.
• Identify and assess the risks of material misstatements at the financial statement
level, and at the assertion level for classes of transactions, account balances and
disclosures.
• Determine which of the risks identified require special audit consideration. In
considering the nature of the risks, the auditor should consider the risk of fraud,
relationship to recent developments, complexity of transactions, significant related
transactions, the degree of subjectivity and the existence of unusual transactions.
Routine, non-complex transactions are less likely to give rise to significant risk than
unusual transactions because the latter have probably more management intervention or
complex accounting principles.
• Inform management as soon as is practicable, and at an appropriate level of
responsibility, of material weaknesses in the design or implementation of internal
controls which come to the auditor’s attention.
• Document the discussion among the audit team of the susceptibility of the entity’s
accounts to material misstatements and significant decisions reached, key elements of
the understanding obtained of the entity, identified and assessed risks of material
misstatement and the risks identified and related controls evaluated.
Risk assessment procedures
The auditor may consider making inquiries of the entity’s legal counsel or of valuation
experts. Reviewing information obtained from external sources such as reports by analysts,
banks or other rating agencies, trade and economic journals may also be useful in obtaining
information about the entity.
Although much of the information can be obtained from management and those responsible
for financial reporting, inquiries of others such as production and internal audit personnel
may be useful in providing a different prospective in identifying risks of material
misstatements.
Observation and inspection may support inquiries of management. Such audit procedures
include:
Page 77
s
• Observation of activities and operations
• Inspection of documents and records
• Reading reports prepared by management
• Visits to premises and plant facilities
• Carrying out walk-through tests
Controls relevant to the audit
Ordinarily, controls that are relevant to an audit pertain to the objective of preparing financial
statements. Controls over the completeness and accuracy of information may also be relevant
if the auditor intends to make use of the information in designing and performing further
procedures. Controls relating to operations and compliance objectives may be relevant if
they pertain to data the auditor evaluates or uses in applying audit procedures.
Information systems
The auditor should obtain an understanding of the information systems, including the
business processes, relevant to financial reporting, including the following areas:
• The classes of transactions in the entity’s operations that are significant to the financial
statements
• The procedures, within both IT and manual systems, by which those transactions are
initiated, recorded, processed and reported in the financial statements
• The related accounting records, whether electronic or manual, supporting information,
and specific accounts in the financial statements, in respect of initiating, recording,
processing and reporting transactions
• How the information systems capture events and conditions, other than classes of
transactions, that are significant to the financial statements
• The financial reporting processes used to prepare the entity’s financial statements,
including significant accounting estimates and disclosures.
IT controls
General IT controls are policies and procedures that relate to many applications and support
the effective functioning of such controls by helping to ensure the continued proper operation
of information systems. These controls maintain the integrity of information and security of
data and include:
• Data centre and network operations
• System software acquisition, change and maintenance
• Access security
• Application system acquisition, development and maintenance
• Encryption
Application controls are manual or automated procedures that typically operate at a business
process level. They can be preventative or detective in nature and are designed to ensure the
integrity of the accounting records. Examples include:
• Edit checks of input data
Page 78
s
• Numerical sequence checks
Assessing the risks of material misstatement
The auditor should:
• Identify risks throughout the process
• Relate the risk to what can go wrong at the assertion level
• Consider whether the risks are of a magnitude that could result in a material
misstatement in the financial statements
• Consider the likelihood that the risks could result in a material misstatement of the
financial statements.
A1- A 134 ISA 315 provides additional guidance on understanding the entity and its
environment and lays out conditions and events that may indicate risks of material
misstatement.
ISA 330: The auditor’s procedures in response to assessed risks establishes standards and
provides guidance on determining overall responses and designing and performing further
audit procedures to respond to the assessed risks of material misstatements.
The standard requires the auditor to determine overall responses to address risks of material
misstatement at the financial statement level and provides guidance on the nature of those
responses.
The auditor is required to design and perform further audit procedures, including tests of
the operating effectiveness of controls, when relevant or required, and substantive
procedures, whose nature, timing, and extent are responsive to the assessed risks of material
misstatement at the assertion level. In addition, this section includes matters the auditor
considers in determining the nature, timing, and extent of such audit procedures.
The auditor is required to evaluate whether the risk assessment remains appropriate and to
conclude whether sufficient appropriate audit evidence has been obtained.
The standard establishes related documentation requirements.
In order to reduce the audit risk to an acceptably low level, the auditor should determine
overall responses to assessed risks at the financial statement level.
Overall responses may include:
• Emphasising to the audit team of the need to maintain professional scepticism
• Assigning more experienced staff or hiring expert help when needed
• Providing more supervision
• Incorporating additional elements of unpredictability in the selection of further audit
procedures to be performed
• Making changes to the nature, timing, or extent of audit procedures
The assessment of the risk of material misstatement is affected by the auditor’s understanding
of the control environment.
Page 79
s
An effective control environment may allow an auditor to have more confidence in internal
control and the reliability of audit evidence generated internally within the entity.
If there are weaknesses in the control environment, the auditor:
• conducts more audit procedures as at the period end rather than at an interim date,
• seeks more extensive audit evidence from substantive procedures,
• modifies the nature of audit procedures to obtain more persuasive audit evidence,
• Increases the number of locations to be included in the audit scope.
The evaluation of the control environment will help the auditor determine whether there
should be a substantive or a combined approach (tests of controls and substantive
procedures).
In designing further audit procedures, the auditor should consider:
• the significance of the risk
• the likelihood that a material misstatement will occur
• the characteristics of the class of transactions or account balances
• the nature of specific controls and in particular whether they are manual or automated
• Whether the auditor expects to obtain evidence to determine if controls are effective in
preventing, or detecting and correcting material misstatements.
The nature of further audit procedures refers to their:
• Purpose:
Tests of controls or substantive procedures;
• Type:
Inspection, observation, inquiry, confirmation, recalculation, re-performance, analytical
procedures.
Certain audit procedures may be more appropriate for some assertions. The selection of the
procedure is based on the assessment of risk. The higher the risk, the more reliable and
relevant is the audit evidence from substantive tests.
The auditor may perform audit procedures at an interim date or at period end (timing). The
higher the risk, the more likely the auditor will perform substantive tests nearer to or at the
period end. Certain audit procedures can only be performed at or after the period end, such
as agreeing the financial statements to the accounting records and examining adjustments
made during the course of preparing the financial statements.
The extent (sample size or number of observations) is determined by the judgement of the
auditor after considering:
• Materiality
• Assessed risk
• Degree of assurance required
Page 80
s
The auditor is required to perform tests of controls when the auditor relies on the
effectiveness of controls or when substantive tests alone do not provide sufficient appropriate
audit evidence.
The auditor should perform other audit procedures in combination with inquiry to test the
operating effectiveness of controls.
Irrespective of the assessed risk of material misstatements, the auditor should design
and perform substantive tests for each material class of transaction, account balance
and disclosure. Remember, an auditor’s assessment of risk is judgemental and there
are inherent limitations to internal control.
The auditor’s substantive procedures should include the following related to the financial
statement closing process:
• Agreeing the financial statements to the underlying accounting records and
• Examining material journal entries and other adjustments made during the course of
preparing the financial statements.
Where an auditor determines that an assessed risk at the assertion level is a significant risk,
he should perform substantive procedures that are specific to that risk.
The auditor should perform audit procedures to evaluate whether the overall presentation of
the financial statements, including the related disclosures, are in accordance with the
applicable financial reporting framework.
Based on the audit procedures performed and the audit evidence obtained, the auditor should
evaluate whether the assessments of the risks at the assertion level remain appropriate.
He should conclude whether sufficient appropriate audit evidence has been obtained to
reduce to an acceptably low level the risk of material misstatement in the financial
statements.
Where it is not sufficient and the auditor is unable to obtain further evidence, he should
express a qualified opinion or a disclaimer of opinion.
Finally, the auditor should document the overall responses to address the risks and the
nature, timing and extent of the further audit procedures and the results thereof. In addition,
where there is reliance on controls, the auditor should document the conclusions reached with
regard to relying on such controls that were tested.
General planning matters
When planning an audit you also need to consider some admin matters:
Audit Staff
Have the staff got the correct level of qualifications and experience. Do they have specialist
skills that may be required. What about the staff’s relationship among themselves and with
client staff. Are staff available and what about travel arrangements.
Page 81
s
Client management
Continuity of staff is often important to client companies. Also, consistency of staff may
help audit efficiency.
Location of audit
Need to consider the distance for audit staff to travel, the staff’s mobility and the location of
the review by manager. Multiple locations often require some decision as to which locations
should be visited, the allocation of your staff to these locations and managing the visits to
each selected sites.
Deadlines
Key deadlines are stock-counts, date of draft accounts available, main audit visit, audit
manager review, partner review, audit clearance meeting, audit report to be signed and date
of Annual Meeting. It is important to plan the work so that these deadlines can be achieved.
Use of IT
Need to consider whether the client has a computerised system and whether the auditor will
use CAATs2. Will the auditor use computers to complete the working papers and
communicate with the partner.
Time budgets
These are an important part of planning. Times should be estimated accurately and
communicated to the audit team. The audit team should record variances with the budget for
planning purposes for the next audit.
The budget will be based on prior year records, risk assessments and materiality.
Example of an outline audit plan
Initial visit
If this is a new client, this visit should occur as soon as possible after the terms of the
engagement have been agreed between the client and the audit partner.
This visit is essential in building up a background about the client company in order to assist
in the detailed planning of the audit.
The auditor will use techniques such as inquiry, observation and review of documentation in
order to understand details about the company such as:
• The development and past history
• The nature of the environment in which it operates
• Products and processes
• Organisational plans
• Accounting and internal controls in operation
• The maintenance of accounting records.
In respect of the internal controls, it would be expected to carry out walkthrough tests to
confirm the operation of the controls as described. If this is an existing client, the visit may
2 CAAT - Computer aided auditing techniques
Page 82
s
simply take the form of a brief meeting, or simply be a phone call, to establish any changes
since the previous audit in respect of the company’s operations or environment.
Interim Visit
Ideally this visit should take place close to the year end.
The purpose of this visit is to carry out detailed tests on the client’s accounting and internal
controls with a view to establishing those controls on which you can rely. Where controls are
operating effectively, restricted only substantive procedures need be carried out. Where
controls are ineffective in practice, more extensive substantive tests will need to be carried
out
At this stage, if any weaknesses in controls have been noted, it may be appropriate to draft a
letter to the client management.
Final Visit
This visit will take place after the accounting year end.
On this visit, the detailed substantive procedures will be carried out in order to substantiate
the figures in the accounting records and subsequently, the financial statements. After an
overall review of the financial statements, the auditor will be able to assess whether sufficient
and appropriate evidence has been obtained in order to draw reasonable conclusions so that
an opinion can be expressed on the financial statements.
Examples of the work to be carried out would include:
• Discussion with management of known risk areas
• Attendance at stock count
• Verification of assets/liabilities and income/expenditure
• Follow up on outstanding interim audit issues
• Review of post balance sheet events
• Seek and obtain representations from management
• Review financial statements
• Draft an audit report
B. MATERIALITY (ISA 320)
An auditor should consider materiality and its relationship with audit risk when conducting
an audit. In designing the audit plan, the auditor should set an acceptable materiality level.
He should consider this materiality at both the overall financial statement level and in relation
to classes of transactions, account balances and disclosures.
Information is material if its omission or misstatement could influence the economic
decisions of users taken on the basis of the financial statements.
An item might be material due to its nature, value or impact on users of accounts.
• Nature
Transactions involving directors generally affect users of accounts.
• Value
Page 83
s
Inventory stocks in a manufacturing company may represent a high percentage of
current assets.
• Impact
An end of year journal could convert a loss into a profit, thus affecting the users of
accounts.
The auditor’s assessment of materiality helps the auditor to decide:
• What items and how many to examine
• Whether to use sampling and analytical procedures
• What audit procedures can be expected to reduce audit risk to an acceptably low level.
There is a relationship between materiality and the level of audit risk. The higher the
material figure is set, the higher the audit risk. The auditor could compensate for this by
either
• Reducing the risk, where this is possible, and supporting this by carrying out extended
or additional tests of control or
• Reducing detection risk by modifying the nature, timing and extent of planned
substantive tests.
Problems
• Materiality is a matter of judgement.
• Some matters could fall outside the criteria, although they could affect users of the
accounts.
• Percentage guidelines need to be used carefully. What figure do you select to base the
percentage on - Gross profit, profit before director’s salaries, assets, costs?
Materiality needs to be tailored to the business and the anticipated user.
There is currently an exposure draft on Materiality. The key issues are:
• Clear definition of materiality,
• Auditors should consider users as a whole rather than considering individual users,
• More guidance on the use of percentage benchmarks,
• Requires auditors to communicate all discovered misstatements to management,
• Setting a level doesn’t mean that some matters should be ignored.
C. RISK
Auditors should assess the risk of material misstatements arising in the financial statements
and carry out procedures in response to assessed risks.
Page 84
s
Risk can be analysed as follows:
Overall risk is split into audit risk and business risk. Audit risk is sometimes known as
assignment or engagement risk. It is focused on the financial statements of the business.
Inherent risk is the susceptibility of an account balance or class of transaction to material
misstatement, irrespective of related internal controls. It may be due to the characteristics of
those items such as the fact they are estimates or that they are important items in the
accounts. Auditors use their professional judgment and their understanding of the client
company to assess the inherent risk.
Control risk is such that the clients controls fail to prevent, detect and/or correct material
misstatements.
Detection risk is such that the audit procedures applied by the auditor will fail to detect
material misstatements. There are limitations to the audit process and detection risk relates to
the inability of auditors to examine all evidence. Also, we have seen previous that audit
evidence is persuasive rather than conclusive, so some detection risk always exists.
The auditor’s assessment of inherent and control risk will influence the nature, timing and
extent of the substantive procedures which are required to reduce the detection risk and,
hence, audit risk.
Examples of risk factors which affect the client:
Audit
risk
Detection
risk
Control
risk
Risk of
material
misstatement
Business
risk
Financial
risk
Compliance
risk
Overall
risk
Operational
risk
Inherent
risk
Page 85
s
• Integrity and attitude to risk of management. Problems can be caused where there is
domination by a single individual,
• A lack of management experience and knowledge can affect the quality of financial
management,
• Unusual pressures on management can lead to tight reporting deadlines or market or
financing expectations,
• The nature of the business can lead to potential problems such as technological
obsolescence or over-dependence on single products,
• Industry factors such as competitive conditions, regulatory requirements, technology
developments,
• IT problems include lack of supporting documentation, expertise heavily dependent on
a few people and potential risk of unauthorised access to systems.
Examples of risk factors affecting account balances or transactions:
• Areas which require prior year adjustments or require high level of estimation,
• Where expert valuations are required due to complex issues,
• Account balances such as cash, stock, portable assets which are prone to fraud,
• The existence of high volume transactions where systems may be unable to cope,
• Unusual transactions,
• Major changes in staff or low morale issues.
Business risk arises in the operations of a business. It is split into three distinct types:
• Financial risk arising from financial activities or financial consequences such as cash
flow issues, overtrading, going concern, breakdown of accounting systems, credit risk
and currency risk.
• Operational risks arise with regard to the operations of the business such as risk of
losing a major supplier, physical disasters, loss of key personnel and poor brand
management.
• Compliance risks arise from non-compliance with laws and regulations within which
the company operates or environmental issues.
Relationship between risks
Initially, it would appear that audit risk and business risk are unrelated, as audit risks are
limited only to the financial statements. However, business risks include all risks facing the
business and this includes inherent risks and control risks, which form part of the audit risk.
Although audit risk is focused on the financial statements, business risk does form part of the
inherent risk associated with the financial statements because, if such risks materialise, then
the whole going concern basis of the business could be affected and this has major
implications for the financial statements.
D. THE RISK APPROACH
Risk is a key issue in any audit and the most common approach to carrying out an audit
incorporates a recognition of those risks. This is called the risk-based approach.
There are other approaches and other techniques and the risk based approach is used in
conjunction with these other approaches.
Page 86
s
Auditors apply judgment to determine what level of risk pertains to different areas of a
client’s system and devise appropriate audit tests. Risk-based auditing ensures that the
greatest effort is directed at those areas of the financial statements that are most likely to be
misstated. The chance of detecting errors is therefore improved and time is not wasted on
testing safe areas.
For example, in a small manufacturing company, an auditor will need to do more work on
inventory than say land & buildings. Inventory can be a complex area, with probably a
significant number of line items and there is the risk of obsolete stock.
Why is the risk-based auditing used more increasingly:
• Growing complexity of the business environment, such as advanced computer systems
and the globalisation of business, increases the risk of fraud or misstatement.
• Pressure on auditors to keep fees down but improve the level of service.
ISA 315 requires that auditors consider the entity’s process for assessing its own business
risks. They must consider the factors that lead to the problems which may cause material
misstatements and what can the audit contribute to the business pursuing its goals.
The business risk approach was developed because it was believed that in some instances
the risk of misstatement arose mainly from the business risks of the company.
This business approach tries to mirror the risk management steps that have been taken by the
directors. It is also known as the top down approach in that it starts at the objectives of the
company and works down to the financial statements, rather than working up from the
financial statements which has been the historical approach to auditing.
Controls testing is aimed at high level controls and substantive testing is reduced.
Principal risks include:
• Economic pressures causing reduced sales and eroding margins,
• Demands for extended credit,
• Product quality issues re inadequate control over supply chain etc.,
• Customer dissatisfaction re order requirements and invoicing errors etc.,
• Unacceptable service response calls,
• Out of date IT systems.
These risks can impact on inventory values, receivables recoverable, provisions and
contingencies and going concern.
The effect of the top down approach is that the auditor pays more attention to high level
controls, such as the control environment and corporate governance, than the traditional
approach. In addition, analytical review procedures are used more extensively as the
auditor is keen to understand the business more clearly. The combination of the above two
factors will result in reduced substantive detailed testing, although it is not eliminated
completely.
Page 87
s
Business risk approach advantages:
• There is added value given to clients as the approach focuses on the business as a
whole rather than just the financial statements.
• Where audit attention is focused on high levels of controls and use of analytical
procedures, there is increased audit efficiency.
• There is no need to focus on routine processes where technological developments
have rendered them less prone to error than in previous times.
• The approach responds to corporate governance issues in recent years.
• There is a lower engagement risk through a better understanding of the client’s
business.
E. SYSTEMS AND CONTROLS
This approach is always used in conjunction with other approaches as substantive testing can
never be eliminated completely.
Management is required to institute a system of controls which is capable of safeguarding the
assets of the shareholders. Auditors assess the controls put in place by directors and ascertain
whether they are effective and can be relied upon for the purposes of the audit. They carry
out tests to ensure that the systems operate as they are supposed to. If the controls are
ineffective, the control risk is high and it is important to undertake higher levels of
substantive testing.
F. CYCLES AND TRANSACTIONS
An auditor may choose to carry out substantive tests on the transactions of the business in the
relevant period. Cycles testing is closely linked to systems testing as it is based on the same
systems. However, with the cycles approach, the auditors test the transactions which have
occurred, resulting in the entries in the books, such as sales transactions, purchases, expenses
etc. The auditor substantiates the transactions which appear in the financial statements.
A sample of transactions is selected and each transaction is tested to ensure that the
transaction is complete and is processed correctly through the complete cycle.
G. BALANCE SHEET APPROACH
An auditor may choose to carry out substantive tests on the year end balances. This is the
most common approach to substantive testing after controls have been tested.
The balance sheet shows a snapshot of the financial position. If it is fairly stated and the
previous year’s figures were also fairly stated, then it is reasonable to undertake lower level
testing on the profit and loss transactions e.g. analytical review.
There is a relationship with the business risk approach. The element of substantive testing
which remains in a business risk approach can be undertaken in this approach.
In some cases, most notably small companies, the business risks may be strongly linked to
management being concentrated in one person, and/or balance sheets may be uncomplicated.
In these cases, it is probably more cost effective to undertake a highly substantive balance
sheet audit rather than to undertake a business risk assessment.
Page 88
s
It should be noted though, that when not undertaken in conjunction with a risk based
approach or systems testing, the level of detailed testing required can be high in a balance
sheet approach making it very costly.
H. DIRECTIONAL TESTING
Directional testing is a method of discovering errors and omissions in the financial statements
through undertaking detailed substantive testing. It can be broken down into two categories:
tests to discover errors and tests to discover omissions.
Checking entries from the books back to supporting documentation should help to detect
errors causing an overstatement or an understatement. For example, selecting sales
transactions from the sales ledger and tracing them back to sales invoices and price lists to
ensure that sales are priced correctly.
To discover omissions the auditor must start from outside the accounting records and trace
through to the records in the books. For example, to check the completeness of purchases,
select a number of GRNs and check through to the stock records and the purchase ledger.
Directional testing is appropriate when testing the financial statement assertions of existence,
completeness, rights & obligations, and valuation.
The concept of directional testing derives from the principle of double entry bookkeeping.
Therefore any misstatement of a debit entry will result in either a corresponding misstatement
of a credit entry or a misstatement in the opposite direction of another debit entry.
A test for an overstatement of an asset also gives comfort on understatement of other assets,
overstatement of liabilities, overstatement of income and understatement of expenses.
In other words by performing tests, the auditor obtains audit assurance in other audit areas.
A major advantage of this approach is its cost-effectiveness. Assets and expenses are tested
for overstatement only, while liabilities and income for understatement only.
Directional testing is particularly useful when there is a high level of detailed testing to be
carried out, such as when the auditors have assessed the controls and accounting systems and
have found them to be ineffective.
I. ANALYTICAL PROCEDURES
These procedures are important at all stages of the audit, such as planning, substantive
procedures and the overall review.
It consists of comparing items like current financial information with prior year financial
information and analysing predictable relationships such as the relationship between
receivables and credit sales.
The use of analytical procedures generally arises in the business risk approach and is also
used in reviews, assurance engagements and reviewing prospective financial information.
Page 89
s
When deciding to use analytical procedures as substantive procedures, the auditor must
consider:
• The plausibility and predictability of the relationships, such as the strong relationship
between turnover and sales commission,
• The objectives of the procedures and the extent to which their results are reliable,
• The detail to which information can be analysed, such as info at dept. level,
• The availability of information both financial and non-financial,
• The relevance of the information such as budgets,
• The comparability of the information - Average performances over an industry may
vary widely,
• The knowledge gained during previous audits such as effectiveness of controls.
When determining that reliance can be placed on the results of such testing the auditor should
consider whether there are other audit procedures directed towards the same assertions, the
accuracy with which the results can be predicted and the frequency with which a relationship
is observed.
Practical techniques
Important accounting ratios
• Gross profit margins
• Average collection period
• Stock turnover
• Current ratio
• Acid test ratio
• Debt to equity capital
• Return on capital employed
Related items
• Payables and purchases
• Inventories and cost of sales
• Non-current assets and depreciation, repairs and maintenance
• Loans and interest
• Receivables and bad debts
• Receivables and sales
Ratios on their own are of little use. They should be compared to previous years and other
comparable companies. In addition, the auditor should use non-financial information to
produce ratios such as sales revenue per unit of sale.
Other analytical techniques include:
• Examining related accounts in conjunction with others
• Trend analysis
• Reasonableness tests such as calculating expected values.
Page 90
s
Information technology can be used in trend analysis to enable auditors to see trends
graphically with relative ease and speed.
General
When seeking to identify an appropriate strategy for a particular audit, it is important to
remember that the approaches are linked and in some cases it is wise to use two or more:
• Directional testing with balance sheet approach as they are both substantive testing
issues,
• Risk and cycles based approach with low level of large transactions,
• Risk and balance sheet approach where substantial numbers of sales transactions with
substantial receivables.
Question 6.1
M Ltd is a long standing client of the audit firm. You were the audit senior on the assignment
last year and now you are the audit supervisor. The partner has asked you to plan the audit
for the current year.
Client has approx. 100 customers but 6 account for 80% of value. A new customer, York,
has come in with the potential to account for 20% of total sales in the coming year. Only 1
month of its sales are included in the figures to be audited. York is also an audit client of the
firm and you are aware that they have had problems with their previous suppliers who broke
off relations with them due to York’s poor payment record.
This year the company decided to factor its debts the result of a previous history of bad debts
where large customers went bust and they sacked a sales ledger clerk near the end of the year
and outsourced the sales ledger function to the factor. The sales ledger clerk has threatened
that she will sue for unfair dismissal and for sexual discrimination.
There is also a large bank loan with a covenant attaching. One specific term states that the
bank requires an interest cover of 2.5 and current ratio of 1.5. Your audit assistant has
attended the stock count and noted a high level of old inventory included in the count.
Balance sheet extract
2010
2009
RWF’000s
RWF’000s
RWF’000s
RWF’000s
Tangible assets
210
243
Current assets:
Stock
460
370
Debtors
324
250
Cash
15
799
69
689
Assets
1009
932
Current liabilities:
Creditors
381
367
Bank loan
10
391
10
377
Long term liabilities:
Bank loan
250
260
Page 91
s
Profit and Loss extracts
2010
2009
RWF’000s
RWF’000s
Sales
2534
2967
Cost of sales
1583
1823
Gross margin
951
1144
Admin exp.
476
488
Other exp.
400
432
Profit before interest & tax
75
224
Interest
14
14
Requirements:
1. Comment on the materiality level you would set
2. Identify the audit risks
3. Outline the key administrative planning matters that are outstanding
4. Discuss whether a conflict of interest arises with respect to the audit and what steps
the auditor should take.
Question 6.2
Giftware.com is a company with a chain of shops selling gifts to the tourist market. The
company has been a long standing client. Half way through the year the two directors who
are also shareholders decided to close down some of the smaller shops which have not been
performing well. Instead they have decided to set up a mail order business and to trade
through their website. Customers can order gifts via an email order form giving their credit
card details on that form. The goods will then be posted to the customer or the gift recipient.
The company has retained its major shops in solid locations. Customers may log on in the
shops and order what they require, if it is not available in the store they are in. At the same
time as launching the mail order system, the owners decided that they would offer a mailing
service for goods bought in the shops as well.
Some of the staff from the closed shops have been transferred to the warehouse where the
electronic arm of the business now operates.
The website is not integrated into the sales ledger. A sales clerk, Ange prints 2 copies of
every email request. She checks the order to the availability of stock and then emails the
customer if the gift is going to take more than a week to process. She offers them the chance
to change their order if they do so wish. When the item is in stock, she sends one copy of the
order to the warehouse where the order is packed and despatched to the customer. The
warehouse manager returns the first copy of the order to another sales clerk, Mary, marked
despatched. Mary retrieves the second copy of the order, processes the credit card payment,
marks the first order as paid and shreds the second copy of the order. The marked up invoice
is filed in a paid invoices file. When there are lots of orders, Mary helps Ange out and vice
versa if lots of orders have been despatched.
Page 92
s
Requirement:
1. Identify the business risks now facing the company with its e-commerce operations;
2. Identify any additional audit risks which may have arisen from the decision;
3. Propose and justify an audit strategy;
4. Suggest minor amendments to control procedures in order to make operations run
more smoothly.
Page 93
s
Study Unit 7
Audit Evidence
Contents
A.
Audit Evidence Introduction
B.
Related Parties
C.
Management Representations
D.
Using the Work of Others
E.
Documentation
F.
Sample Questions
Page 94
s
AUDIT EVIDENCE
A. AUDIT EVIDENCE INTRODUCTION
The purpose of ISA 500 is to establish standards and provide guidance on what constitutes
audit evidence in an audit of financial statements, the quantity and quality of audit evidence
to be obtained, and the audit procedures that auditors use for obtaining that audit evidence.
In order to form an opinion, an auditor must obtain evidence. This evidence should be
sufficient, relevant and reliable. The auditor designs substantive procedures to obtain this
evidence about the financial statement assertions.
By approving the financial statements, the directors are making representations about the
information therein. These assertions may fall into the following categories:
(a) Assertions about classes of transactions and events for the period under audit:
• Occurrence—transactions and events that have been recorded have occurred and
pertain to the entity.
• Completeness—all transactions and events that should have been recorded have
been recorded.
• Accuracy—amounts and other data relating to recorded transactions and events
have been recorded appropriately.
• Cut-off—transactions and events have been recorded in the correct accounting
period.
• Classification—transactions and events have been recorded in the proper accounts.
(b) Assertions about account balances at the period end:
• Existence—assets and liabilities exist.
• Completeness—all assets and liabilities that should have been recorded have been
recorded.
• Rights and obligations—the entity holds or controls the rights to assets and
liabilities are the obligations of the entity.
• Valuation and allocation —assets and liabilities are included in the financial
statements at appropriate amounts.
(c) Assertions about presentation and disclosure:
• Occurrence and rights and obligations—disclosed events, transactions, and other
matters have occurred and pertain to the entity.
• Completeness—all disclosures that should have been included in the financial
statements have been included.
• Classification and understandability—financial information is appropriately
presented and described, and disclosures are clearly expressed.
• Accuracy and valuation—financial and other information are disclosed fairly and
at appropriate amounts.
Page 95
s
Procedures used by auditors to obtain evidence
Inspection of tangible assets
Inspection confirms existence and valuation and gives evidence of completion. It does not
however confirm rights and obligations.
Inspection of documents and records
Confirmation to documentation confirms existence of an asset or that a transaction has
occurred. Confirmation that items are in the books shows completeness. Also helps testing
cut-off. It provides evidence of valuation, measurement, rights and obligations and
presentation and disclosure.
Observation
This procedure is of limited use in that it only confirms that a procedure took place when it
was observed.
Inquiry and confirmation
Information sought from client or external sources. The strength of the evidence depends on
knowledge and integrity of the source of the information.
Recalculation and Re-Performance
Checking calculations of client records
Audit automation tools
Such as computer assisted auditing techniques
Analytical procedures
Sufficient and appropriate
Sufficiency is the measure of the quantity of the evidence, while the appropriateness is the
measure of the quality (reliability & relevance) of the evidence. This applies to both tests of
controls and substantive procedures.
An auditor’s judgment as to what is sufficient appropriate evidence is influenced by the
following factors:
• Risk assessment, is it low or high,
• The nature of the accounting and internal control systems,
• The materiality of the item being examined,
• The experience gained during previous audits,
• The auditor’s knowledge of the business and industry,
• The results of audit procedures,
• The source and reliability of the information available.
Appropriate – relevance
The relevance of audit evidence should be considered in relation to the overall audit objective
of forming an audit opinion and reporting on the financial statements. The evidence should
allow the auditor to conclude on the following:
• Balance sheet items -
Page 96
s
Is there suitable completeness, existence, ownership, valuation and disclosure
issues?
• Profit and loss items -
Is there suitable completeness, occurrence, valuation and disclosure issues?
Appropriate – reliable
Reliability of audit evidence depends on the particular circumstances of each case. However,
the following should be considered:
• Documentary evidence is more reliable that oral evidence;
• Evidence from external independent sources is more reliable than that within an
entity;
• Evidence from the auditor by such means as analysis and physical inspection is more
reliable than evidence obtained by/from others.
Sufficiency
The auditor needs to obtain sufficient, relevant and reliable evidence to form a reasonable
basis for his opinion on the financial statements. His judgement of sufficiency will be
influenced by such factors as:
• His knowledge of the business and its environment,
• The risk of misstatement,
• The quality of the evidence. However, merely obtaining more audit evidence may not
compensate for its poor quality.
Computer assisted audit techniques (CAAT)
Audit software
Used where client has computer systems and large volumes of data. The auditor can
scrutinise large volumes of data and free up his time for review and follow up results rather
than having to extract the data and select samples.
Before using software the auditor should have a basic understanding of data processing and
the client’s computer application. If the application is complex the auditor may need to have
some knowledge of systems analysis. He also needs to consider how easy is it to transfer the
data and extract it.
Examples of audit software include interrogation software (e.g. IDEA), comparison
programmes, interactive software for on-line interrogation and resident code software to
review transactions as they are processed.
Page 97
s
Test data are used to assess a system’s performance. The expected results are known in
advance and are compared against the output using the test data. You can also use the test
data to check the controls of the system such as attempting to process invalid data.
A significant problem using test data is that it may result in corrupting a data file. Some
systems have controls that prevent the easy removal of data without leaving a mark. Other
problems include the fact that you are only testing the operation of the system at a point in
time.
Audit sampling
ISA 530 states that when designing audit procedures, the auditor should determine
appropriate means for selecting items for testing so as to gather sufficient appropriate audit
evidence to meet the objectives of the audit procedures.
Auditors do not examine all information that is available to them (audit limitation) as it is
impractical to do so and as a result audit sampling is used to produce valid conclusions.
Audit sampling involves the application of audit procedures to less than 100% of items
within a class of transactions or account balance such that all sampling units have a chance of
selection. Audit sampling can use either a statistical or a non-statistical approach.
Error means either control deviations, when performing tests of controls, or misstatements,
when performing tests of details. Similarly, total error is used to mean either the rate of
deviation or total misstatement.
Anomalous error means an error that arises from an isolated event that has not recurred
other than on specifically identifiable occasions and is therefore not representative of errors.
Population means the entire set of data from which a sample is selected and about which the
auditor wishes to draw conclusions.
Sampling risk arises from the possibility that the auditor's conclusion, based on a sample,
may be different from the conclusion reached if the entire population were subjected to the
same audit procedure. There are two types of sampling risk:
• The risk the auditor will conclude that controls are more effective than they actually
are, or that a material error does not exist when in fact it does. This type of risk affects
audit effectiveness and is more likely to lead to an inappropriate audit opinion; and
• The risk the auditor will conclude that controls are less effective than they actually are,
or that a material error exists when in fact it does not. This type of risk affects audit
efficiency as it leads to additional work to establish that initial conclusions were
incorrect.Non-sampling risk arises from factors that cause the auditor to reach an
Page 98
s
erroneous conclusion for any reason not related to the size of the sample. For example,
ordinarily the auditor finds it necessary to rely on audit evidence that is persuasive rather than
conclusive, the auditor might use inappropriate audit procedures, or the auditor might
misinterpret audit evidence and fail to recognise an error.
Sampling unit means the individual items constituting a population, for example checks
listed on deposit slips, credit entries on bank statements, sales invoices or debtors' balances.
Statistical sampling means any approach to sampling that has the following characteristics:
• Random selection of a sample; and
• Use of probability theory to evaluate sample results.
Sampling, that does not have the above characteristics, is considered non-statistical sampling.
Stratification is the process of dividing a population into subpopulations, each of which is a
group of sampling units which have similar characteristics (often monetary value).
Tolerable error means the maximum error in a population the auditor is willing to accept.
Selecting Items for Testing to Gather Audit Evidence
The decision as to which approach to use will depend on the circumstances, and the
application of any one or combination of the available means may be appropriate in particular
circumstances. While the decision is made on the basis of the risk of material misstatement
related to the assertion being tested and audit efficiency, the auditor needs to be satisfied that
methods used are effective in providing sufficient appropriate audit evidence to meet the
objectives of the audit procedure.
• Selecting All Items (100% examination)
The auditor may decide that it will be most appropriate to examine the entire population of
items that make up a class of transactions or account balance. 100% examination is unlikely
in the case of the tests of controls, it is more common for tests of details. For example, 100%
examination may be appropriate when the population constitutes a small number of large
value items, when there is a significant risk and other means do not provide sufficient
appropriate audit evidence, or when the repetitive nature of a calculation or other process
performed automatically by an information system makes a 100% examination cost effective,
for example, through the use of computer assisted audit techniques (CAATs).
• Selecting Specific Items
The auditor may decide to select specific items from a population based on such factors as the
auditor's understanding of the entity, the assessed risk of material misstatement, and the
characteristics of the population being tested. The judgmental selection of specific items is
subject to non-sampling risk. Specific items selected may include high value or key
items.While selective examination of specific items from a class of transactions or account
balance will often be an efficient means of gathering audit evidence, it does not constitute
audit sampling. The results of audit procedures applied to items selected in this way cannot
Page 99
s
be projected to the entire population. The auditor considers the need to obtain sufficient
appropriate evidence regarding the rest of the population when that remainder is material.
• Audit Sampling
The auditor may decide to apply audit sampling to a class of transactions or account balance.
Audit sampling can be applied using either non-statistical or statistical sampling methods.
Statistical Versus Non-statistical Sampling Approaches
The decision whether to use a statistical or non-statistical sampling approach is a matter for
the auditor's judgment regarding the most efficient manner to obtain sufficient appropriate
audit evidence in the particular circumstances. For example, in the case of tests of controls
the auditor's analysis of the nature and cause of errors will often be more important than the
statistical analysis of the count of errors. In such a situation, non-statistical sampling may be
most appropriate.
Sample Size
In determining the sample size, the auditor should consider whether sampling risk is reduced
to an acceptably low level. Sample size is affected by the level of sampling risk that the
auditor is willing to accept. The lower the risk the auditor is willing to accept, the greater the
sample size will need to be.
The sample size can be determined by the application of a statistically-based formula or
through the exercise of professional judgment objectively applied to the circumstances.
Selecting the Sample
The auditor should select items for the sample with the expectation that all sampling units in
the population have a chance of selection. Statistical sampling requires that sample items are
selected at random so that each sampling unit has a known chance of being selected. The
sampling units might be physical items (such as invoices) or monetary units. With non-
statistical sampling, an auditor uses professional judgment to select the items for a sample.
Because the purpose of sampling is to draw conclusions about the entire population, the
auditor endeavours to select a representative sample by choosing sample items which have
characteristics typical of the population, and the sample needs to be selected so that bias is
avoided.
B. RELATED PARTIES
ISA 550 states that the auditor should perform audit procedures designed to obtain sufficient
appropriate audit evidence regarding the identification and disclosure by management of
related parties and the effect of related party transactions that are material to the financial
statements. Where there is any indication that such circumstances exist, the auditor should
perform audit procedures as are appropriate in the circumstances.
Page 100
s
Management is responsible for the identification and disclosure of related parties and
transactions with such parties. This responsibility requires management to implement
adequate internal control to ensure that transactions are appropriately identified and
disclosed.
As transactions between related parties may not be on an arm's length basis and there may
be a conflict of interest, management usually ensure that such transactions are subject to
appropriate approval procedures. The approval of material related party transactions is often
recorded in the minutes of meetings.
In owner managed entities similar approval procedures would ideally apply. Often, however,
procedures are less formalised because the owner manager is often personally aware of and,
implicitly or explicitly approves, all such transactions.
Definition of Related Parties and Related party transactions
Parties are related if one controls the other or is in a position to exercise influence over the
other in financial and operational decisions. Related transactions are those between related
parties regardless of whether any consideration has taken place.
Inherent difficulties of detection
Related party transactions are often inherently difficult for the auditor to detect.
• The definition of a related party is complex and in part subjective and it may not always
be self-evident to management whether a party is related.
• Many information systems are not designed to either distinguish or summarise related
party transactions and outstanding balances between an entity and its related parties.
• An audit cannot be expected to detect all related party transactions.
Importance of related Parties
The auditor needs to have a sufficient understanding of the entity and its environment to
enable identification of the events and transactions that may result in a risk of material
misstatement regarding related parties and transactions with such parties because:
• The applicable financial reporting framework may require disclosure in the financial
statements of certain related party relationships and transactions
• The existence of related parties or related party transactions may affect the financial
statements such as the entity's tax liability.
• The source of audit evidence affects the auditor's assessment of its reliability. A greater
degree of reliance is placed on audit evidence that is obtained from unrelated third
parties;
• A related party transaction may be motivated by other than ordinary business
considerations, for example, profit sharing or even fraud; and
• Transfers of goods and services with related parties may be in accordance with
specified transfer pricing policies or under reciprocal trading arrangements which may
give rise to accounting recognition and measurement issues. In particular an entity may
have received or provided management services at no charge.
The risk that undisclosed related party transactions, or outstanding balances between an
entity and its related parties, will not be detected by the auditor is especially high when:
• Related party transactions have taken place without charge,
Page 101
s
• Related party transactions are not self-evident to the auditor,
• Transactions are with a party that the auditor could not reasonably be expected to know
is a related party,
• Transactions undertaken with a related party in an earlier period have remained
unsettled for a considerable period of time,
• Active steps have been taken by those charged with governance or management to
conceal either the full terms of a transaction or that a transaction is, in substance, with a
related party.
Existence and Disclosure of Related Parties
When planning the audit the auditor should assess the risk that material undisclosed related
party transactions, or undisclosed outstanding balances between an entity and its related
parties may exist.
The auditor should review information provided by management identifying the names of all
known related parties and should perform the following audit procedures in respect of the
completeness of this information:
• Review prior year working papers for names of known related parties;
• Review the entity's procedures for identification of related parties;
• Inquire as to the affiliation of management and officers with other entities;
• Review shareholder records to determine the names of principal shareholders or, if
appropriate, obtain a listing of principal shareholders from the share register;
• Review minutes of the meetings of shareholders and those charged with governance
and other relevant statutory records such as the register of directors' interests;
• Inquire of other auditors currently involved in the audit, or predecessor auditors, as to
their knowledge of additional related parties;
• Review the income tax returns and other information supplied to regulatory agencies;
• Review invoices and correspondence from lawyers for indications of the existence of
related parties or related party transactions; and
• Inquire of the names of all pension and other trusts established for the benefit of
employees and the names of their management.
If, in the auditor's judgment, there is a lower risk of significant related parties remaining
undetected, these procedures may be modified as appropriate.
Where the applicable financial reporting framework requires disclosure of related party
relationships, the auditor should be satisfied that the disclosure is adequate.
Transactions with Related Parties
The auditor should review information provided by management identifying related party
transactions and should be alert for other material related party transactions. When obtaining
an understanding of the entity's internal control, the auditor should consider the adequacy of
control activities over the authorisation and recording of related party transactions.
Page 102
s
During the course of the audit, the auditor needs to be alert for transactions which appear
unusual in the circumstances and may indicate the existence of previously unidentified
related parties. Examples include:
• Transactions which have abnormal terms of trade, such as unusual prices, interest rates,
guarantees, and repayment terms.
• Transactions which lack an apparent logical business reason for their occurrence.
• Transactions in which substance differs from form.
• Transactions processed in an unusual manner
• High volume or significant transactions with certain customers or suppliers as
compared with others.
• Unrecorded transactions such as the receipt or provision of management services at no
charge.
During the course of the audit, the auditor carries out audit procedures which may identify the
existence of transactions with related parties. Examples include:
• Performing detailed tests of transactions and balances,
• Reviewing minutes of meetings of shareholders and those charged with governance,
• Reviewing accounting records for large or unusual transactions or balances, paying
particular attention to transactions recognised at or near the end of the reporting period,
• Reviewing confirmations of loans receivable and payable and confirmations from
banks. Such a review may indicate guarantor relationship and other related party
transactions.
• Reviewing investment transactions, for example, purchase or sale of an equity interest
in a joint venture or other entity.
Examining Identified Related Party Transactions
In examining the identified related party transactions, the auditor should obtain sufficient
appropriate audit evidence as to whether these transactions have been properly recorded
and disclosed.
Given the nature of related party relationships, audit evidence of a related party transaction
may be limited. Because of the limited availability of appropriate audit evidence about such
transactions, the auditor considers performing audit procedures such as:
• Discussing the purpose of the transaction with management ,
• Confirming the terms and amount of the transaction with the related party,
• Inspecting information in possession of the related party,
• Corroborating with the related party the explanation of the purpose of the transaction
and, if necessary, confirming that the transaction is bona fide,
• Obtaining information from an unrelated third party,
• Confirming or discussing information with persons associated with the transaction such
as banks, lawyers, guarantors and agents.
Page 103
s
Disclosures Relating to Control of the Entity
The auditor should obtain sufficient appropriate audit evidence that disclosures in the
financial statements relating to control of the entity are properly stated.
Management Representations
The auditor should obtain a written representation from management concerning the
completeness of information provided regarding the identification of related parties; and the
adequacy of related party disclosures in the financial statements
Audit Conclusions and Reporting
If the auditor is unable to obtain sufficient appropriate audit evidence concerning related
parties and transactions with such parties or concludes that their disclosure in the financial
statements is not adequate, the auditor should modify the audit report appropriately.
Problems associated with applying the standard include the identification of the controlling
party which may be difficult and the auditor may not be able to determine whether
transactions are material. (See materiality notes and limitations of criteria)
What procedures should a company put in place:
• Advise all directors and officers that they have a responsibility to disclose appropriate
transactions;
• Record all such transactions in the minutes of directors’ meetings;
• Maintain a register of all details which should be disclosed;
• Set out approval procedures in respect of transactions which fall under related party
issues;
• Obtain a formal statement annually from each director indicating the necessary
disclosures.
Audit procedures to assess such a system
• Inspect the board minutes
• Examine any agreements and contracts involving directors
• Consider whether transactions disclosed are on commercial grounds
• Assess the recoverability of amounts due in respect of directors or connected persons
• Review the legality of the disclosable transactions
• Review subsequent events after the year end for any additional disclosure requirements
C. MANAGEMENT REPRESENTATIONS
ISA 580 states that the auditor should obtain appropriate representations from management.
These are an important source of evidence. Indeed these may be the only suitable evidence
available where knowledge of such facts is confined to management or may even be one of
Page 104
s
judgement and opinion. The representations may be oral or written and may be obtained
either on a formal or informal basis. The auditors will include this information in their audit
working papers where it forms part of their total audit evidence. Written confirmation should
be obtained before the audit report is issued.
Acknowledgment by Management of its Responsibility for the Financial
Statements
The auditor should obtain audit evidence that management acknowledges its responsibility
for the fair presentation of the financial statements in accordance with the applicable financial
reporting framework, and has approved the financial statements. This normally occurs when
the auditor gets a signed copy of the financial statements which usually includes a statement
of management responsibilities. On the other hand the auditor can obtain audit evidence
from relevant minutes of meetings by obtaining a written representation from management.
Representations by Management as Audit Evidence
The auditor should obtain written representations from management on matters material to
the financial statements when other audit evidence cannot reasonably be expected to exist. It
may be necessary to inform management of the auditor's understanding of materiality.
The possibility of misunderstandings between the auditor and management is reduced when
oral representations are confirmed by management in writing.
The auditor should obtain written representations from management that:
• It acknowledges its responsibility for the design and implementation of internal
control to prevent and detect error; and
• It believes the effects of those uncorrected financial misstatements aggregated by the
auditor during the audit are immaterial to the financial statements taken as a whole.
During the course of an audit, management makes many representations to the auditor, either
unsolicited or in response to specific inquiries. When such representations relate to matters
which are material to the financial statements, the auditor will need to:
• Seek corroborative audit evidence from sources inside or outside the entity,
• Evaluate whether the representations made by management appear reasonable and
consistent with other audit evidence obtained and
• Consider whether the individuals making the representations can be expected to be
well informed on the particular matters.
Representations by management cannot be a substitute for other audit evidence that the
auditor could reasonably expect to be available. If the auditor is unable to obtain sufficient
appropriate audit evidence regarding a matter which has a material effect on the financial
statements and such audit evidence is expected to be available, this will constitute a
limitation in the scope of the audit, even if a representation has been received on the matter.
Page 105
s
In certain instances, audit evidence other than that obtained by performing inquiry may not be
reasonably expected to be available; therefore the auditor obtains a written representation by
management.
If a representation by management is contradicted by other audit evidence, the auditor should
investigate the circumstances and, when necessary, reconsider the reliability of other
representations made by management.
Documentation of Representations by Management
The auditor would ordinarily include, in audit working papers, evidence of management's
representations in the form of a summary of oral discussions with management or written
representations from management.
A written representation is ordinarily more reliable audit evidence than an oral representation
and can take the form of:
• A representation letter from management,
• A letter from the auditor outlining the auditor's understanding of
management's representations, duly acknowledged and confirmed by
management,
• Relevant minutes of meetings of the board of directors or similar body or a
signed copy of the financial statements.
Basic Elements of a Management Representation Letter
When requesting a management representation letter, the auditor should request that it be
addressed to the auditor, contain specified information and be appropriately dated and signed.
It would ordinarily be dated the same date as the auditor's report.
A management representation letter would ordinarily be signed by the members of
management who have primary responsibility for the entity and its financial aspects
(ordinarily the senior executive officer and the senior financial officer) based on the best of
their knowledge and belief.
Action if Management Refuses to Provide Representations
If management refuses to provide a representation that the auditor considers necessary, this
constitutes a scope limitation and the auditor should express a qualified opinion or a
disclaimer of opinion. In such circumstances, the auditor would evaluate any reliance placed
on other representations made by management during the course of the audit and consider if
the other implications of the refusal may have any additional effect on the auditor's report.
D. USING THE WORK OF OTHERS
The auditor is not expected to have the expertise of a person trained for or qualified to engage
in the practice of another profession or occupation, such as an actuary or engineer. For this
Page 106
s
reason an auditor may need to use the work of an expert to obtain sufficient, appropriate audit
evidence.
"Expert" means a person or firm possessing special skill, knowledge and experience in a
particular field other than accounting and auditing.
When using the work performed by an expert, the auditor should obtain sufficient appropriate
audit evidence that such work is adequate for the purposes of the audit.
If unable to obtain sufficient appropriate audit evidence, the auditor should consider the need
to modify the auditor's report. Although the auditor may use the work of an expert, the
auditor has sole responsibility for the audit opinion.
The expert can be engaged by the client or the auditor themselves. When the expert is
employed by the audit firm, the auditor will be able to rely on the firm's own systems for
recruitment and training that determine that expert's capabilities and competence instead of
needing to evaluate them for each audit engagement.
If neither the auditor nor the entity employs an appropriate expert, the auditor considers
asking management to engage an appropriate expert subject to the auditor being satisfied as
to the expert's competence and objectivity. If management is unable or unwilling to engage
an expert, the auditor may consider engaging an expert or whether sufficient appropriate audit
evidence can be obtained from other sources.
Determining the Need to Use the Work of an Expert
In obtaining an understanding of the entity and performing further procedures in response to
assessed risks, the auditor may need to obtain, in conjunction with the entity or
independently, audit evidence in the form of reports, opinions, valuations and statements of
an expert. Examples are:
• Valuations of certain types of assets, for example, land and buildings, plant and
machinery, works of art, and precious stones.
• Determination of quantities or physical condition of assets, for example, minerals
stored in stockpiles, underground mineral and petroleum reserves, and the remaining
useful life of plant and machinery
• Determination of amounts using specialised techniques or methods, for example, an
actuarial valuation.
• The measurement of work completed and to be completed on contracts in progress
• Legal opinions concerning interpretations of agreements, statutes and regulations.
When determining the need to use the work of an expert, the auditor would consider
• The engagement team's knowledge and previous experience of the matter being
considered;
• The risk of material misstatement based on the nature, complexity, and materiality of
the matter being considered and
• The quantity and quality of other audit evidence expected to be obtained.
Page 107
s
Competence and Objectivity of the Expert
When planning to use the work of an expert, the auditor should evaluate the professional
competence of the expert. This will involve considering
• The expert's professional certification or licensing by, or membership of, an
appropriate professional body and
• Experience and reputation in the field in which the auditor is seeking audit evidence.
The auditor should also evaluate the objectivity of the expert. The risk that an expert's
objectivity will be impaired increases when the expert is:
• Employed by the entity or
• Related in some other manner to the entity, for example, by being financially
dependent upon or having an investment in the entity
If the auditor is concerned regarding the competence or objectivity of the expert, the auditor
needs to discuss any reservations with management and consider whether sufficient
appropriate audit evidence can be obtained concerning the work of an expert. The auditor
may need to undertake additional audit procedures or seek audit evidence from another
expert.
If the auditor is unable to obtain sufficient appropriate audit evidence concerning the work of
an expert, the auditor needs to consider modifying the auditor's report.
Scope of the Expert's Work
The auditor should obtain sufficient appropriate audit evidence that the scope of the expert's
work is adequate for the purposes of the audit. Audit evidence may be obtained through a
review of the terms of reference which are often set out in written instructions from the entity
to the expert. Such instructions to the expert may cover matters such as:
• The objectives and scope of the expert's work,
• A general outline of the specific matters the auditor expects the report to cover,
• The intended use by the auditor of the expert's work, including the possible
communication to third parties of the expert's identity and extent of involvement,
• The extent of the expert's access to appropriate records and files,
• Clarification of the expert's relationship with the entity, if any,
• Confidentiality of the entity's information,
• Information regarding the assumptions and methods intended to be used by the expert
and their consistency with those used in prior periods.
In the event that these matters are not clearly set out in written instructions to the expert, the
auditor may need to communicate with the expert directly to obtain audit evidence in this
regard. In obtaining an understanding of the entity, the auditor also considers whether to
include the expert during the engagement team's discussion of the susceptibility of the entity's
financial statements to material misstatement.
Page 108
s
Evaluating the Work of the Expert
The auditor should evaluate the appropriateness of the expert's work as audit evidence
regarding the assertion being considered. This will involve evaluation of whether the
substance of the expert's findings is properly reflected in the financial statements or supports
the assertions, and consideration of:
• Source data used,
• Assumptions and methods used and their consistency with prior periods,
• When the expert carried out the work,
• Results of the expert's work in the light of the auditor's overall knowledge of the
business and of the results of other audit procedures.
When considering whether the expert has used source data which is appropriate in the
circumstances, the auditor would consider the following procedures:
• Making inquiries regarding any procedures undertaken by the expert to establish
whether the source data are relevant and reliable and
• Reviewing or testing the data used by the expert.
The appropriateness and reasonableness of assumptions and methods used and their
application are the responsibility of the expert. The auditor does not have the same expertise
and, therefore, cannot always challenge the expert's assumptions and methods. However, the
auditor will need to obtain an understanding of the assumptions and methods used and to
consider whether they are appropriate and reasonable, based on the auditor's knowledge of
the business and the results of other audit procedures.
Results of the expert
If the results of the expert's work do not provide sufficient appropriate audit evidence or if the
results are not consistent with other audit evidence, the auditor should resolve the matter.
This may involve discussions with the entity and the expert, applying additional audit
procedures, including possibly engaging another expert, or modifying the auditor's report.
Reference to an Expert in the Auditor's Report
When issuing an unmodified auditor's report, the auditor should not refer to the work of an
expert. Such a reference might be misunderstood to be a qualification of the auditor's opinion
or a division of responsibility, neither of which is intended.
If, as a result of the work of an expert, the auditor decides to issue a modified auditor's report,
in some circumstances it may be appropriate, in explaining the nature of the modification, to
refer to or describe the work of the expert (including the identity of the expert and the extent
of the expert's involvement). In these circumstances, the auditor would obtain the permission
of the expert before making such a reference. If permission is refused and the auditor believes
a reference is necessary, the auditor may need to seek legal advice.
Page 109
s
Internal audit
If the client has an internal audit dept., it may sometimes be possible for the external auditor
to make use of their work in arriving at their audit opinion.
E. DOCUMENTATION
All evidence obtained during an audit should be documented. The auditor’s working papers
are the evidence of all the work done which supports his audit opinion.
Where evidence is difficult to obtain such as related parties or discussions with management,
it is imperative that written notes are made of conversations, particularly where they concern
material matters.
Working papers should be reviewed by more senior members of staff before an audit
conclusion is reached. The review should consider whether:
• The work has been performed in line with the detailed audit programmes,
• The work performed and the results thereof have been adequately documented,
• Any significant matters have been resolved or are reflected in the audit opinion,
• The objectives of the audit procedures have been achieved,
• The conclusions expressed are consistent with the results of the work performed and
support the opinion of the auditor.
The following documentation should be reviewed on a timely basis:
• The overall audit strategy and the detailed audit plan,
• The assessment of inherent and control risks,
• The results of control and substantive procedures and the conclusions drawn from them,
• The proposed audit adjustments to the financial statements.
In some cases, particularly large complex audits, personnel not involved in the audit may be
asked to review some or all of the audit work. This is sometimes known as a peer review or a
hot review.
Question 7.1
You are the manager in charge of the audit of Newworld properties and you have been asked
to prepare the letter of representation which will be signed by the company’s directors.
There are two material items in the accounts for the year ended 30 April 2010 on which you
want the directors to confirm that the treatment in the accounts are correct.
Oldworld Builders, a subsidiary company, is experiencing going concern problems and you
want the directors to confirm that they intend to support the subsidiary for the foreseeable
future.
Trouble Manufacturing Ltd is in dispute with Newworld properties over repairs required to a
building they purchased a number of years ago. The customer is claiming that RWF3m
Page 110
s
worth of repairs are required and that Newworld properties is liable to pay for these repairs as
a result of negligent construction of the building. In addition, Trouble is claiming RWF2m
for the cost of disruption to the business due to the faults in the building. Newworld
properties have obtained the advice from their lawyer and a surveyor, and the directors
believe that there are no grounds for the claim. However, Newworld has included a note in
its accounts concerning this contingent liability.
You are required to:
1. Draft a letter of representation for the directors to sign. You should include the two
items above and any other required matters.
2. Discuss the letter of representation as reliable audit evidence and the extent to which
auditors can rely on this form of evidence.
3. Describe the work to be performed to check whether a provision in respect of Trouble
Manufacturing Ltd should be included in the accounts.
4. Describe the matters to consider and the further action that is necessary if the directors
refuse to sign the letter of representation because of the legal claim from Trouble
Manufacturing Ltd.
Question 7.2
What are the audit objectives.
Page 111
s
Study Unit 8
Audit Evaluation and Review
Contents
A.
Review Procedures
B.
Opening Balances
C.
Comparatives
D.
Other Information
E.
Subsequent Events
F.
Going Concern
G.
Compliance with International Financial Reporting
Standards
H.
Sample Questions
Page 112
s
Audit Evaluation and Review
A. REVIEW PROCEDURES
An auditor must perform and document an overall review of the financial statements before
making an audit opinion. This review, along with the conclusions drawn from other audit
evidence obtained, gives the auditor a reasonable basis for his opinion on the financial
statements. It needs to be carried out by a senior member of the audit team, who has the
appropriate skills and experience.
Compliance with accounting regulations
The auditor should consider whether the financial statements are in accordance with statutory
requirements and whether the accounting policies are in accordance with accounting
standards. In addition, the policies should be appropriate to the entity, properly disclosed and
consistently applied.
When assessing the accounting policies used by the entity, the auditor should consider
policies adopted in specific industries, standards and guidelines, the need for a true and fair
view and the need to reflect substance over form.
Review for consistency and reasonableness
The auditor needs to consider whether the financial statements are consistent with his
knowledge of the entity’s business and with the evidence accumulated from other audit
procedures, and that the manner of disclosure is fair.
The auditor will consider:
• Information and explanations received during the audit,
• New factors which may affect presentation and/or disclosure requirements,
• Results of analytical procedures applied,
• Undue influence by directors,
• The potential impact of the aggregate of uncorrected misstatements identified.
Analytical procedures
Analytical review procedures are used as part of the overall review procedure. This review
should cover accounting ratios, changes in products/customers, price and product mix
changes, wages changes, variances, trends in production and sales, changes in material/labour
content of production and variations caused by industry or economy factors. Significant
fluctuations and unexpected relationships must be investigated.
Summarise errors
During the course of the audit of financial statements, there will be material and immaterial
errors uncovered. The client will normally adjust the financial statements to take account of
Page 113
s
these errors. At the end of the audit however, there may be some outstanding errors and the
auditors will summarise these unadjusted errors.
The summary of errors will not only list errors from the current year, but also those that exist
from previous years. This allows errors to be highlighted that are reversals of errors from
previous years, such as in the valuation of closing/opening stock. The auditor should show
both the balance sheet and the profit and loss effect of these errors.
Evaluating the effect of misstatements
As part of the standard on materiality (ISA 320) in evaluating whether the financial
statements are prepared in accordance with an applicable financial reporting framework, the
auditor should assess whether the aggregate of uncorrected misstatements that have been
identified during the audit is material.
The aggregate of uncorrected misstatements are:
• Specific misstatements identified by the auditor, including ones identified during the
audit of the previous period if they affect the current period and
• The auditor’s best estimate of other misstatements which cannot be quantified
specifically.
If the aggregate of misstatements is material, the auditor must consider reducing audit risk by
carrying out additional testing. Otherwise, he may request management to adjust the
financial statements for the identified misstatements which the latter may wish to do anyway.
If the aggregate of the misstatements approaches the level of materiality, the auditor should
consider whether it is likely that undetected misstatements, when taken with the aggregated
uncorrected misstatements, could exceed the materiality level. If so, he should consider
reducing the risk by performing additional testing or as before requesting management to
adjust the financial statements for the identified misstatements.
Completion checklists
Auditors frequently use checklists as control documents and evidence, that all final
procedures have been carried out and that all material amounts are supported by sufficient
appropriate audit evidence. The checklists should be signed off.
B. OPENING BALANCES
Opening balances are based on the closing balances of the prior period and reflect
transactions of and accounting policies applied to the prior period.
ISA 510 provides guidance on when the financial statements of an entity are audited for the
first time and when the financial statements for the prior period were audited by another
auditor.
For initial audit engagements, the auditor should obtain sufficient appropriate audit
evidence that:
Page 114
s
• The opening balances do not contain misstatements that materially affect the current
period's financial statements;
• The prior period's closing balances have been correctly brought forward to the current
period or, when appropriate, have been restated; and
• Appropriate accounting policies are consistently applied or changes in accounting
policies have been properly accounted for and adequately presented and disclosed.
Appropriate sufficient audit evidence will depend on matters such as:
• The accounting policies,
• Whether the prior periods financial statements were audited and if so whether the
auditors’ report was qualified,
• The nature of the accounts and the risk of misstatement in the current period,
• The materiality of the opening balances relative to the current period balances.
Where the prior period’s financial statements were audited by other auditors, the current
auditor may be able to obtain sufficient appropriate audit evidence regarding opening balance
by reviewing the other auditor’s working papers. The current auditor should consider the
professional competence and independence of the other auditor. If the previous audit report
was qualified, the auditor should pay particular attention in the current period to those matters
that resulted in the qualification.
Where the prior period accounts were not audited or where the auditor has not obtained
sufficient appropriate evidence, he must perform other procedures. Examples would include:
• In respect of current assets and liabilities, some audit evidence can usually be obtained
as part of the current periods audit procedures such as the collection of opening debtors
during the current period. This will provide some evidence of their existence, rights
and obligations, completeness and valuation at the beginning of the period.
• The opening stock position may require observing a current physical count and then
reconciling it back to the opening position, testing the valuation of the opening stock
items and carrying out testing on gross margins and cut off procedures.
• For non-current assets and liabilities, the auditor may be able to obtain external
confirmation of opening balances with third parties e.g. long term debt and investments.
If, after performing audit procedures, the auditor is unable to obtain sufficient appropriate
audit evidence concerning opening balances, the auditor's report should include:
• A qualified opinion or
• A disclaimer of opinion or
• In those jurisdictions where it is permitted, an opinion which is qualified or disclaimed
regarding the results of operations and unqualified regarding financial position.
If the opening balances contain misstatements which could materially affect the current
financial statements, the auditor should inform management and, after having obtained
management's authorisation, the previous auditor, if any. If the effect of the misstatement is
not properly accounted for and adequately presented and disclosed, the auditor should
express a qualified opinion or an adverse opinion, as appropriate.
Page 115
s
If the current period's accounting policies have not been consistently applied in relation to
opening balances and if the change has not been properly accounted for and adequately
presented and disclosed, the auditor should express a qualified opinion or an adverse opinion
as appropriate.
If the entity's prior period auditor's report was qualified, the auditor should consider the
effect on the current period's financial statements. For example, if there was a scope
limitation, such as one due to the inability to determine opening inventory in the prior period,
the auditor may not need to qualify or disclaim the current period's audit opinion. However, if
a modification regarding the prior period's financial statements remains relevant and material
to the current period's financial statements, the auditor should modify the current auditor's
report accordingly.
C. COMPARATIVES
ISA 710 establishes the standards and provides guidance in this area.
The auditor should determine whether the comparatives comply in all material respects with
the financial reporting framework applicable to the financial statements being audited.
Different countries have different reporting frameworks.
The auditor should obtain sufficient appropriate audit evidence that amounts derived from the
preceding period's financial statements are free from material misstatements and are
appropriately incorporated in the financial statements for the current period.
Corresponding figures are amounts and other disclosures for the preceding period that are
included as part of the current period financial statements, and are intended to be read in
relation to the amounts and other disclosures relating to the current period. These
corresponding figures are not presented as complete financial statements capable of standing
alone, but are an integral part of the current period financial statements intended to be read
only in relationship to the current period figures.
Comparative financial statements are amounts and other disclosures for the preceding period
that are included for comparison with the financial statements of the current period, but do
not form part of the current period financial statements.
Comparatives are presented in compliance with the applicable financial reporting framework.
The essential audit reporting differences are that:
• For corresponding figures, the auditor's report refers only to the financial statements of
the current period whereas
• For comparative financial statements, the auditor's report refers to each period for
which financial statements are presented.
Corresponding figures
The auditor should obtain sufficient appropriate audit evidence that the corresponding figures
meet the requirements of the applicable financial reporting framework. The extent of audit
procedures performed on the corresponding figures is significantly less than for the audit of
the current period figures.
Page 116
s
The auditor should obtain sufficient appropriate audit evidence that:
• The accounting policies used for the corresponding amounts are consistent with those
of the current period and appropriate adjustments and disclosures have been made,
• The corresponding amounts agree with the amounts and other disclosures presented in
the preceding period and are free from errors in the context of the financial statements
of the current period,
• Where corresponding amounts have been adjusted as required by relevant legislation
and accounting standards, appropriate disclosures have been made.
Reporting
When the comparatives are presented as corresponding figures, the auditor should issue an
audit report in which the comparatives are not specifically identified because the auditor's
opinion is on the current period financial statements as a whole, including the corresponding
figures.
Where the auditor's report on the prior period, as previously issued, included a qualified
opinion, disclaimer of opinion, or adverse opinion and the matter that gave rise to the
modification is:
• Unresolved, and results in a modification of the auditor's report regarding the current
period figures, the auditor's report should also be modified regarding the corresponding
figures or
• Unresolved, but does not result in a modification of the auditor's report regarding the
current period figures, the auditor's report should be modified regarding the
corresponding figures only, or
• Resolved and properly dealt with in the financial statements, the current report does
not need a reference to the previous modification. However, if the matter is material to
the current period, the auditor may include an ‘emphasis of matter’ paragraph dealing
with the situation.
During the course of the current audit the auditor may become aware of a material
misstatement that affects the prior period financial statements on which an unqualified report
had been previously issued.
• If the prior period financial statements have been revised and reissued with a new
auditor's report, the auditor should obtain sufficient appropriate audit evidence that the
corresponding figures agree with the revised financial statements or,
• If the prior period financial statements have not been revised and reissued, and the
corresponding figures have not been properly restated and/or appropriate disclosures
have not been made, the auditor should issue a modified report on the current period
financial statements modified with respect to the corresponding figures included
therein.
• If prior period financial statements have not been revised and an auditor's report has not
been reissued, but the corresponding figures have been properly restated and/or
appropriate disclosures have been made in the current period financial statements, the
auditor may include an ‘emphasis of matter’ paragraph describing the circumstances
and refer to the appropriate disclosures.
Page 117
s
In some jurisdictions, the incoming auditor is permitted to refer to the previous auditor's
report on the corresponding figures in the incoming auditor's report for the current period.
When the auditor decides to refer to another auditor, the incoming auditor's report should
indicate:
• That the financial statements of the prior period were audited by another auditor,
• The type of report issued by the previous auditor and, if the report was modified, the
reasons for the qualification and
• The date of that report.
When the prior period financial statements are not audited, the incoming auditor should state
in the auditor's report that the corresponding figures are unaudited. The making of such a
statement does not relieve the auditor of his responsibilities to perform appropriate audit
procedures regarding the opening balances.
If the auditor is not able to obtain sufficient appropriate audit evidence regarding the
corresponding figures or, if there is not adequate disclosure, the auditor should consider the
implications for his report.
In situations where the incoming auditor identifies that the corresponding figures are
materially misstated, the auditor should request management to revise the corresponding
figures or if management refuses to do so, appropriately modify the report.
Comparative financial statements
The auditor should obtain sufficient appropriate audit evidence that the comparative financial
statements meet the requirements of the applicable financial reporting framework. This
involves evaluating whether:
• Accounting policies of the prior period are consistent with those of the current period,
• Prior period figures agree with the amounts and other disclosures presented in the prior
period and
• Appropriate adjustments and disclosures have been made.
Reporting
When the comparatives are presented as comparative financial statements, the auditor should
issue a report in which the comparatives are specifically identified because the auditor's
opinion is expressed individually on the financial statements of each period presented.
Since the auditor's report on comparative financial statements applies to the individual
financial statements presented, the auditor may express a qualified or adverse opinion,
disclaim an opinion or include an ‘emphasis of matter’ paragraph with respect to one or more
financial statements for one or more periods, while issuing a different report on the other
financial statements.
When reporting on the prior period financial statements in connection with the current year's
audit, if the opinion on such prior period financial statements is different from the opinion
previously expressed, the auditor should disclose the substantive reasons for the different
Page 118
s
opinion in an emphasis of matter paragraph. This may arise when he becomes aware of
circumstances or events that materially affect the financial statements of a prior period during
the course of the audit of the current period.
When the financial statements of the prior period were audited by another auditor:
• The previous auditor may reissue the audit report on the prior period with the incoming
auditor only reporting on the current period or
• The incoming auditor’s report should state the prior period was audited by another
auditor, the type of report issued by the other auditor (if qualified - the reasons) and the
date of that report.
In the course of the current audit the incoming auditor may become aware of a material
misstatement that affects the prior period accounts on which the previous auditor had
previously unqualified.
In these circumstances, the incoming auditor should discuss the matter with management and,
after having obtained management's authorisation, contact the previous auditor and propose
that the prior period financial statements be restated. If the previous auditor agrees to reissue
the audit report on the restated financial statements of the prior period, the auditor should
only report on the current period.
If the previous auditor does not agree with the proposed restatement or refuses to reissue the
audit report on the prior period financial statements, the introductory paragraph of the current
auditor's report should indicate that the previous auditor reported on the financial statements
of the prior period before restatement. In addition, if the incoming auditor applies sufficient
audit procedures to be satisfied as to the appropriateness of the restatement adjustment, he
may include a paragraph in his report.
When the prior period financial statements are not audited, the incoming auditor should state
in the auditor's report that the comparative financial statements are unaudited. This statement
does not relieve the auditor of the requirement to carry out appropriate audit procedures
regarding opening balances.
In situations where the incoming auditor identifies that the prior year unaudited figures are
materially misstated, the auditor should request management to revise the prior year's figures
or if management refuses to do so, appropriately qualify the report.
D. OTHER INFORMATION
Other information is financial and non-financial other than that included in the audited
financial statements.
ISA 720 states that an auditor should read the other information to identify material
inconsistencies with the audited financial statements.
If, as a result of reading the other information, the auditor becomes aware of any apparent
misstatements therein, or identifies any material inconsistencies with the audited financial
statements, the auditor should seek to resolve them.
Page 119
s
A ''material inconsistency'' exists when other information contradicts information contained
in the audited financial statements. A material inconsistency may raise doubts about the audit
conclusions drawn from audit evidence previously obtained and, possibly, about the basis for
the auditor's opinion on the financial statements.
An entity issues on an annual basis its audited financial statements together with the auditor's
report thereon. This document is frequently referred to as the ''annual report.'' In issuing such
a document, an entity may also include other financial and non-financial information.
Examples of other information include a report by management on operations, financial
summaries or highlights, employment data, planned capital expenditures, financial ratios,
names of officers and directors and selected quarterly data.
In certain circumstances, the auditor has a statutory or contractual obligation to report
specifically on other information. In other circumstances, the auditor has no such obligation.
However, the auditor needs to give consideration to such other information when issuing a
report on the financial statements, as the credibility of the audited financial statements may
be undermined by inconsistencies which may exist between the audited financial statements
and other information. The credibility of the audited financial statements may also be
undermined by misstatements within the other information.
Some jurisdictions require the auditor to apply specific procedures to certain of the other
information, for example, required supplementary data and interim financial information. If
such other information is omitted or contains deficiencies, the auditor may be required to
refer to the matter in the auditor's report.
When there is an obligation to report specifically on other information, the auditor's
responsibilities are determined by the nature of the engagement and by local legislation and
professional standards.
Access to other information
In order that an auditor can consider other information included in the annual report, timely
access to such information will be required. The auditor therefore needs to make appropriate
arrangements with the entity to obtain such information prior to the date of the auditor's
report. In certain circumstances, all the other information may not be available prior to such
date. In these circumstances, the auditor would need to consider his options.
Material inconsistencies
If, on reading the other information, the auditor identifies a material inconsistency, he should
determine whether the audited financial statements or the other information needs to be
amended.
If the auditor identifies a material inconsistency he should seek to resolve the matter through
discussion with management.
Page 120
s
If the auditor concludes that the other information contains inconsistencies with the financial
statements and the auditor is unable to resolve them through discussion with management, he
should consider requesting management to consult with a qualified third party, such as the
entity's legal counsel and consider the advice received.
If an amendment is necessary in the audited financial statements and the entity refuses to
make the amendment, the auditor should express a qualified or adverse opinion.
If an amendment is necessary in the other information and the entity refuses to make the
amendment, the auditor should consider including in the auditor's report an ‘emphasis of
matter’ paragraph describing the material inconsistency or take other actions.
The actions taken, such as not issuing the auditor's report or withdrawing from the
engagement, will depend upon the particular circumstances and the nature and significance of
the inconsistency. The auditor would also consider obtaining legal advice as to further action.
Material misstatements of fact
While reading the other information for the purpose of identifying material inconsistencies,
the auditor may become aware of a material misstatement of fact.
A ''material misstatement of fact'' in other information exists when such information, not
related to matters appearing in the audited financial statements, is incorrectly stated.
If the auditor becomes aware that the other information appears to include a material
misstatement of fact, the auditor should discuss the matter with the entity's management.
When discussing the matter with the entity's management, the auditor may not be able to
evaluate the validity of the other information and management's responses to the auditor's
inquiries and would need to consider whether valid differences of judgment or opinion exist.
The auditor should consider whether the other information requires to be amended.
When the auditor still considers that there is an apparent misstatement of fact, the auditor
should request management to consult with a qualified third party, such as the entity's legal
counsel and should consider the advice received.
If the auditor concludes that there is a material misstatement of fact in the other information
which management refuses to correct, the auditor should consider taking further appropriate
action. The actions taken could include such steps as notifying management in writing of the
auditor's concern regarding the other information and obtaining legal advice.
Availability of other information after the date of the auditor’s report:
Where all the other information is not available to the auditor prior to the date of the auditor's
report, the auditor should read the other information at the earliest possible opportunity
thereafter to identify material inconsistencies.
Page 121
s
If, on reading the other information, the auditor identifies a material inconsistency or
becomes aware of an apparent material misstatement of fact, the auditor should determine
whether the audited financial statements or the other information need revision.
When revision of the other information is necessary and the entity agrees to make the
revision, the auditor should carry out the audit procedures necessary under the circumstances.
The audit procedures may include reviewing the steps taken by management to ensure that
individuals in receipt of the previously issued financial statements, the auditor's report
thereon and the other information, are informed of the revision.
When revision of the other information is necessary but management refuses to make the
revision, the auditor should consider taking further appropriate action. The actions taken
could include such steps as notifying management in writing of the auditor's concern
regarding the other information and obtaining legal advice
E. SUBSEQUENT EVENTS
The auditor should consider the effect of subsequent events (events after the balance sheet
date) on the financial statements and on the auditor's report.
Events after the balance sheet date deals with the treatment in financial statements of events,
both favourable and unfavourable, that occur between the balance sheet date and the date
when the financial statements are authorised for issue and identifies two types:
• Those that provide evidence of conditions that existed at the balance sheet - adjusting
events - and
• Those that are indicative of conditions which arose after the balance sheet date - non-
adjusting events.
Events occurring up to the date of the auditor’s report
The auditor should perform audit procedures designed to obtain sufficient appropriate audit
evidence that all events up to the date of the auditor's report that may require adjustment of,
or disclosure in, the financial statements have been identified.
These procedures are in addition to procedures that may be applied to specific transactions
occurring after period end to obtain audit evidence as to account balances as at period end,
for example, the testing of stock cut-off and payments to creditors. The audit procedures to
identify events that may require adjustment would be performed as near as possible to the
date of the auditor's report. Such audit procedures would take into account the auditor's risk
assessment and include the following:
• Reviewing management procedures to ensure that subsequent events are identified.
• Reading minutes of the meetings of shareholders and directors held after the period end
and inquiring about matters discussed for which minutes are not yet available.
• Reading the entity's latest available interim financial statements and, as considered
necessary and appropriate, budgets, cash flow forecasts and other related reports.
• Inquiring of the entity's legal counsel concerning litigation and claims.
Page 122
s
• Inquiring of management as to whether any subsequent events have occurred which
might affect the financial statements such as the following specific matters:
- The current status of items based on preliminary or inconclusive data,
- New commitments, borrowings or guarantees,
- Major sales or acquisition of assets occurred or planned,
- Issue of new shares or debentures or an agreement/plans to merge or liquidate,
- Assets appropriated by government or destroyed by fire or flood,
- Developments regarding risk areas and contingencies,
- Unusual accounting adjustments made or contemplated,
- Any events occurring or likely to occur which will bring into question the
appropriateness of accounting policies used in the financial statements.
When the auditor becomes aware of events that materially affect the financial statements, he
should consider whether such events are properly accounted for and adequately disclosed.
Facts discovered after date of the auditor’s report but before the financial
statements are issued
The auditor does not have any responsibility to perform audit procedures or make any inquiry
regarding the financial statements after the date of the auditor's report. During the period
from the date of the auditor's report to the date the financial statements are issued, the
responsibility to inform the auditor of facts that may affect the financial statements rests with
management.
Where after the date of the auditor's report but before the financial statements are issued, the
auditor becomes aware of a fact that may materially affect the financial statements, the
auditor should consider whether the financial statements need amendment. He should discuss
the matter with management and should take the action appropriate in the circumstances.
When management amends the financial statements, the auditor would carry out additional
audit procedures and should issue a new report on the amended financial statements. The new
report would be dated not earlier than the amended financial statements are signed or
approved by management.
When management does not amend the financial statements in circumstances where the
auditor believes they need to be amended and the auditor's report has not been released to the
entity, the auditor should express a qualified opinion or an adverse opinion.
When the auditor's report has been released to the entity, the auditor would notify
management not to issue the financial statements and the auditor's report thereon to third
parties. If they are subsequently released, the auditor needs to take action to prevent reliance
on the audit report. The action taken will depend on the auditor's legal rights and obligations
and the recommendations of the auditor's lawyer.
Facts discovered after the financial statements have been issued
After the financial statements are issued, the auditor has no obligation to make any further
inquiry.
Page 123
s
When, after the financial statements have been issued, the auditor becomes aware of a fact
which existed at the date of the auditor's report and which, if known at that date, may have
caused the auditor to qualify his report, the auditor should consider whether the financial
statements need revision, should discuss the matter with management and should take the
action appropriate in the circumstances.
Where the auditor becomes aware of a fact relevant to the audited financial statements that
did not exist at the date of the auditor's report there are no statutory provisions for revising
financial statements. The auditor should discuss with management whether they should
withdraw the financial statements and where management decides not to do so the auditor
may wish to take advice on whether it might be possible to withdraw their report. A possible
course of action may include making a statement by management or the auditor at the annual
general meeting. In any event legal advice may be helpful.
When management revise the financial statements, the auditor should carry out the audit
procedures necessary in the circumstances and should review the steps taken by management
to ensure that anyone in receipt of the previously issued financial statements together with the
auditor's report thereon is informed of the situation. The auditor should issue a new report on
the revised financial statements.
The new auditor's report should include an emphasis of a matter paragraph referring to a note
to the financial statements that more extensively discusses the reason for the revision of the
previously issued financial statements and to the earlier report issued by the auditor. The new
auditor's report would be dated not earlier than the date the revised financial statements are
approved.
When management does not take the necessary steps to ensure that anyone in receipt of the
previously issued financial statements together with the auditor's report thereon is informed
of the situation and does not revise the financial statements in circumstances where the
auditor believes they need to be revised, the auditor should notify management that action
will be taken by the auditor to prevent future reliance on the auditor's report. The action taken
will depend on the auditor's legal rights and obligations and the recommendations of the
auditor's lawyers.
F. GOING CONCERN
When planning and performing audit procedures and, in evaluating the results, the auditor
should consider the appropriateness of management's use of the going concern assumption in
the preparation of the financial statements.
Going concern is viewed as continuing in business for the foreseeable future with neither the
intention nor need to cease trading. Assets and liabilities are recorded on the basis that one
can realise assets and discharge liabilities in the normal course of business.
When preparing the financial statements, management should make an assessment of the
company’s ability to continue as a going concern.
Page 124
s
Management's assessment of the going concern assumption involves making a judgment, at a
particular point in time, about the future outcome of events or conditions that are inherently
uncertain. The following factors are relevant:
• The degree of uncertainty associated with the outcome of an event or condition
increases significantly the further into the future a judgment is being made about the
outcome of an event or condition.
• Any judgment about the future is based on information available at the time at which
the judgment is made. Subsequent events can contradict a judgment that was reasonable
at the time it was made.
• The size and complexity of the entity, the nature and condition of its business and the
degree to which it is affected by external factors all affect the judgment regarding the
outcome of events or conditions.
Possible indicators of going concern problems:
Financial
• Net liability or net current liability position,
• Necessary borrowing facilities have not been agreed,
• Borrowings approaching maturity without realistic prospects of renewal or repayment,
• Excessive reliance on short-term borrowings to finance long-term assets,
• Major debt repayment falling due where refinancing is necessary,
• Major restructuring of debt,
• Indications of withdrawal of financial support by debtors and other creditors,
• Negative operating cash flows and adverse key financial ratios,
• Substantial operating losses or significant deterioration in the value of assets used to
generate cash flows,
• Major losses or cash flow problems that have arisen since the balance sheet date,
• Arrears or discontinuance of dividends,
• Inability to pay creditors on due dates,
• Inability to comply with the terms of loan agreements,
• Reduction in normal terms of trade credit by suppliers,
• Change from credit to cash-on-delivery transactions with suppliers,
• Inability to obtain financing for essential new product development,
• Substantial sales of fixed assets not intended to be replaced.
Operating
• Loss of key management and staff without replacement,
• Loss of a major market, franchise, licence, or principal supplier,
• Labour difficulties or shortages of important supplies,
• Fundamental changes in the market or technology to which the entity is unable to adapt
adequately,
• Excessive dependence on a few product lines where the market is depressed,
• Technical developments that render a key product obsolete.
Other
• Non-compliance with capital or other statutory requirements
Page 125
s
• Pending legal or regulatory proceedings against the entity that may, if successful, result
in claims that are unlikely to be satisfied
• Changes in legislation or government policy expected to adversely affect the entity
• Issues which involve a range of possible outcomes so wide that an unfavourable result
could affect the appropriateness of the going concern basis
The significance of such events or conditions can often be mitigated by other factors:
• The effect of an entity being unable to make its normal debt repayments may be counter-
balanced by management's plans to maintain adequate cash flows by alternative means,
such as by disposal of assets or rescheduling of loan repayments.
• Similarly, the loss of a principal supplier may be mitigated by the availability of a suitable
alternative source of supply.
Auditor’s responsibilities
The auditor's responsibility is to consider:
• The appropriateness of management's use of the going concern assumption in the
preparation of the financial statements, and
• Whether there are material uncertainties about the entity's ability to continue as a going
concern that need to be disclosed in the financial statements.
In obtaining an understanding of the entity, the auditor should consider whether there are
events or conditions and related business risks that may cast significant doubt on the entity's
ability to continue as a going concern. In addition, he should remain alert for audit evidence
of events or conditions in performing audit procedures throughout the audit and consider
whether any identified affect his assessment of the risks of material misstatements.
Management may have already made a preliminary assessment when the auditor is
performing risk assessment procedures. If so, the auditor should review that assessment to
determine whether management has identified events or conditions and what plans they have
to address them. If management has not yet made a preliminary assessment, the auditor
should discuss with management the basis for their intended use of the going concern
assumption, and inquires of management whether events or conditions exist.
The auditor should evaluate management's assessment of the entity's ability to continue as a
going concern. He should consider the same period as that used by management in making
its assessment under the applicable financial reporting framework. If management's
assessment of the entity's ability to continue as a going concern covers less than twelve
months from the balance sheet date, the auditor should ask management to extend its
assessment period to twelve months from the balance sheet date.
In evaluating management's assessment, the auditor should consider
• The process management followed to make its assessment,
• The assumptions on which the assessment is based and
• Management's plans for future action.
There is no need for a detailed assessment by management and extensive review by the
auditor if the company has a good history of profitable operations and access to sufficient
financial resources.
Page 126
s
The auditor does not have a responsibility to design audit procedures other than inquiry of
management. However, he may become aware of such known events or conditions during
the planning and performance of the audit, including subsequent events procedures. He
should therefore inquire of management as to its knowledge of events or conditions beyond
the period of assessment used by management that may cast significant doubt on the entity's
ability to continue as a going concern.
Since the degree of uncertainty associated with the outcome of an event or condition
increases further into the future the indications of going concern issues will need to be
significant before the auditor considers taking further action. The auditor may need to ask
management to determine the potential significance of the event or condition on their going
concern assessment.
Additional audit procedures
When events or conditions have been identified which may cast significant doubt on the
entity's ability to continue as a going concern, the auditor should:
• Review management's plans for future actions based on its going concern assessment,
• Gather sufficient appropriate audit evidence to confirm or dispel whether or not a
material uncertainty exists through carrying out audit procedures considered necessary,
including considering the effect of any plans of management and other mitigating
factors and
• Seek written representations from management regarding its plans for future action.
Such audit procedures may include:
• Analysing and discussing cash flow, profit and other forecasts with management,
• Analysing and discussing the entity's latest available interim financial statements,
• Reviewing terms of loan agreements and determining whether any were breached,
• Reading minutes of the meetings of shareholders, directors, management and relevant
committees for reference to financing difficulties,
• Inquiring of the entity's lawyer regarding the existence of litigation and claims and the
reasonableness of management's assessments of their outcome and the estimate of their
financial implications,
• Confirming the existence, legality and enforceability of arrangements to provide or
maintain financial support with related and third parties and assessing the financial
ability of such parties to provide additional funds,
• Considering the entity's plans to deal with unfilled customer orders,
• Reviewing events after period end to identify those that either mitigate or otherwise
affect the entity's ability to continue as a going concern.
When analysis of cash flow is a significant factor in considering the future outcome of events
or conditions the auditor should consider:
• The reliability of the entity's information system for generating such information,
• Whether there is adequate support for the assumptions underlying the forecast and
• The comparability of prospective financial information with historical results and
results to date.
Page 127
s
Audit Conclusions and Reporting
Based on the audit evidence obtained, the auditor should determine if, in his judgment, a
material uncertainty exists related to events or conditions that alone or in aggregate, may cast
significant doubt on the entity's ability to continue as a going concern.
If the use of the going concern assumption is appropriate but a material uncertainty exists, the
auditor considers whether the financial statements:
• Adequately describe the principal events or conditions that give rise to the significant
doubt on the entity's ability to continue in operation and management's plans to deal
with these events or conditions and
• State clearly that there is a material uncertainty and thus be unable to realise its assets
and discharge its liabilities in the normal course of business.
If adequate disclosure is made in the financial statements, the auditor should express an
unqualified opinion but modify the auditor's report by adding an ‘emphasis of matter’
paragraph that highlights the existence of a material uncertainty and draws attention to the
note in the financial statements.
If adequate disclosure is not made in the financial statements, the auditor should express a
qualified or adverse opinion. The report should include specific reference to the fact that
there is a material uncertainty that may cast significant doubt about the entity's ability to
continue as a going concern.
If, in the auditor's judgment, the entity will not be able to continue as a going concern, the
auditor should express an adverse opinion if the financial statements have been prepared on
a going concern basis regardless of whether or not disclosure has been made.
If management is unwilling to make or extend its assessment when requested to do so by the
auditor, the auditor should consider the need to qualify the auditor's report as a result of the
limitation on the scope of the auditor's work.
When there is significant delay in the signature or approval of the financial statements by
management after the balance sheet date, the auditor should consider the reasons for the
delay. When the delay could be related to events or conditions relating to the going concern
assessment, the auditor should consider the need to perform additional audit procedures.
G. COMPLIANCE WITH INTERNATIONAL FINANCIAL
REPORTING STANDARDS
Financial statements must give a true and fair view under the relevant reporting framework.
Auditors must ensure that this is so.
Companies report on their financial statements compliance with international standards and
their own national accounting framework. It would not be acceptable to issue an unqualified
report in respect of compliance with international standards where there is divergence from
national standards.
Page 128
s
Financial statements prepared in accordance with IFRSs
In order to comply with IFRSs, the financial statements must comply with each standard.
Where there is a note specifying certain departures or partial compliance, then it is
inappropriate to give an unqualified opinion.
Financial statements prepared in accordance with more than one reporting framework
Unless there is significant convergence of national standards with international standards, it is
unlikely that a set of financial statements can comply with two frameworks. It might be
better to report on one framework only. If both are required to be reported on, the auditors
will have to qualify their opinion in respect of one of the frameworks.
It should be noted that Article 254 of Law 7/2009 of 27/04/2009 relating to companies states
that “The financial statements of a company shall comply with international standards”.
Financial statements in accordance with another acceptable financial reporting frame
work
In this case the financial statements are probably prepared in accordance with national
standards and may contain a note showing a reconciliation to international standards. The
note should give a true and fair view and therefore the auditor should accumulate sufficient
and appropriate evidence in respect of this note.
Question 8.1
You are the audit senior of EX electronics. They are involved in the assembly of
microcomputers and sell them along with associated equipment to retailers. Many of the
supplies are bought from the far-east. These computers are used by businesses for a variety
of services such as accounting and word processing.
The audit partner has asked you to consider the firm’s audit responsibilities in relation to
subsequent events after the balance sheet date and any necessary audit work you might carry
out.
You are required to:
(a) Describe the responsibilities of the auditor for detecting errors in the accounts during the
following periods:
1. From period end to date of audit report
2. Date of audit report to issue of financial statements
3. After financial statements are issued
(b) List the audit work you will carry out in period 1 considering subsequent events.
(c) Describe the work you will carry out in period 2 to ensure that no adjustments are required
to the accounts.
Question 8.2
Identify enquiries which may be made of management when reviewing for subsequent
events.
Page 129
s
Question 8.3
Briefly describe what issues analytical review may focus on.
Page 130
s
BLANK
Page 131
s
Study Unit 9
Audit Reports
Contents
A.
Forming and Audit Opinion
B.
The Problem of Communication
C.
Electronic Reporting
D.
Special Purpose Reports
E.
Reporting to Management
F.
Sample Questions
Page 132
s
AUDIT REPORTS
Auditors obtain evidence and draw conclusions from that evidence in order to express an
opinion on a set of financial statements.
A. FORMING AN AUDIT OPINION
There are various audit opinions which can be expressed on a set of financial statements.
Description
Audit opinion
Accounts show a true and fair view
Unqualified audit opinion
Material items do not show a true and fair
view
Modified audit report
Accounts show a true and fair view except
for……….
A true and fair view is not shown because
disagreements are pervasive to the
accounts.
Perhaps there a significant number of
material disagreements that do not show a
true and fair view.
Adverse audit opinion
The auditor cannot tell whether a true and
fair view is given in respect of material
items due to limitation in scope.
Modified audit report
Accounts show a true and fair view except
for……….
Auditor cannot tell whether a true and fair
view is given at all due to a limitation in
scope.
Disclaimer of opinion
The auditor needs to consider a number of key matters:
• Has he received all the information and explanations necessary
• Has he carried out all the procedures needed to meet applicable auditing standards.
• Have applicable accounting requirements been used in the preparation of the financial
statements.
• Do the financial statements give a true and fair view.
The Process of forming an audit opinion:
• Ascertain whether all the evidence reasonably expected to be available has been
obtained and has been evaluated.
• Assess whether the effect of not gaining sufficient and relevant evidence is such that
the financial statements could be misleading as a whole or in material part. The former
would require a disclaimer of opinion while the latter would require an “except for”
opinion.
• Ascertain whether the financial statements are prepared in accordance with IFRS and
generally accepted accounting principles.
• Assess whether a departure from the accepted accounting principles is required to give
a true and fair view and has there been adequate disclosure.
Page 133
s
• Assess whether any unnecessary departure from accounting principles is material or
pervasive to the financial statements. A material departure will give an “except for”
opinion while a pervasive departure will result in an adverse opinion.
• Conclude as a whole whether the financial statements give a true and fair view.
Impact of the Auditor’s report on Both Matters of Opinion and Matters of
Fact
Matters of opinion
• Has the company kept proper books of account.
• Have proper returns sufficient for the purposes of the audit been received by the
auditor.
• Have the accounts been properly prepared and do they show a true and fair view.
• Does a financial situation exist which would require the convening of a Special
Meeting Where group accounts are submitted, have the group accounts been properly
prepared in accordance with the companies acts so as to give a true and fair view.
Matters of facts
• Are the accounts in agreement with the books.
• Has the auditor obtained all the information and explanations which are necessary for
the purposes of the audit.
• Is the information in the director’s report consistent with the financial statements.
‘Emphasis of matter’ paragraph
An auditor will use an ‘emphasis of matter’ paragraph to highlight a specific matter (when he
has issued an unqualified audit report) such as a fundamental uncertainty.
Examples could include questions over the recoverability of a debtor balance or a potential
liability such as a fine.
The auditor may feel that there is sufficient disclosure in the accounts and as such there is no
need to issue a qualified audit report. He may however, wish to draw the reader’s attention to
this matter and hence the emphasis of matter paragraph.
B. THE PROBLEM OF COMMUNICATION
The communication problem is caused by a number of factors that can be identified as:
• Understandability
Auditing is full of jargon. There are auditing standards and guidelines and it is a technical
art. There is a language that non-auditors may find difficult to understand. Communicating
the audit opinion in a form that all people can understand can be very difficult.
• Responsibility
As far as the law is concerned the auditors are responsible for certain duties. In addition,
professional standards may apply other duties on the auditor.
Users of the financial statements however, may not have the same perception of what the
auditor’s duties are i.e. the expectations gaps.
Page 134
s
• Availability
The fact that companies now tend to publish their financial statements on their websites,
means that the availability of audit reports to the general public has increased. Auditors need
to consider the risks that this brings. It is true to say that the fact that the accounts are now
available for public scrutiny adds to the perception that the auditor’s report is now addressed
to more than just the shareholders.
The standard report
The standard report is designed to eliminate the problems of lack of understandability.
The report contains certain elements:
• It is clearly addressed to shareholders,
• There are introductory paragraphs which outline what the report refers to,
• There are paragraphs outlining the responsibilities of the auditors and the directors,
• There is an explanation of the basis on which the auditors have come to their
conclusions,
• There is an expression of an opinion.
However, it still includes technical terms and is still a difficult document to fully understand.
It can be argued that the existence of the standard report adds complexity to the situation and
that it may be better to have tailored reports to each client’s specific situations.
Its advantages are that it should be easier for users to understand and that it should contain
certain elements in common with other audit reports which can be compared like for like.
C. ELECTRONIC REPORTING
When financial information is made available electronically, the auditor must ensure that
their report is not misrepresented.
Consent
The auditing practices board issued a bulletin that recommends that the directors should
obtain the consent of the auditor to publish the audit report on a website. Ideally, the matter
should be clarified in the letter of engagement.
The auditor may reserve the right to give consent if they do not like the presentation of the
report and the associated financial statements.
They should also ensure that their report is appropriately worded for inclusion on a website.
It should probably contain references to specific financial statements rather than reference to
page numbers.
Controls
The auditor should carry out the following procedures where their report is to be published
electronically.
Page 135
s
• Review the process of deriving the information from the hardcopy accounts.
• Check that the information is identical to the hardcopy information.
• Review whether the presentation has been distorted giving a different perspective from
the original hardcopy.
The directors are responsible for ensuring that the hardcopy report is not tampered with once
it is up on the website.
D. SPECIAL PURPOSE REPORTS
Auditors may issue special reports on summary financial statements, revised financial
statements and distributions following an audit qualification.
Summarised financial statements
These may be prepared by management in order to inform user groups such as shareholders
or bankers of the company’s financial position and the results of its operations.
The auditor should not report on these summarised financial statements unless he has
expressed an audit opinion on the financial statements from which the summary information
is derived.
Distributions following an audit qualification
Distributions in certain jurisdictions e.g. Rwanda and Ireland such as dividends can only be
made out of accumulated realised profits less accumulated realised losses. A modified audit
report may state whether the subject matter of the qualification is material in determining
whether a dividend can be paid.
Revised accounts
The revision of accounts may be undertaken by a revision by replacement or a revision by
supplementary note.
In both case the accounts should be prepared and then approved by management as at the
original date of the accounts. The extent of any revision is limited to that resulting from facts
which were known at the original date of approval.
The auditor has no duty to search for any further evidence which may affect the accounts to
which the report relates. However, if such a matter comes to his attention, he should discuss
any appropriate revision with management. If the latter is unwilling to revise the accounts,
then the auditor should consider taking legal advice.
The auditor should follow specific procedures such as:
• Review the original audit plan and the extent to which additional audit evidence is
required.
• Reassess any matters of judgment involved in the original audit.
• Obtain evidence specific to the revised amounts.
Page 136
s
• Review the period after the date on which the original accounts were approved.
• Review the revised accounts, in light of the conclusions drawn from other audit
evidence obtained, to give the auditor a reasonable basis for his opinion on the
accounts.
• Consider any legal consequences of the revision.
E. REPORTING TO MANAGEMENT
Auditors report relevant audit matters to management and will often produce a management
letter detailing control weaknesses observed during an audit.
The auditor should communicate matters of governance interest arising from the audit of
financial statements with those charged with governance of an entity.
The scope is limited to those matters that specifically come to the auditor’s attention during
the course of his audit. He is not responsible for designing specific tests and procedures to
identify matters of governance.
The auditor should determine the relevant persons who are charged with governance and with
whom audit matters of governance interest are communicated.
To avoid misunderstandings, the engagement letter should explain that the auditor will only
communicate matters that come to their attention as a result of the performance of the audit.
The engagement letter may describe the form which the communication will take, identify the
relevant persons to whom the communication should go and identify any specific matters of
governance which have been agreed to be communicated.
The auditor should consider matters of governance that arise from the audit of the financial
statements and communicate them to those charged with governance.
Such matters would include:
• The general approach or scope of the audit,
• Selection of and changes in significant accounting policies,
• The potential effect of any significant risks and exposures,
• Significant audit adjustments,
• Material uncertainties that may affect the going concern basis,
• Significant disagreements with management,
• Expected modifications to the audit report,
• Other matters such as weaknesses in internal controls or fraud involving management,
• Other matters mentioned in the letter of engagement.
The auditor should consider audit matters of governance on a timely basis.
He should have regard to local laws and regulations when communicating to management.
Page 137
s
Question 9.1
You are the audit partner in charge of WB Ltd. The company is developing a website and its
directors wish to provide full access to the audited financial statements. What are the issues
that are likely to concern you?
Question 9.2
Webup Ltd has an operational website on which customers are trading. It was developed and
installed by an outside firm but will be maintained solely by the IT manager of Webup.
There is no external maintenance agreement in place. The cost of the website development
was substantial and it made quite a dent in the profit and loss account figures. Webup has an
arrangement with a couple of other companies to have free advertising on each others’
websites. This is not reflected in the financial statements.
During the audit what evidence would you seek in relation to the above information and are
there any implications for your audit report.
Question 9.3
You are the audit senior on High Street Fashions (HSF) Ltd. The company owns a chain of
upmarket clothing stores and also has a manufacturing facility doing its own brand. Its own
brand accounts for 50% of sales and inventory. Profits for the year have improved to
RWF7m from RWF3m last year and the balance sheet is healthy at RWF23m up from
RWF15m last year.
The stores are revalued every year with a couple this year achieving sharp increases due to a
booming property market. In addition, a number of stores had refits. The increase in assets
due to the refits and revaluations is RWF10m. Its manufacturing facility is not revalued.
The company’s stock is RWF1.6m and is valued at the lower of cost or net realisable value.
The cost is derived after deducting a suitable margin from the selling price.
Exchanges and refunds are common in the stores as none of them has suitable
fitting/changing rooms. HSF does not make any provision in the accounts for any refunds.
Discuss the implications on the audit report of the above points.
Question 9.4
What are the types of audit opinions that can be given on an audit report?
Page 138
s
BLANK
Page 139
s
Study Unit 10
Audit of Financial Statements
Contents
A.
Introduction
B.
Construction Contracts
C.
Liabilities
D.
Income
E.
Expenses
F.
Disclosures
G.
Sample Questions
Page 140
s
AUDIT OF FINANCIAL STATEMENTS
A. INTRODUCTION
When you are auditing items appearing in the financial statements, you need to consider the
following matters:
• Risk,
• Materiality,
• Relevant accounting standards,
• Audit evidence.
B. ASSETS
The key audit objectives are existence, completeness, valuation and rights and obligations.
Inventories of Stock, Work in Progress and Finished Goods
The auditor needs to evaluate whether the valuation of stock is reasonable. IAS 2 states that
stock should be measured at the lower of cost and net realisable value. Costs would include
cost of purchase and any other costs incurred in bringing the stock to its present condition and
location.
Audit work specific to inventories
This will cover areas such as quantities, identification, condition, cut-off and valuation.
• Review the written count instructions issued to client staff. Evaluate whether the
instructions if followed are likely to derive an accurate count.
• Attend at count and assess whether count is in accordance with instructions.
• Carry out test counts at physical stock-take and check against client records. Note
counts of specific items for further testing at final audit stage.
• Ensure there is adequate control over the issue and return of all count sheets.
• At the final audit stage, agree all items noted on stock count to the final evaluation.
• Ensure that all staff responsible for counting have the necessary expertise to ensure all
items are identified and counting accurately.
• Test identification of individual items with appropriate catalogues etc.
• Compare a sample of descriptions from the valuation back to the rough stock sheets.
• Test the condition of a sample of items on the stock count making note of any items
that appear damaged or appear to have been around for a long time.
• Ensure that items noted as less than perfect are written down in the final valuation.
• Observe at count whether there is movement of stock and assess the controls over the
control of movement of stock on the day of the count.
• Make a note of the last despatch note and the last goods inward note written.
• Carry out sample tests to ensure sales/purchases are accounted for in the correct period.
• Select a sample of prices in the final valuation and agree back to supplier’s invoices.
• Select a sample of prices used and assess their net realisable value.
• Review the stock note in the accounts to assess whether there is appropriate disclosure.
• Review the letter of representation to ensure there is an adequate reference to stock.
Page 141
s
The method of stock valuation may be based on unit cost, FIFO, LIFO or average stock. The
auditor should determine whether the method used is appropriate and properly applied.
Manufacturing stock valuation may also incorporate labour costs and production overheads.
Standard costing
IAS 2 allows standard costing to be used where prices are fluctuating. The auditor should
ensure that the standard costing is appropriate in the circumstances and that the calculation of
the standard cost is reasonable.
In evaluating the appropriateness of standard costing you must consider whether prices are in
fact fluctuating, whether this is the best accounting policy, if the policy has changed from the
previous year how do the two years compare and is their sufficient disclosure.
In assessing the reasonableness of the calculation you must review the specific calculation,
check the calculations, review them for reasonableness and verify specific elements of the
calculation to source documentation such as purchase invoices, wages and overheads.
Construction contracts
IAS 11 sets out the following accounting treatments:
• Contract revenue and cost should be recognised in the period in which the work is
performed.
• An excess of total costs over total revenue should be recognised as an expense.
• Any costs incurred, which relate to future activity should be recognised as an asset if it
is probable that they will be recovered. (work in progress)
• Where amounts have been recognised as contract revenue, but their recoverability
becomes doubtful, recognise as an expense and not as a deduction from revenue.
The auditor should ensure that revenue and expenses have been correctly recognised and that
any asset recognised for cost incurred in relation to future activity are recoverable.
Procedures that might be employed would include:
• Verify revenue figures to certification of work completed,
• Verify cost figures to invoices and ensure that they relate to the current period,
• Ensure that capitalised costs relating to future activity are verified by reviewing
invoices and work schedules,
• Review contract to ensure that capitalised costs are recoverable,
• Undertake bad debt review and ensure that any debt that is not collectable has been
treated as an expense.
Non-Current Assets
The auditor will concentrate on areas such as rights and obligations, valuation, existence,
occurrence and presentation and disclosure. Specific tests would include:
• Reconcile opening figures, from last year’s file to the current accounting records.
Page 142
s
• Obtain a summary of assets analysed into categories such as cost, additions, disposals,
depreciation and net book value. Agree these figures to source documentation.
• Review the nominal ledger accounts and asset registers for any unusual items.
• Verify title to assets by inspection of title deeds and land registry certificates.
• Obtain list of additions and verify ownership by inspection of architect’s certificates,
invoices etc. Check that purchases have been authorised.
• Review for evidence of charges in statutory books and by company search.
• Examine invoices received after the year end, orders and minutes for evidence of
capital commitments which may require disclosure.
• Verify costs of additions to supplier’s invoices.
• Check that costs have been capitalised correctly.
• Where the clients have used their own labour to construct assets, ensure that materials,
labour and overheads have been correctly analysed and are properly charged to capital.
• Review depreciation rates applied in relation to assets lives.
• For revalued assets, ensure that the depreciation is charged on the revalued amount.
• Ensure no further depreciation has been provided on fully depreciated assets.
• Check valuation by inspecting any recent valuation certificate and considering the
experience of a valuer, scope of his work and methods and assumptions made.
• Review insurance policies for all categories of tangible non-current assets and consider
the adequacy of their insured values and check expiry dates.
• Consider any evidence of permanent diminution in value e.g. physical inspection, asset
no longer used etc.
• Make physical inspection of a sample of items and confirm that they are recorded in the
asset register and the accounting records.
• Reconcile the asset register to the accounting records.
• Obtain or prepare a list of disposals and scrappings from non-current assets during the
year. Reconcile original cost with sale proceeds and verify book profits and losses.
Check assets have been deleted from the asset register.
• Consider whether disclosure complies with legislation and accounting standards.
Lack of an asset register
If a non-current asset register is not kept, the auditor should obtain a schedule of all the major
items of non-current assets showing the original cost and estimated depreciated value. He
should reconcile both the cost and depreciated value with the draft accounts.
In the absence of an asset register, the auditor is faced with a problem in relation to disposals.
Where there is a schedule of items from previous years the continuing existence of assets
may be checked to this schedule but where there is none the auditor will have to rely more on
a scrutiny of the cashbook for any large unexplained receipts and management
representations.
At the end of the day the auditor may well conclude that there is material uncertainty as to
the existence and valuation of non-current assets and be forced to give an appropriate
qualification in their audit report in that they will not have received all the information and
explanations considered necessary for the purposes of their audit.
Page 143
s
IAS 36 states that tangible and intangible assets should be recorded in the financial
statements at no more than their recoverable amount. In certain circumstances, assets should
be subject to an impairment review:
• Assess whether a review might be necessary from knowledge of the business
• Obtain the clients workings of the impairment loss
• Consider whether they are reasonable and recalculate to ensure they are correct.
• If possible verify new value to documentation such as a valuer’s report.
Intangible non-current assets
These types of assets usually include patents, licences, trade-marks, copyrights, franchises,
development costs and goodwill. All intangibles should be subject to an annual impairment
review.
An intangible asset is an identifiable non-monetary asset without physical substance. The
asset must be controlled by the enterprise as a result of events in the past and something from
which a company expects future economic benefits to flow.
An item should not be recognised as an intangible asset unless it fully meets the definition in
the standard. Internally generated goodwill may not be recognised as an asset.
The following procedures should be carried out by the auditor:
• Prepare analysis of movements of cost and amortisation to test completeness.
• Obtain confirmation of all patents and trademarks held by a patent agent and verify
payment of annual renewal fees for testing rights and obligations.
• For valuation testing, review specialist valuations of intangibles assets considering
qualifications of valuer, scope of work and assumptions and methods used.
• Confirm that balances brought forward represent continuing value.
• Inspect purchase agreements and supporting documentation for intangible assets
acquired in the period and confirm purchases have been authorised
• Verify amounts capitalised of patents developed with supporting costing records
• Review amortisation by checking computations and confirm that rates are reasonable.
Income from intangibles
Review sales returns and statistics to verify the reasonableness of income derived from
patents, trademarks licences etc. and examine audited accounts of third party sales covered by
patent, licence or trademark owned by the company.
Goodwill
Key tests are as follows:
• Agree consideration to a sales agreement,
• Confirm valuation of assets acquired is reasonable,
• Check purchased goodwill is calculated correctly,
• Check goodwill does not include non-purchased goodwill,
Page 144
s
• Ensure management have carried out an annual impairment review and assess whether
their conclusions are reasonable,
• Ensure valuation of goodwill is reasonable reviewing prior years accounts and
discussion with the directors.
Development costs
These costs may be included in the balance sheet only in circumstances specified in IAS 38.
It defines research and development as original and planned investigation undertaken with
the prospect of gaining new scientific or technical knowledge and understanding.
Development is the application of research findings or other knowledge to a plan or design
for the production of a new or substantially, improved materials, devices, products, processes
or systems prior to the commencement of commercial production or use.
Expenditure in research is required to be written off in the year of the expenditure.
IAS 38 states that development costs of a project should be recognised as an asset only when
all of the following criteria are met:
• Completion of the asset will be technically feasible,
• The business intends to complete the asset,
• The business will be able to use or sell the asset,
• The business can demonstrate how future economic benefits will be generated,
• Adequate technical and financial resources are available to complete the development,
• Expenditure attributable to the development of the asset can be measured reliably.
General overheads, costs of inefficiencies and expenditure on training staff to operate the
asset should not be capitalised. Amortisation of development expenditure should not exceed
20 years and an appropriate method should be used.
The development costs of a project should not exceed the amount that is likely to be
recovered from related future economic benefits, after deducting further development costs,
related production costs, and selling and administrative costs directly incurred in marketing
the product. In all other circumstances development costs should be written off in the year of
the expenditure.
The key audit tests largely reflect the criteria laid down in IAS 38:
• Check accounting records to confirm project are clearly defined (i.e. separate nominal
ledger codes) and related expenditure can be separately identified and certified to
invoices timesheets etc.
• Confirm feasibility and viability by examining market research reports, feasibility
studies, budgets and forecasts and consult client’s technical experts.
• Review budgeted revenues and costs by examining results to date, production forecasts,
advance orders and discussion with directors.
• Review calculations of future cash flows to ensure resources exist for completion.
• Review previously deferred expenditure to ensure IAS 38 criteria are still justified.
• Check amortisation so as it starts with production and is charged on a systematic basis.
Page 145
s
Most companies have a policy of write off in the year. With regard to these circumstances,
the auditor should consider whether the profit and loss charge for research and development
is complete, accurate and valid.
The key accounting issues with regard to brands is whether the asset is internally generated
or not. IAS 38 forbids the capitalisation of internally generated assets.
If a brand has been purchased separately, then the auditor should test the value of the brand
according to the sales documentation.
Investments
When auditing investments, the auditor needs to consider the income and the asset.
Investments can fall under the following headings:
• Investments in companies whether listed or unlisted and their income,
• Investment in subsidiary and associated companies,
• Investment properties.
There are a couple of key internal control considerations:
• Authorisation over investment dealings,
• Segregation of duties re the recording and custody roles should be kept separate.
Stockbrokers should not normally be entrusted with the safe custody of share certificates on a
continuing basis since they have ready access to the stock exchange. The auditor should not
therefore rely on a certificate from a broker stating that he holds the company’s securities.
The auditor should carry out the following tests:
• Examine certificates of title and confirm that they are bona fide complete title
documents in the client’s name and free from any charge or lien.
• Examine confirmation from a third party investment custodian and check investments
are in the client’s name and the investments are free from charge or lien.
• Inspect certificates of title held by third parties who are not bona fide custodians.
• Inspect blank transfers and letters of trust to confirm client owns nominee shares.
• Review minutes and other statutory books for evidence of charging and pledging.
• Verify purchases to agreements, contract notes and correspondence.
• Confirm purchases were authorised.
• Check with appropriate financial data suppliers that all reported capital changes, bonus
or rights issues have been correctly accounted for during the year.
• Verify disposal with contract notes and sales agreements.
• Check whether investments disposals have been authorised.
• Confirm that profit or loss on sale of investments have been correctly calculated taking
into account, bonus issue of shares, consistent basis of identifying cost of investment,
rights issues, accrued interest, taxation.
• The auditor should establish that the company’s policy on valuing investments has been
correctly applied and is consistent with previous years.
• Confirm the value of listed investments by reference to stock exchange listings.
Page 146
s
• Review accounts of unlisted companies and assess the net assets value of the shares and
the value of the investment and ensure that it is reasonable.
• Check that no substantial fall in the value of the investments has taken place.
• Check whether the current asset investments are included at the lower of cost or net
realisable value.
Investment income
The basis of recognising investment income may vary from company to company particularly
for dividends. Credit may be taken only when received, when declared or taken only after
ratification of the dividend by the shareholders in general meeting. Whichever is the basis, a
consistent one must be applied from year to year.
The auditor will be concerned with completeness, occurrence and measurement. To address
these issues he should:
• Check that all income due has been received by reference to financial statements for
unlisted companies and other available financial data.
• Review investment income account for irregular or unusual entries.
• Ensure that the basis of recognising income is consistent with previous years.
• Compare investment income with prior years and explain any significant fluctuations.
• Obtain a statement reconciling the book value of the listed and unlisted investments at
the last balance sheet date and the current balance sheet date.
• Ensure that the investments are properly categorised in the financial statements into
listed and unlisted.
Investment properties
IAS 40 sets out the criteria for the validity of an investment property. It is property, whether
land or buildings, held rather than for use in the ordinary course of business.
There are different standards applicable depending on the type of the property:
• Property held for sale in ordinary course of business – IAS 2 inventories
• Property being constructed on behalf of third parties - IAS construction contracts
• Owner occupied property - IAS 16 property plant and equipment
• Property being constructed for future use as investment property - IAS 16 until
construction or development is completed, then treat as an investment property.
The auditor should do some substantive testing:
• Verify rental agreements, ensuring that occupier is not a connected company and that
the rent has been negotiated at arm’s length.
• If the building has recently being built, check the architects certificate to ensure that the
construction work has been completed.
• IAS requires that investment properties either be held at cost or at fair value. The
auditor should verify this to a valuer’s cert., as professional valuation is encouraged
under the IAS.
• The auditor should seek to verify the cost to appropriate evidence such as purchase
invoice, or if self constructed, costing records, payroll etc.
• The auditor should review the disclosures made in the financial statements in relation to
investment properties to ensure that they have been made appropriately, in accordance
with IAS 40.
Page 147
s
C. LIABILITIES
The audit objectives for liabilities are completeness, rights and obligations and existence.
Liabilities must always be tested for understatement.
Leases
The classification of a lease can have a material effect on the financial statements.
There are two main types of leases, finance leases and operating leases.
IAS 17 defines a lease as an agreement whereby the lessor conveys to the lessee in return for
a payment or series of payments the right to use an asset for an agreed period of time.
A finance lease is a lease that transfers all the risks and rewards of ownership of an asset.
Title may or may not eventually be transferred.
An operating lease is a lease other than a finance lease.
The standard requires that a finance lease should be recorded in the balance sheet of a lessee
as an asset and as an obligation to pay future lease payments. At the inception of the lease
the sum to be recorded both as an asset and a liability should be the fair value of the leased
property or if lower, the present value of the minimum lease payments.
It also requires that the rentals under an operating lease should be written off as an expense
on a straight-line basis over the term of the lease even if the payments are not made on such a
basis, unless there is another rational basis that is justified in the circumstances.
If the lease is a finance lease, the balance sheet will show substantial assets and liabilities.
The overall net effect would be marginal but the balance sheet will be materially different if
the lease was an operating lease.
The following audit procedures are relevant;
• Obtain a copy of the lease agreement and review it for the correct classification.
• Obtain the client’s workings in relation to finance leases.
• Check the additions and calculations of the workings
• Ensure the interest has been accounted for in accordance with the standard.
• Agree the opening the position to previous year’s audit file.
• Verify the lease payments in the year to the bank statements.
• The auditor should ensure the lease has been properly disclosed.
Deferred taxation
The auditor should review the movement on the deferred tax provision. Deferred tax is
accounted for under IAS 12, income taxes, and is defined as:
Deferred tax liabilities are the amounts of income taxes payable in future periods in respect
of taxable temporary differences.
Deferred tax assets are the amounts of the income taxes recoverable in future periods in
respect of deductible temporary differences, unused tax losses and credits carried forward.
Page 148
s
Temporary differences are differences between the carrying amount of an asset or liability
in the balance sheet and its tax written down value. All taxable temporary differences give
rise to a deferred tax liability and all deductible temporary differences give rise to a deferred
tax asset.
Deferred tax is the tax attributable to timing differences. A company saving tax in the current
period by having accelerated capital allowances should have a provision for the tax charge in
the balance sheet.
The provision is essential because over the life of the asset the tax allowances will reduce
until the depreciation in the accounts is higher than the allowances. This will result in taxable
profits being higher than reported profit and the company will suffer higher tax in this period.
The provision may be material depending on the company’s future investment plans and
therefore the extent to which the tax liability will crystallise.
There is a degree of estimation involved in the deferred tax provision. Therefore the auditor
should approach his work bearing in mind that this is an area that could be manipulated by
the directors. A deferred tax charge appears on the profit and loss account before dividends
even if it is not actually paid.
The following audit procedures will be relevant:
• Obtain the deferred tax workings and the corporation tax computations.
• Check the accuracy of the workings on deferred tax.
• Agree the source figures for timing differences to tax computations and financials.
• Discuss the assumptions made about future events with the directors.
• Consider the assumptions made in the light of your knowledge of the business and any
other evidence gathered during the course of the audit to ensure reasonableness.
• Agree the opening position of deferred tax to prior year financial statements.
• Review the basis of the provision to ensure that it is in line with accounting practice is
suitably comparable to practice in previous years and any changes in accounting policy
have been disclosed.
Provisions and contingencies
A provision should be accounted for as a liability. Contingencies should be disclosed. The
auditor needs to ensure there has been correct classification according to IAS 37: provisions,
contingent liabilities and contingent gains.
IAS 37 defines a provision as a liability of uncertain timing or amount.
A liability is a present obligation of an enterprise arising from past events, the settlement of
which is expected to result in an outflow from the enterprise.
An obligation is an event that creates a legal or constructive obligation that results in an
enterprise having no realistic alternative to settling that obligation.
A legal obligation derives from a contract through its explicit or implicit terms, legislation or
some other operation of law.
Page 149
s
A constructive obligation derives from established patterns of past practice or published
policies through which a valid expectation is created on the part of another party.
A contingent liability is a:
• possible obligation that arises from past events and whose existence will be confirmed
only by the occurrence or non-occurrence of one or more uncertain future events not
wholly within the control of the enterprise or
• a present obligation that arises from past events but is not recognised because it is not
probable that an outflow of resources will be required to settle the obligation or the
amount of the obligation cannot be measured with sufficient reliability.
A contingent asset is a possible asset that arises from past events and whose existence will
be confirmed only by the occurrence or non-occurrence of one or more uncertain future
events not wholly within the control of the entity.
Provisions and contingent liabilities:
Under IAS 37, an entity should not recognise a contingent asset or a contingent liability.
However, if it becomes probable that an outflow of future economic benefits will be required,
then a provision should be recognised. A contingent asset should not be accounted for unless
its realisation is virtually certain. If an inflow of economic benefits has become probable, the
asset should be disclosed.
• Where there is a present obligation that probably requires an outflow of resources, then
a provision should be recognised and disclosed.
• Where there is a possible or present obligation that may, but probably will not, require
an outflow of resources then no provision should be recognised but disclosures are
required for the contingent liability.
• Where there is a possible or present obligation where the likelihood of an outflow of
resources is remote, then no provision is recognised and no disclosure is required.
A contingent liability also arises in the rare case where there is a liability that cannot be
recognised because it cannot be measured reliably. Disclosures are required in this instance.
Contingent assets
• Where the inflow of economic benefits is virtually certain, the asset is not contingent.
• Where the inflow of benefits is probable but not virtually certain, then no asset is
recognised but disclosures are required.
• Where the inflow is not probable, then no asset nor disclosures are recognised.
Examples of contingencies disclosed by companies are guarantees for other group companies,
staff pension schemes, completion of contracts, discounted bills of exchange, law-suits or
claims pending and options to purchase assets.
Obtaining audit evidence of contingencies
The auditor should carry out audit procedures in order to become aware of any litigation and
claims involving the entity, which may result in a material misstatement of the financial
statements. Such procedures would include the following:
Page 150
s
• Make appropriate inquiries of management including obtaining representations.
• Review minutes of management meetings and correspondence with the
solicitorsExamine legal expense accounts.
• Use any information obtained regarding the entity's business including information
obtained from discussions with any in-house legal department.
When the auditor assesses a risk of material misstatement regarding litigation or claims that
have been identified or when the auditor believes they may exist, the auditor should seek
direct communication with the entity's legal counsel.
This will help to obtain sufficient appropriate audit evidence as to whether potential material
litigation and claims are known and management’s estimates of the financial implications,
including costs are reliable.
The letter, which should be prepared by management and sent by the auditor, should request
the entity's legal counsel to communicate directly with the auditor. When it is considered
unlikely that the entity's legal counsel will respond to a general inquiry, the letter would
ordinarily specify the following:
• A list of litigation and claims
• Management's assessment of the outcome of the litigation or claim and its estimate of
the financial implications, including costs involved.
• A request that the entity's legal counsel confirm the reasonableness of management's
assessments and provide the auditor with further information if the list is considered by
the entity's legal counsel to be incomplete or incorrect.
The auditors must consider all matters up to the date of their audit report so further contact
may be necessary with the solicitor. This can only take place with the permission of
management and may be required where a disagreement/complex matter arises.
If management refuses to give the auditor permission to communicate with the entity's legal
counsel, this would be a scope limitation and could lead to a qualified/disclaimer of opinion.
Where the entity's legal counsel refuses to respond in an appropriate manner and the auditor
is unable to obtain sufficient appropriate audit evidence by applying alternative audit
procedures, the auditor should consider whether there is a scope limitation that may lead to a
qualified opinion or a disclaimer of opinion
Other audit tests that should be carried out on provisions and contingencies are as follows:
• Obtain details of all provisions that have been included in the accounts and all
contingencies that have been disclosed.
• Obtain a detailed analysis of all provisions showing the yearly movements.
• Determine for each material provision whether the company has a present obligation as
a result of past events by review of correspondence and discussion with directors.
• Determine for each material provision whether it is probable that a transfer of benefits
will be required to settle the obligation by checking whether any payments have been
made in the post balance sheet period in respect of the item and review of
correspondence with solicitors, banks, customers insurance company and suppliers.
Page 151
s
• Recalculate all provisions made and assess their reasonableness.
• Compare the amount provided with post year-end payments and with any amount paid
in the past for similar items.
• In the event that it is not possible to estimate the amount of the provision, check that
there is disclosure in the accounts.
• Consider the nature of the client’s business; for example would you expect to see any
other provisions such as warranties.
• Consider the adequacy of disclosure of provisions and contingencies.
D. INCOME
Revenue recognition is an important issue and measurement is the key audit objective.
IAS 18 covers revenue from specific transactions or events:
• Sale of goods,
• Rendering of services,
• Interest, royalties, dividends.
Revenue is the gross inflow of economic benefits during the period arising in the course of
the ordinary activities of an enterprise when those inflows result in increases in equity other
than increases relating to contributions from equity participants.
Fair value is the amount for which an asset could be exchanged, or a liability settled,
between willing parties in an arm’s length transaction.
Accounting treatment of Income
Income should be measured at the fair value of consideration received, net of trade
discounts/volume rebates. It is the norm to identify income related items usually as a whole,
but you may need to break the transaction down into its components parts or put separate
transactions together to obtain commercial meaning.
Sale of goods
An enterprise should only recognise income in relation to the sale of goods when:
• Significant risks and rewards of ownership of goods are transferred,
• There is no continuing managerial involvement over goods,
• Revenue can be measured reliably,
• It is probable that economic benefit will flow to an enterprise,
• Costs incurred can be measured reliably.
Rendering of services
An enterprise should recognise revenue of services depending on the stage of the completion
of the transactions. The outcome can only be reliably estimated when:
• Revenue can be measured reliably,
• Probable economic benefits will flow to enterprise,
• Stage of completion at balance sheet date can be measured reliably,
• Costs incurred can be measured reliably. Reliable estimates will only be possible when
each party’s enforceable rights and the terms of settlement have been agreed.
Page 152
s
Interest, royalties and dividends
Interest is the charge for the use of cash/cash equivalents or amounts due to the enterprise.
Royalties are charges for the use of long-term assets of the enterprise such as patents,
computer software and trademarks.
Dividends are distributions of profits to holders of equity investments, in proportion with
their holdings, of each relevant class of capital.
Revenue should be recognised when it is probable that economic benefits will flow to
enterprise and the revenue can be measured reliably.
Interest should be recognised on a time proportion basis, Royalties on an accruals basis or per
agreement and Dividends when shareholders gain right to receive payment.
Disclosure
There should be disclosure of the accounting policy, the amount of each significant category
of income and any contingent gains or losses.
Revenue is normally audited by analytical review. This is because revenue is predictable and
there are good sources on which to base analytical review such as last year’s accounts and the
existence of logical relationships with items such as inventory and receivables.
Revenue recognition can be influenced by whether you are acting as a principal or as an
agent. In the latter, you will only recognise the commission.
Government grants and assistance (IAS 20)
These payments can take the form of grants relating to assets or income.
Government assistance is action by government designed to provide an economic benefit
specific to an enterprise or range of enterprises qualifying under certain criteria.
They can be in the form of resources in return for past or future compliance with certain
conditions relating to the operating activities of an enterprise.
Grants related to assets are those whose primary condition is that an enterprise qualifying
for them should purchase, construct or otherwise acquire long-term assets. Conditions may
also be attached restricting the type, location, or periods acquired or held.
Grants related to income are grants other than those related to assets.
Forgivable loans are where repayment is waived under certain prescribed conditions.
Accounting treatments:
• Recognise grants/forgivable loans once conditions are complied with and receipt/waver
is assured.
• Recognise grants as income to match them with related costs.
• Use a systematic basis of matching over the relevant period.
• Recognise grants for depreciable assets as income on same basis as asset is depreciated.
• Where related costs are incurred the grant may be recognised as income immediately.
• A grant in the form of a non-monetary asset may be valued at fair value.
Page 153
s
• Grants related to assets may be presented in the balance sheet either as a separate credit
or deducted in arriving at the carrying value of the asset.
• Grants related to income may be presented in the income statement either as a separate
credit or deducted from the related expenses.
Disclosure:
There should be disclosure of the accounting policy, the nature and extent of government
grants and other forms of assistance received.
The auditor should carry out some of the following procedures:
• Obtain grant documentation and ensure correct classification as either revenue or
capital.
• The value may be agreed to documentation such as a grant letter.
• The receipt of the grant can be agreed to bank statements.
• The auditor should consider whether the basis of accounting is comparable to the
previous year, discuss the basis of accounting with the directors to ensure that the
method used is the best method.
• Ensure that any changes in accounting methods are disclosed.
E. EXPENSES
Borrowing costs may sometimes be capitalised as part of an asset.
IAS 23 deals with the treatment of borrowing costs. It is often associated with the
construction of or self constructed assets but can also be applied to an asset purchased that
takes time to get ready for use and/or sale.
Borrowing costs are interest and other costs incurred by an enterprise in connection with the
borrowing of funds.
A Qualifying asset is an asset that may take a substantial period of time to get ready for its
intended use or sale.
Accounting treatments:
• Recognise borrowing costs as an expense in the period incurred or
• Capitalise as part of the cost of an asset if they are directly attributable to
acquisition/construction/production. Other borrowing costs must be expensed.
• The amount of borrowing costs available for capitalisation are actual borrowing costs
incurred less any investment income from temporary investment of those borrowings.
• Capitalisation is suspended if active development is halted for extended periods.
Temporary delays do not cause suspension.
• Capitalisation ceases when physical construction of the asset is completed.
Capitalisation should cease when each stage or part is completed.
• Where the carrying amount of the asset falls below cost, it must be written down/off.
Disclosure
There should be disclosure of the accounting policy, the amount of borrowing costs
capitalised during the period and the capitalisation rate used to determine borrowing.
Page 154
s
Audit procedures
The interest can be audited by analytical review as it has a predictable relationship with loans
such as bank loans or debentures.
Alternatively, it can be verified to payment records, bank statements and loan agreement
documentation.
Where borrowing costs are capitalised the auditor should:
• Agree interest payments made to statements from lenders and /or bank statements.
• Ensure interest is directly attributable to construction.
F. DISCLOSURES
The auditor must ensure disclosures in the financial statements are fairly stated.
Segment reporting
IAS 14 defines a business segment as a distinguishable component of an enterprise that is
engaged in providing an individual product or service or a group of related products or
services and that is subject to risks and returns that are different from those of other business
segments. Factors to be considered in determining whether products and services are related
include:
• The nature of the products or services or the production processes,
• The type or class of customer for the products or services,
• The methods used to distribute the products or provide the services,
• The nature of the regulatory environment such as banking, insurance or public
entities.
Factors that should be considered in identifying a geographical segment include:
• Similarity of economic and political conditions,
• Relationships between operations in different geographical areas,
• Proximity of operations,
• Special risks associated with operations in a particular area,
• Exchange controls regulations,
• Currency risks.
The following audit procedures are relevant:
• Obtain a schedule of turnover workings,
• Discuss with management the basis for the segmentation,
• Verify a sample of items to source documentation to ensure disclosure is correct.
Earnings per share
Accounting for earnings per share is governed by IAS 33. It requires that companies of a
certain size disclose their earnings per share for the year. This is the profit in Rwandan Franc
attributable to each share.
Page 155
s
While the size of the figure is unlikely to be a material amount, it is a key investor figure and
as a result will be material by its nature.
The auditor must consider two issues:
• Whether EPS has been disclosed on a comparable basis to the prior year and have any
changes in accounting policy been disclosed and
• Whether it has been correctly calculated.
The audit procedures are as follows:
• Obtain a copy of the client’s workings. If a simple calculation has been used this can
be checked by doing a calculation on face of the profit and loss.
• Compare the calculation with prior years to ensure that the basis is comparable.
• Discuss the basis with the directors. If it has changed, assess whether it is the best
basis for the accounts this year and that changes have been adequately disclosed
Discontinued operations
IFRS 5 requires that certain disclosures be made for discontinued operations on the face of
the income statement or in the notes. This is likely to be material due to size and a possible
shift in management policy or a major change in focus of operations. This information is of
interest to shareholders.
The auditor must be aware of the implications of IFRS 5 for the financial statement at all
stages of the audit whether planning stage, during substantive testing or at the review stage,
particularly in terms of the going concern assumption.
To audit whether the disclosures have been made correctly, the auditor should:
• Discuss the disclosure with management to ensure that IFRS have been correctly
applied,
• Review minutes and correspondence to ascertain details of discontinued operations,
• Obtain a copy of the client’s workings to disclose the discontinued operations,
• Review the workings to ensure figures are reasonable and agree to the financials,
• Trace sample of items disclosed as discontinued items back to source documentation.
Cash flow statements
Cash flows are accounted for under the provisions of IAS 7. The cash flow statement is
essentially a reconciliation exercise between items on the profit and loss account and the
balance sheet.
The cash flow statement is usually audited by the auditor reproducing it from the audited
figures in the financial statements. This is facilitated by the use of computer systems.
The cash flow statement may indicate going concern problems due to liquidity failings
overtrading and over-gearing. As the statement is an historical document it is therefore
unlikely to be the first indicator of such going concern issues.
Page 156
s
Question 10.1
The following is the draft balance sheet of EGN Ltd for the year ended 31 Jan 2010.
2010
2009
RWF
RWF
Non-current assets
Development expenditure
70,000
-
Property plant and equipment
100,000
75,000
Investments
80,000
105,000
250,000
180,000
Current assets
Inventory
55,000
60,000
Receivables
190,000
150,000
Cash at bank and in hand
5,000
90,000
250,000
300,000
500,000
480,000
Capital and reserves
Share capital
80,000
80,000
Share premium account
12,000
12,000
Revaluation reserve
20,000
10,000
Accumulated profit
38,000
78,000
150,000
180,000
Non-current liabilities
Provision for liabilities and
charges
60,000
47,000
Deferred tax
4,000
3,000
Current liabilities
286,000
250,000
500,000
480,000
EGN Ltd produces garden furniture and has incurred expenditure during the year on the
development of mouldings for a new range of plastic garden furniture. The directors wish to
carry forward on the balance sheet the development expenditure indefinitely as they feel the
company will benefit from the new mouldings for many years to come. The mouldings are
being developed because the current range of garden furniture is no longer competitive.
The company sold much of its non-current assets during the year and purchased new plant
and equipment which will enable it to increase its productivity. The directors decided not to
seek external finance for their development project. Instead, it was decided to generate the
resources internally by taking extended credit from its suppliers and utilising its funds held at
the bank. The company also sold some of its investments, including some shares of public
limited companies.
One of the reasons for financing the development expenditure internally was that the
company already has an outstanding loan of RWF45k which has been included in the current
liabilities. This loan is secured on the non-current assets of the company and is repayable
over ten years. The sale of non-current assets and investments did not yield as much as was
Page 157
s
hoped for and a loss on sale of RWF1.2k has been included in the profit and loss as part of
the amount shown for “other expenses”.
A gain on the revaluation of non-current assets has been credited to the revaluation reserve
after a professional valuer revalued the non-current assets.
The directors increased the proposed dividend as they felt that the shareholders should share
in the gain on the revaluation. The directors control over 90% of the shares.
You are required to:
1. Detail the audit tests the auditor would carry out to verify the value attributed to
development expenditure in the balance sheet.
2. List the audit procedures which should be carried out to verify the gain arising on the
revaluation of non-current assets.
3. Explain why development expenditure should not be carried forward indefinitely in
the balance sheet, and describe the circumstances in which costs can be deferred.
4. Describe the implications for the company and the auditors of the decision to generate
internally the funds required for the development of the new mouldings.
Question 10.2
ACE manufactures football kits. It has contracts with a number of premiership teams and it
also produces unbranded football kit which it sells to a number of wholesalers.
The profit before tax for the year ended 30 June 2010 is RWF1.5m (RWF4.0m 2009). You
are the audit manager and today you have visited the client’s premises to review the work of
the audit team. The audit senior has drafted the following points for your attention.
ACE is seeking to enter the market in women’s leisure clothes and so during the year it
purchased 35% of the share capital of Ladies LTD at a cost of RWF800k.
During the year a major competitor emerged in the branded football kit market. Two of the
contracts with premiership clubs which came up during the year have not been renewed. A
number of key personnel within the company have also been headhunted by this competitor.
Legislation was passed in Dec 2009 to adjust the seats at which operators sit. It required the
seats to be adjusted by April 2010. The company has not yet carried out any of this work.
Also in April 2010, the government increased the national minimum wage. It should be
noted 5% of the company’s employees receive less than the minimum wage.
As the audit manager comment on the matters you would consider and state the evidence you
would like to see during your review of the working papers and the financial statements.
Page 158
s
BLANK
Page 159
s
Study Unit 11
Audit Related and Assurance Services
Contents
A.
Audit Related Services
B.
Assurance Engagements
C.
Risk Assessments
D.
Performance Management
E.
Systems Reliability
F.
Electronic Commerce
G.
Forensic Audits
H.
Whistleblowing
I.
Sample Questions
Page 160
s
AUDIT RELATED AND ASSURANCE SERVICES
A. AUDIT RELATED SERVICES
Reviews
The objective of a review is to enable an auditor to state whether (on the basis of procedures
which do not provide all the evidence that would be required in an audit), anything has come
to his attention that causes him to believe that the financial statements are not prepared, in all
material respects, in accordance with an identified financial reporting framework.
Two types of review assignments:
• An attestation engagement where a given assertion is either correct or not e.g. a
review of interim financial information. In such an engagement, the auditor is being
asked to attest assertions made such as whether the accounting policies used are
consistent with those used in prior years or whether there are material modifications
necessary to the interim financial information.
• A direct reporting engagement where an accountant reports on issues that have
come to his attention during the course of his review e.g. due diligence engagement.
This is a review of the accounts and systems of a target company in the event of a
prospective business purchase.
In a review engagement, the auditor relies more heavily on procedures such as enquiry and
analytical review than on detailed substantive testing.
• Lower level of assurance than for an audit so these tests are sufficient due to lower
risk.
• Such techniques provide indicators to direct work to risk areas and from which to
draw conclusions and they are quick and therefore cost effective.
Many of the requirements for reviews are similar to the requirements of an audit because a
review is similar to an audit; such as the need to plan, obtain knowledge of the business,
materiality requirements, using the work of others, document important matters, apply
judgments and extend procedures if material misstatements are suspected.
Negative assurance is given on review assignments. The auditor assesses the conclusions
drawn from the evidence obtained as the basis for the expression. In effect, the auditor is
saying that something is reasonable because there is no reason to believe otherwise.
When no matters have come to the attention of the auditor, he should give a clear expression
of negative assurance in his reports.
If matters have come to his attention, he should describe those matters. They may be
material. In this case the auditor should express a qualified opinion of negative assurance.
If the matter is pervasive, he should express an adverse opinion that the financial statements
do not give a true and fair view.
Page 161
s
If the auditor feels there is a limitation in the scope of the work he intended to carry out for
the review, he should describe the limitation in his report. If it is material to one area, the
auditor should express a qualified opinion of negative assurance due to amendments which
might be required if the limitation did not exist. If it is pervasive, the auditor should not
provide any assurance at all.
Agreed upon procedures
An agreed upon procedures engagement is where an auditor is engaged to carry out
procedures of an audit nature and to report on factual findings. The procedures are agreed
between the auditor and the entity and any appropriate third parties. The readers of the
report must form their own conclusions, but it is restricted to those parties that have agreed
to the procedures to be performed. Other readers unaware of the agreed procedures may
draw incorrect conclusions from the results.
Accepting appointment
The auditor should ensure that those who will receive copies of the report of factual findings
have a clear understanding of the agreed procedures and the conditions of the engagement.
Carrying out procedure
As in the case of reviews, the auditor should plan the assignment and should carry out the
agreed procedures. He should document the process and all findings.
Reporting
The report of factual findings should contain:
• Title and address, ordinarily the client who engaged the auditor,
• Identification of specific information to which the agreed procedures have been
applied,
• A statement that procedures performed were those agreed upon with the recipient,
• A statement that the engagement was performed in accordance with the international
standards on auditing applicable to agreed procedures engagements, or with relevant
national standards or practices,
• Where relevant, a statement that the auditor is not independent of the entity,
• Identification of the purpose for which the agreed upon procedures were performed,
• A listing of the specific procedures performed,
• A description of the factual findings including sufficient detail of errors and
exceptions,
• A Statement that the procedures performed do not constitute either an audit or a
review and as such no assurance is expressed,
• A statement that if the auditor performed additional procedures like an audit or a
review other matters might have come to light that would have been reported,
• A statement that the report is restricted to those parties that have agreed to the
procedures to be performed,
• Date of the report, auditors address and auditors signature.
Compilations
In a compilation engagement the accountant is engaged to use his accounting expertise rather
than his auditing skill such as preparing accounts and tax returns.
Page 162
s
The contents of such a report are similar to those points listed above.
B. ASSURANCE ENGAGEMENTS
Elements of an assurance engagement
An assurance engagement is one where an accountant evaluates a subject matter that is the
responsibility of another party against suitable criteria and expresses an opinion that provides
the intended user with a level of assurance about the subject matter.
Assurance given
Assurance engagements may give reasonable assurance or limited assurance.
Accepting and continuing appointment
Assurance engagements should only be accepted if the firm meets the requirements of the
code of ethics and ISQC1. The standard requires that accountants ensure that they comply
with the code of ethics and the quality control standard with regard to the assignment.
Agreeing terms
The accountant should agree on the terms of the engagement with the engaging party and
should have this confirmed in writing.
Planning and performing the engagement
The accountant should plan the engagement so that it will be performed effectively. This
involves developing an overall strategy and a detailed engagement plan.
Matters to be considered will include the terms of the engagement, the characteristics of the
subject matter and identified criteria, the engagement process and possible sources of
evidence, understanding of the entity and its environment, risk of material misstatements,
identification of intended users and their need, materiality, components of assurance
engagement risk and personnel requirements including the potential use of experts.
Materiality and engagement risk
The accountant should consider materiality and assurance engagement risk when planning
and performing an assurance engagement. He should reduce assurance engagement risk to an
acceptably low level in the circumstances of the engagement such as the level of assurance
that is anticipated that is reasonable assurance or limited assurance.
Evidence
The accountant should obtain sufficient appropriate evidence, including written management
representations, on which to base the conclusion.
Reporting
The accountant should conclude whether sufficient appropriate evidence has been obtained to
support the conclusion expressed in the assurance report. This report should be in writing
and should have a clear expression of the accountant’s conclusion about the subject matter.
Page 163
s
For a reasonable assurance engagement, an accountant should give a positive expression of
this conclusion. This does not mean that the report should not be modified, it means the
accountant should be able to draw a conclusion on the basis of the evidence gained. This is
in contrast to a negative opinion, given in a limited assurance engagement, where an auditor
gives an opinion as no evidence has been received to the contrary.
C. RISK ASSESSMENTS
Risk assessment is important to investors and managers and therefore is an important area for
assurance services.
Business risks incorporate financial risk, operational risk and compliance risk.
Need for assurance
The risk that the company enters into has a direct impact on the risk of the investment that
anyone purchasing shares in a company or lending money to a company is making.
Interested stakeholders need assurance that the risk taken by the company is acceptable to
them and that the returns that they receive are in accordance with that level of risk.
This has led to corporate governance and internal control effectiveness issues.
Other stakeholders, such as creditors and employees, will also be interested in the
effectiveness of risk management in a company as the ultimate risk is that a business might
fail and their livelihoods could be at risk.
Possible assurance criteria
The criteria by which risk assessment is evaluated will depend on the specific needs of the
company and the user. There are no recognised criteria suitable for evaluation of the
effectiveness of an entity’s risk evaluation. Assurance is likely to be limited to whether
evaluation is carried out rather than the quality of that evaluation.
Responsibility for risk assessment
Directors/management, internal audit and external audit are involved in risk assessment.
It is vital to distinguish between the risk assessment carried out by the auditors and the
directors. The directors are responsible for assessing and then managing the risks arising to
the business, whereas the auditors assess audit risks. Audit risk is the risk that the auditors
make an inappropriate opinion on financial statements. The auditors will consider business
risk as part of their audit risk assessment. They are not responsible for risk management.
Assessing risk
Methods can include SWOT analysis. In practice, risk identification is likely to be done in all
departments of a business. The directors need to determine guidelines for assessing risk in
terms of significance, likelihood of occurrence and capacity to be managed.
Responses to risk
There are several responses that management can take;
• Accept risk, especially if it is low likelihood, low impact.
• Reduce risk by setting up a system of internal control to prevent the risk arising.
• Avoid risk by not entering a market or not accepting certain contracts.
• Transfer risk by taking our appropriate insurance.
Page 164
s
If management choose to accept risk, they must set risk thresholds i.e. determine the level of
risk where they will stop accepting risk and choose one of the other strategies. These
thresholds are important because if the directors or management are reckless with regard to
risk they may be breaching their fiduciary duties.
D. Performance measurement
Companies can gain assurance from performance measurement. It includes a series of
measures within the company designed to ensure that employees are accountable to
management for their performance.
There are benefits to performance measurement:
• It clarifies the objectives of the entity
• It develops agreed measures of activity
• It gives greater understanding of processes
• It facilitates the comparison of performances in different organisations
• It facilitates the setting of targets for the organisation and its managers
• It promotes the accountability of the organisation to its shareholders.
Traditional
The traditional performance measures can be analysed over financial and operational areas:
Financial
The key financial ratios used to measure performance cover profitability, liquidity, gearing
and investment. While relevant to shareholders, they are measures which investors would
expect companies to calculate as a matter of course and also calculate them correctly.
Financial performance could be assessed in further detail for example, by analysis of sales by
product, region, division and assessing timeliness of information, comparisons between the
performance of the company and its competitors or its budget.
Operational
Indicators of operational performance will vary with different businesses. Measures could
include data such as sales per sales person and number of new products launched each year.
Value for money audits
Value for money audits have the following key characteristics:
• Economy
• Efficiency
• Effectiveness
The assessment of economy, efficiency and effectiveness should be part of the normal
process of any organisation, whether public or private. Management should carry out
performance reviews as a regular feature of their control responsibilities. The objectives of a
particular programme or activity need to be specified and understood in order for a proper
assessment of whether value for money has been achieved.
Page 165
s
In a profit seeking organisation, objectives can be expressed financially in terms of target
profit or return.
In non-profit seeking organisation, effectiveness cannot be measured this way as the
organisation has non-financial objectives. The effectiveness of performance needs to be
measured in terms of whether targeted non-financial objectives have been achieved.
Public sector organisations are under considerable pressure to prove that they operate
economically, efficiently and effectively and are encouraged to draw up action plans to
achieve value for money as part of the continuing process of good management.
Value for money is important whatever level of expenditure is being considered.
Economy is concerned with the cost of inputs and it is achieved by obtaining those inputs at
the lowest acceptable cost. It does not mean straightforward cost-cutting because resources
must be acquired which are of a suitable quality to provide services to the desired standard.
Cost cutting should not sacrifice quality to the extent that service standards fall to an
unacceptable level. Economising by buying poor quality materials, labour or equipment is a
false economy and doesn’t lend itself to value for money.
Efficiency means maximising the output for a given input such as maximising the number of
transactions handled per employee. It also can mean achieving the minimum input for a
given output. For example, a department required to pay unemployment benefit will achieve
efficiency by making these payments with the minimum labour and computer time.
Effectiveness means ensuring that outputs of a service have the desired impacts.
Economy, efficiency and effectiveness can be measured with reference to inputs, money and
resources (labour, materials, time) and their cost.
The key stakeholders, shareholders, are likely to be interested in financial information as they
need to know the return they get from their investment. They would be interested in industry
averages and percentages of historic performance.
Shareholders would also be interested in operational ratios. However, customers would be
very interested in such operational information as they demand a quality service. They would
be interested in comparisons with competitors and industry averages.
Company shareholders might be interested in value for money data whereas, in a non-profit
targeted company value for money will be extremely important for interested parties such as
trustees and donors.
E. SYSTEMS RELIABILITY
The reliability of systems of internal control is important for both financial statements and in
general business operations.
The requirement for assurance services in this regard is driven by a requirement for reliable
information for presentation and decision making purposes.
Page 166
s
A fundamental stage of the traditional audit is the assessment of financial systems to ensure
that they are capable of producing quality financial statements. Therefore anyone interested
in information from a business will have an implied interest in assurance on all business
systems and that this is an area which businesses are keen to engage accountants.
Business systems fall into two categories mainly manual and computerised. In the modern
era computerised systems are increasingly important.
Internal control systems
There is a clear distinction between assurance on the design of internal control systems, and
assurance on the operation of the internal control system in accordance with the design.
The process of internal control would include:
• Identify business objectives,
• Assess risks that will threaten those objectives,
• Design internal controls to manage those risks,
• Operate the internal controls in accordance with the design,
• Providing assurance on the operation of the system.
The report arising from such an assignment need not be extensive but it is likely to be
narrative as the accountant would probably include issues such as:
• Isolated control failures,
• Observation about the abilities of staff involved in operating the system of control,
• Potential weaknesses observed which were not contemplated within the design or
relating to the operation of controls.
In providing assurance on the design and operation of the system, the accountant should
consider the design of the system in addressing a set of identified risks and the operation of
the system. Such an engagement will involve significant discussion with management to
establish the desired balance between prevention and detection controls, the balance between
costs and benefits and the importance of specific control objectives.
The level of assurance given by the accountant will depend on several factors including the
nature of the entity, the knowledge of the business, and the scope of the engagement.
Providing assurance on the applicable risks and the design and operation of a system
would involve a high degree of judgement as there are no recognised criteria suitable for
evaluating the effectiveness of an entity’s risk evaluation. This means that accountants are
unlikely to be able to provide a high level of assurance.
Any assessment will need to consider:
• The completeness of the applicable identified risks,
• The probability of a risk crystallising,
• The materiality of the likely impact of the risk,
• The time period over which crystallisation may occur.
Page 167
s
In their report the accountants should outline the business objectives of the entity, a
description of the risk identification process and the applicable risks.
Inherent limitations
Internal control systems have inherent limitations such as the risk of staff collusion in fraud
to override the system. Any assurance report on internal controls should include a mention of
these limitations in order to reduce the risk of an expectations gap.
Reports
It is difficult to issue a standard report for assurance services that are dependent on the scope
and nature of the individual assignment.
Computer systems
A vast number of businesses use computer systems to run their business and produce
financial information. This means that controls that directors are required to put into place to
safeguard the assets of a company are now generally incorporated into computer systems. A
balance must be struck between the degree of control and the requirement for a user friendly
system.
Controls can be classified into:
• Security controls
• Integrity controls and
• Contingency controls
Integrity controls are subdivided into Data integrity and Security integrity.
With data integrity the data is the same in the computer system as it is in source documents
and has not been accidentally or intentionally altered, destroyed or disclosed.
Systems integrity refers to systems operations conforming to the design specification despite
deliberate or accidental attempts to cause it to do otherwise.
Auditors focus on the general and application controls of the systems which relate to security
and policies for data input when carrying out control assessment, whereas it is important to
stakeholders in the company that the system used operates reliably and that risks are
mitigated against.
Key risks include the system being put at risk by a virus or some other fault which spreads
across the system and the system being invaded by an unauthorised user who could affect the
smooth operation of the system or obtain commercially sensitive information. The client
should have contingency plans in the event of a system difficulty.
Need for assurance
It is important to know that the original system is as reliable as could be expected and
whether it is the best system that the company could be using at the given cost. The company
might seek such assurance from its service provider. However, the service provider may not
be objective as they have a vested interest. They are paid to provide a solid system, they will
hardly find fault with it.
Page 168
s
This means that the directors might seek an assurance from its auditors to undertake work to
ascertain if the assertions of the service provider are accurate.
In considering taking on such an assurance engagement, one should ensure that sufficient
skills are available to undertake such procedures.
Systems audit.
Internal control effectiveness is generally assessed by undertaking a systems audit.
An auditor could accept such an assurance engagement outside the audit and to report
specifically on findings.
The key areas to concentrate on to establish the reliability of systems are management policy,
segregation of duties and security.
Management policy
• Is there a written policy for computer systems,
• Is it compatible with policies in other areas,
• Is it adhered to,
• Is it sufficient and effective,
• Is it updated when the systems are updated,
• Does it relate to the current systems?
Segregation of duties
• Is there adequate segregation of duties for data input,
• Are there adequate system controls e.g. passwords to enforce segregation?
Security
• Is there a physical security policy in place such as a locked room and password access,
• Is there data security software such as virus shields?
Reporting
Management should receive information on the effectiveness of their controls systems and
systems reliability. The operations are likely to rely heavily if not completely on computer
systems and if problems arise, operations could be severely affected. Such problems could
include no production, no invoicing or duplicate or omitted invoicing.
Other stakeholders, customers and suppliers will be interested in the reliability of the
company systems as they would not want to deal with ineffective operations.
F. ELECTRONIC COMMERCE
Engaging in e-commerce
A business can engage in e-commerce to a greater or a lesser degree. The greater the
involvement in e-commerce the more risk there is.
• Information provision,
• Transactions with existing customers,
• Access to new customers,
Page 169
s
• New business model.
Business risks
• Risk of non-compliance with law,
• Contractual issues,
• Risk of technology failure and business interruption,
• Determining accounting policies especially revenue may pose problems,
• Impact of technology on the going concern assumption,
• Security risks.
Internal controls issues
Controls over transactions integrity are important as the system will automatically process
transactions that it has captured. It is vital that transactions are processed completely in the
accounting system. The controls over the design and operation of the computer systems will
be important.
Security
There is a more substantial risk of fraud being perpetrated against the company if transactions
are carried out via a website rather than in person. Security is also relevant to the customer
who is inputting sensitive personal data into the computer system.
G. FORENSIC AUDITING
“Forensic Auditing” in general terms is used to describe the wide range of investigative work
which accountants in practice could be asked to perform. The work would normally involve
an investigation into the financial affairs of an entity and is often associated with
investigations into alleged fraudulent activity, including potentially acting as an expert
witness if the fraud comes to trial. It is important to be aware that forensic accountants could
be asked to look into non-fraud situations, such as the settling of monetary disputes in
relation to a business closure or matrimonial disputes under insurance claims. The
investigation is likely to be similar in many ways to an audit of financial information in that it
will include:-
• A Planning Stage,
• Gathering of Evidence,
• Review Process,
• Report to the Client,
Audit evidence is gathered to prove:-
• How long the fraud had been carried out,
• How it was conducted and concealed by the perpetrators,
• The suspect’s motive,
• Whether the fraud involved collusion between several suspects,
• Any physical evidence at the scene of the crime or contained in documents,
• Attempts to destroy evidence.
Page 170
s
H. WHISTLEBLOWING
Definition: “An individual in an organization who makes disclosures in the public interest
about dangerous or illegal activities, in order that the misconduct or perceived misconduct
can be addressed, is a whistleblower”. Whistleblowing can either occur internally within the
employing organization or externally, and should not be used as a method of resolving a
personal complaint or grievance.
Whistleblowing arrangements within an organization should act as a deterrent to:-
• Malpractice,
• Encourage Openness,
• Promote transparency,
• Help protect the reputation of the company and senior management.
Factors to consider about possible misconduct include:-
• Is the concern genuine or might there be an innocent explanation?
• Who is affected?
• Does the organization have a whistleblowing policy?
• Is there legal protection for whistleblowing?
Whistleblowing procedures are important in organisations as it informs those who need to
know about dangerous or illegal activities that affect others and gives them an opportunity to
address the issue. Setting up formal whistleblowing procedures within an organization
strengthens corporate governance and ethics.
Question 11.1
You are the partner in a firm where a major audit client is seeking finance from its bank to
fund the development of a new factory. Market research conducted shows that the extra 30%
production capacity will be sufficient to meet the increased demand for the company’s
product. The financial director has contacted you to inform you that the bank is keen to
obtain a reference from you. The bank is anxious to gain assurance on the company’s ability
to repay the loan and whether their business plan is reasonable. The financial director said
the bank just need the paperwork for their files and assures you that the bank knows that the
company can repay and that they are one of the better clients. Your audit team is about to
commence the audit for the year ended March 2010.
Comment on the matters you would consider in relation to giving such a reference to the
bank.
Question 11.2
The finance director of one of your clients telephoned. He recently attended one of your
firm’s training seminars on the importance of corporate governance. He has told the other
directors in the company the issues discussed at the seminar and they now feel it might be a
good idea to engage the firm to undertake an assurance engagement to assess the risk
management and internal control systems of the company.
Comment on the matters you would consider in relation to accepting and planning such an
engagement.
Page 171
s
Study Unit 12
Internal Audit and Outsourcing
Contents
A.
Internal Audit
B.
Outsourcing
C.
Impact of Outsourcing on an Audit
D.
Sample Questions
Page 172
s
INTERNAL AUDIT AND OUTSOURCING
All businesses, where appropriate, should consider setting up an internal audit function.
Internal audit plays a key role in good corporate governance. There are costs associated with
setting up internal audit so having your own internal audit dept. may not be cost beneficial.
One solution to this is outsourcing.
A. INTERNAL AUDIT
Internal audit provides objective assurance on risk management particularly control risk.
An internal auditor is an employee of or engaged by the company. Therefore, under
company law in certain jurisdictions, the internal auditor is precluded from acting as the
external auditor of a company. External auditors are required by law to belong to a
recognised body, which guarantees their appropriate qualification, adherence to technical
standards and overall competence. The internal auditor on the other hand requires no formal
training.
Unlike the external auditors, who are appointed at the Annual Meeting by the shareholders of
a company, the internal auditor is hired by the management of the company. In turn this
means he can be dismissed by the directors or other senior managers, subject only to normal
employment rights.
The primary objective of the external auditor is laid down by the companies’ acts in the
relevant jurisdiction, whereas the internal auditor’s objectives are dictated by the
management of the company. As a result, management can place limitations on the scope of
the internal auditor’s work. While some of his work may be similar to that of the external
auditor, more of it could relate to areas such as value for money.
Use by an external auditor of internal audit
Before an external auditor uses the work of an internal auditor he should consider:
• The technical training and proficiency of the internal auditor
• The quality control procedures over the review and supervision of internal audit staff
members and appropriate planning and direction
• Whether the internal auditor has gathered sufficient appropriate evidence
• The conclusions reached by the internal auditor based on evidence gathered
• Whether exceptions noted are properly resolved by the internal auditor
The role of internal audit in corporate governance
The traditional role of internal audit was to review controls. For example, “The Turnbull
Report” which was drawn up by the London Stock Exchange for listed companies required
that all risk needed to be managed and this gave internal audit an extended role. Now internal
audit monitors the integrated risk management within a company and reports to the Board.
Key Turnbull guidelines:
• Need for a formal review of the effectiveness of internal control
• Regular review of internal control reports
Page 173
s
• Consider key risks and how they should be managed
• Follow up on the adequacy of remedial action taken
• Assess the monitoring systems
• Conduct an annual assessment of risks and internal control
• Make formal report in company annual report.
Risk management
The responsibility to manage risk in a company rests with the management. They must
identify, control and monitor this risk. The internal auditor is ideally placed to monitor this
risk. He can on a continual process:
• Advise on the optimum design of systems and monitor their operation,
• Advise on improvements required to existing systems,
• Provide assurance on systems set up for various departments.
Types of internal audits
Internal audit can be described as an independent appraisal function established within an
entity for the examination and evaluation of an entities own activities.
In many ways it is an example of an assurance engagement, in that the internal auditor
evaluates and measures specific aspects against set criteria. On the other hand, it can be also
compared to an agreed procedures engagement as the work of the internal auditor is often set
by management.
Compliance audits determine whether employees operate in accordance with the company’s
policies or within relevant laws and regulations. The internal auditor will have a good
knowledge of the company’s policies. This type of audit falls within the definition of an
assurance engagement.
Operational audits look at the processes of the business and check compliance with controls
and also their effectiveness as part of the overall risk management strategy.
The scope of the work is more extensive than that of a compliance audit, although you could
undertake a compliance audit as part of an operational audit. The internal auditor will draw
his own conclusions from the work he does and as such this type of audit falls under the
category of an agreed upon procedures engagement.
Multi site operations
Some organisations such as retail giants have operations in multiple locations. The objective
of an internal audit on any of the sites would be the same but as results will vary from site to
site a different audit approach may be necessary.
Possible approaches include:
• Compliance based audit approach
The locations are checked for compliance with the set procedures and the results are
compared across the locations. You can visit all the locations within a given timeframe
(cyclical approach) or select locations based on the risk attaching to them (risk
approach).
Page 174
s
• Process based audit approach
Specific key business processes are selected and audited. For example in the case of
retail giants, the auditor may look at the cash handling process. Again, the auditor
could either audit all the processes within a given time frame or examine those business
processes which have a higher risk attaching to them.
Practical considerations for the internal auditor
These include which sites to visit and how often. Should they be a surprise visit or a routine
one or should there be a mix.
When deciding on a site to visit, the internal auditor should consider:
• The size of the operation,
• Systems compliance past history,
• Experience of staff at the site,
• Test results past history,
• Management interest in specific sites.
Evaluation of risk
• Probability of undetected material error or fraud occurring
This is influenced by the assessment of the system of internal control (organisation,
segregation, physical controls, authorisation & approval, arithmetic & accounting,
personnel, supervision and management), experience derived from previous audits and
the existence of high risk processes such as cash handling.
• Potential size of error or fraud.
This will be influenced by the relative size of each location in such terms as revenue,
transactions, stock levels and internally generated statistics showing stock losses.
B. OUTSOURCING
This is the contracting out of certain functions within an organisation, the extensiveness of
which will vary from organisation to organisation.
Why do companies outsource:
Financial efficiency
Outsourcing can reduce costs. In addition, by considering outsourcing, you should assess the
process and quantify the cost of your in-house operations. This can lead to better efficiency
through budgeting and cost control over a function or may help to reduce the number of
employees while still maintaining a quality service. Also, outsourcing can have an effect on
the financial statements. For example, by outsourcing the IT function, high capital costs may
be averted thus affecting the face of the balance sheet.
Change management
Change can have a huge impact on staff. Outsourcing helps to reduce the risk of disruption to
work flows. Examples include outsourcing software provision where staff training is
included in the service, and outsourcing the finance function during mergers where different
accounting systems exist.
Page 175
s
Strategy
Outsourcing can help an organisation focus on its core competency. It can also be that boost
to a new technical change or a low risk approach to a new business venture. For example,
outsourcing website development and maintenance when entering into an e-commerce
venture.
What can you outsource
Companies only tend to outsource those functions which are not key competencies and the
extent to how far you want to outsource will affect what you can actually outsource.
Some functions which may not be considered core competencies include accounting, human
resources, facilities management, asset management, IT and cleaning. Within the accounting
function you could break this down to payroll, invoicing, credit control and
management/financial accounts. Within human resources, it can be subdivided into welfare,
health & safety and recruitment. IT can be split between maintenance, project management
and the network management.
The extent to how far you will outsource will depend on the risk involved and the control
which you want to maintain. There are less risk and control issues in outsourcing cleaning
that the entire accounting functions, unless you run a hospital!!
Advantages and disadvantages of outsourcing
Advantages
• Cost savings and better cost control,
• Availability of specialist services which may not exist in-house,
• Indemnity in the event of problems,
• Cash flow timing in that services are generally a flat fee.
Disadvantages
• Loss of control over the function,
• Initial cost may be substantial especially in the case of closing a dept.,
• Potential employee problems where there may be redundancies,
• Contracts need to be managed ,
• Problems with contract may lead to costs outweighing the benefits.
Outsourcing Internal audit
You might outsource internal audit as it is rarely seen as a core competency. In addition,
there are problems in setting up an internal audit function:
• Cost of recruiting staff with sufficient skill and qualification,
• Managing a specialist group without the appropriate quality of management,
• Time frame between set up and effective results can be wide,
• Organisation may not warrant a complete division or persons with skills varieties.
Advantages
• No need to recruit, service provider will have appropriate staff with specialist skill.
• Internal audit function up and running immediately.
Page 176
s
• Flexible with regard to duration of specific projects or team size.
Disadvantages
• Using the same firm as that of the external auditor may cause problems.
• The cost may be high and could result in no internal audit function at all.
Outsourcing finance functions
Advantages
• Specialist skills and expertise in the pensions, IT, due diligence and taxation areas.
• Quality service with redress to legal compensation.
• IT can keep pace with on-going technological advances.
• Can provide a safety net for the IT function in the event of a disaster.
Disadvantages
• Logistical difficulties for data processing of large volumes
• Loss of control of key accounting documentation and records although responsibility
remains with management
• Sharing of sensitive personal data such as pensions and payroll.
C. IMPACT OF OUTSOURCING ON AN AUDIT
The impact of outsourcing is dealt with in ISA 402, audit considerations relating to entities
using service organisations.
Some outsourced activities are directly relevant to an audit such as the keeping of accounting
records. Therefore, the auditor should consider his approach to work that is done by the
service organisation.
When a service organisation executes a company’s transactions and maintains accountability,
the company may need to rely on policies and procedures at the service organisation unlike a
situation where a service organisation is limited to recording and processing transactions and
the company retains authorisation and accountability.
In obtaining an understanding of an entity and its environment the auditor should determine
the significance of a service organisation’s activities to the client company and its relevance
to the audit. The auditor needs to consider:
• The nature of the services provided,
• The terms of contract and relationship between the client and the service organisation,
• Client’s controls applied to the transactions processed by the service organisation,
• Client’s controls over identifying and managing risk relating to the service
organisation,
• The service organisation’s financial stability and the possible effect of failure of the
service organisation on the client company,
• Third party reports from service organisations auditors, internal auditors or regulatory
agencies providing information about accounting and internal control systems of the
service organisation and its operations and effectiveness.
Page 177
s
If the auditor concludes that the activities of the service organisation are significant to the
entity and relevant to the audit, the auditor should obtain a sufficient understanding of the
entity and its environment to identify and assess the risk of material misstatements and design
further audit procedures in response to the assessed risk.
Service organisation auditor’s reports
If the client auditor uses the report of a service organisation auditor, he should consider
making inquiries concerning the auditor’s professional competence in the context of the
specific assignment undertaken. When making use of the report, the auditor should consider
the nature and content of that report. He also needs to consider the scope of the work
performed by the service organisation auditor and should assess the usefulness and
appropriateness of reports issued by the service organisation auditor.
The report may be a report on the suitability of design or a more extensive report on
suitability of design and operating effectiveness. The former report will give the auditor
some basic understanding of controls but it would not reduce his assessment of control risk.
The latter report may support a lower risk assessment but the auditor would need to consider
whether the controls tested by the service organisation auditor are relevant to the client’s
transactions and whether the tests of controls and the results are adequate.
The service organisation auditor may be engaged to perform substantive procedures that are
of use to the client auditor. This engagement may take the form of an ‘agreed upon
procedures’ engagement.
When the client auditor uses such a report, no references should be made in the audit report to
the service organisation’s auditor’s report.
Impact on internal audit
The external auditor will be affected by outsourced functions in relation to the financial
statements whereas the internal auditor will be affected by any outsourced function.
Question 12.1
Audit practitioners have recently begun to initiate changes in the audit approach. The
strategy seems to be moving away from the traditional audit of financial statements and more
to the provision of assurances on financial data, systems and related controls. Auditors are
reviewing the business processes utilising benchmarking, performance measurements such as
value for money and best control practices. The audit is moving toward the analysis of
business risk and of being seen to be more of a benefit for management.
Risk assessment services are now part of the audit service of which clients can avail
themselves. The provision of internal audit is becoming a larger part of the business
assurance service offered by auditing firms. The audit is becoming a management
consultancy exercise with internal audit, external audit and consultancy assignments being
seen as complimentary services.
Discuss the implications of the external auditor providing an internal audit service to a client,
explaining the current ethical guidance on the provision of other services to clients. Explain
Page 178
s
the principal effects of the external auditor providing wider assurance to the client. In
addition, critically evaluate the move by large auditing firms to providing business risk and
assurance services rather than the traditional audit assurance for investors and creditors.
Page 179
s
Study Unit 13
Prospective Financial Information
Contents
A.
Reporting on Prospective Financial Information
B.
Accepting an Engagement
C.
Procedures
D.
Expressing an Opinion
E.
Sample Question
Page 180
s
PROSPECTIVE FINANCIAL INFORMATION
Forecasts may be of interest to users more so than historical information. Auditors may carry
out a review or an assurance engagement on these forecasts.
Prospective financial information is based on assumptions about events that may occur in the
future and possible actions by an organisation.
A. REPORTING ON PROSPECTIVE FINANCIAL INFORMATION
It is difficult to give assurance on such information as it is considered highly subjective.
Projections generally relate to capital expenditure, profits and cash flows.
B. ACCEPTING AN ENGAGEMENT
The auditor needs to agree the terms of the engagement with the directors of the company.
He should withdraw from the engagement if the assumptions used are clearly unrealistic.
Before accepting an engagement he should also consider:
• The intended use of the information,
• Will it be general or limited distribution,
• The nature of the assumptions, whether best estimate or hypothetical,
• The elements to be included in the information,
• The period covered by the information,
• Practical matters such as time available and staff experience.
C. PROCEDURES
The procedures adopted by the auditor will include analytical review and verification of
projected expenditure to quotes or estimates.
In carrying out the review attention should be given to:
• The nature and background of the entities business such as recent history, activities,
main products, markets, customers, suppliers, divisions and locations,
• The accounting policies used and whether they have been consistently applied in the
preparation of the projections,
• The assumptions on which the projections are based,
• Whether the projections are based on forecasts regularly prepared for the purposes of
management or specifically for this assignment,
• The degree of accuracy and reliability of previous forecasts and the frequency with
which they are revised,
• Whether the projections represent the best estimate or a desired target,
• How the projections take account of any material extraordinary items,
• How the projection allows for factors which may have a high degree of risk,
• The arithmetical accuracy of all calculations.
Page 181
s
When determining the nature, timing and extent of review procedures, the auditor should
consider:
• The likelihood of a material misstatement occurring,
• His knowledge obtained during previous engagements,
• The competency of management in preparing the projections,
• Any extent to which figures may be effected by management’s judgment,
• The adequacy and the reliability of the underlying data.
The above can be considered general matters. The following considerations will be specific
to the type of assignment that is carried out.
Profit forecasts
• Verify income to suitable evidence such as comparison of projected income on similar
projects or current relevant market prices.
• Verify projected expenditure to suitable evidence such quotations or estimates, current
relevant bills, market rate prices and interest rate assumptions.
Capital expenditure
• Auditor should review for reasonableness and should verify to estimates and
quotations.
• Auditor should compare with other projects as to market values etc.
Cash forecasts
• Auditor needs to pay attention to the timing of cash flows.
• He should review the cash flows for consistency with any profit forecasts.
D. EXPRESSING AN OPINION
The same level of assurance cannot be given for prospective information as can for say a set
of historical financial statements.
It is suggested by ISAE3 3400 (the examination of prospective financial information) that an
auditor should express an opinion to include:
• A statement of negative assurance as to whether the assumptions are reasonable,
• An opinion whether the information is properly prepared having regard to the
assumptions and is presented in accordance with relevant financial reporting,
• Appropriate caveats as to the achievability of the forecasts.
The report itself should also contain
• Title and address,
• Identification of the prospective information,
• A reference to relevant national standards or practices applicable,
• A statement of management responsibility for information and assumptions,
• Date of report, auditor’s address and signature.
3 International Standards on Assurance Engagements
Page 182
s
When the auditor believes that the presentation and disclosure of the prospective financial
information is not adequate, the auditor should express a qualified or adverse opinion or
withdraw from the engagement as appropriate.
When the auditor believes that;
• one or more significant assumptions do not provide a reasonable basis for the
prospective financial information prepared on the basis of best estimate assumption or
• that one or more of the significant assumptions do not provide a reasonable basis for the
prospective financial information given the hypothetical assumptions, the auditor
should either express an adverse opinion in the report or withdraw from the
engagement.
Question 13.1
You are auditing the accounts of an engineering firm which is experiencing going concern
problems.
The company prepares detailed monthly accounts, and you have been given forecasts to
enable you to assess whether the company will be able to continue as a going concern. The
monthly forecasts have been prepared for a 12 month period after the audit year-end. They
include Capital expenditure/disposal forecasts, Profit forecasts and Cash flow forecasts.
Required:
• Briefly explain the term going concern and what is the minimum period you would
expect the engineering company to continue in business for it to be considered a going
concern.
• List the factors which may indicate going concern issues.
Describe the work you would perform to verify the value of items in the forecasts are
reasonable
Page 183
s
Study Unit 14
Assurance and the Audit Function
Contents
A.
Implications for the Company
B.
Implications for the Management
C.
Measuring Social and Environmental Performance
D.
Implications for the Statutory Audit
E.
Implications of Assurance Services
F.
Sample Question
Page 184
s
SOCIAL AND ENVIRONMENT AUDITS
In recent years there has been new legislation which has been implemented to deal with
environmental issues. This has placed additional burdens on companies to comply with the
new legislation. The danger of non-compliance brings the risk of fines and bad publicity.
These are examples of environmental risks now facing companies today.
A. IMPLICATIONS FOR THE COMPANY
We are all aware of the stakeholders in a company such as shareholders, banks, suppliers,
customers, directors and employees. We tend to forget that the environment and society are
also stakeholders in companies. Society encompasses that at international, national and local
levels.
Traditionally, the auditor is only concerned with the shareholders as it is the latter he reports
to on a set of financial statements.
In modern times, employees, the environment and society are linked.
The environment
There are primary and secondary impacts on the environment caused by a company’s
activities. Primary impacts are the processes of a company which are regulated by
environmental legislation. The secondary impacts relate to products of the company and they
are governed by both legislation and consumer influence.
The company can cause harm to the environment in a number of ways such as exhausting our
natural resources and emitting harmful toxins.
Society
Society includes consumers and it is they who will have opinions about environmental
products and will purchase accordingly.
Society is concerned with harm to our natural resources and pollution and waste issues.
The company needs society to buy its products in order that it can stay in business.
Employees
They have a relationship with the company in terms of their own livelihoods and their safety
when at work. They are also a small portion of consumers who will purchase products,
possibly the company’s.
The company needs employees to make their products as well as natural resources.
It will be important for companies to have policies in place in order to satisfy all stakeholders
and to communicate these policies to them.
B. IMPLICATIONS FOR THE MANAGEMENT
Management are responsible for a risk management system. Social and environmental issues
now form part of that risk.
Page 185
s
The specific risks and implications that might arise are:
• Bad publicity arising from customers or legislation issues, resulting in lost sales and
reduced market share. This could lead to future going concern issues.
• Failure to comply with product standards, whether legal or perceived, may lead to lost
sales and fines and/or compensation.
• Health and safety issues that may impact on employee safety, resulting in business
interruption and/or fines/compensation.
• Failure to comply with other employment legislation and company legislation could
lead to fines, compensation or disqualification of directors.
Management controls
Management should put in place controls to mitigate the risks to the business. This will vary
from company to company.
Specific controls may include:
• The wearing of protective clothing and waste disposal procedures in order to comply
with environmental legislation
• Human resources dept. policies and procedures to comply with employment legislation
• Adding social and environmental values to the corporate culture, whether through
implementing a corporate code of setting specific targets for social and environmental
performance.
C. MEASURING SOCIAL AND ENVIRONMENTAL PERFORMANCE
Auditors may provide assurance on whether the management’s assertions about performance
in these areas are fair. Measuring social and environmental performance can be very difficult
though. It is unlikely that there are any useful ratios to use and there is rarely any profit from
social or environmental activities.
One way to measure performance is to set targets and sustainability indicators. You can then
check whether the targets have been met or whether any of the indicators exist.
For example, take an oil production and retailing operation. It will have Social and
environmental issues.
• Using natural resources
• Operating in a heavily environmental legislative area
• Huge number of employees
• Some employees working in risky environments
• Possible human right issues.
The company could set the following targets:
Environmental
• Reduce emissions and spills
• Develop cleaner fuels
Page 186
s
Social
• Reduce work related incidents
• Stop exploiting children
• Pursue equal opportunities for both men and women
The sustainability indicators could include:
• Respect and safeguard all persons,
• Engage and work with all stakeholders,
• Minimise the impact of the company on the environment,
• Use all resources efficiently,
• Maximise profitability,
• Maximise benefits to the whole community.
Some of the targets and indicators can be measured in mathematical terms. However, others
are not specific enough to be measured in that way. It is also difficult to measure the effect of
general principles which a company has attempted to incorporate into its corporate culture.
The company should then report on all these issues to the shareholders. Where possible the
facts included in these reports should be independently verified.
Social audits
Social audits establish whether a company has a rationale for engaging in a socially
responsible activity. It involves identifying that all current environmental programmes are in
line with the company’s goals. It will assess the objectives and priorities relating to these
programmes and will evaluate the company’s involvement in such programmes past, present
and future.
A cultural awareness must exist within a company in order to implement environmental
policies as they require both management and staff support.
Social audits have increased in the United States since the Exxon Valdez incident in Alaska.
Environmental audits
These seek to assess how well a company performs in safeguarding the environment in which
it operates and whether the company complies with its own environmental policies.
The auditor will apply the following procedures:
• Obtain a copy of the company’s environment policies,
• Assess whether such policies are likely to achieve legal standards and satisfy key
customer and/or suppliers criteria,
• Test the implementation and compliance to the policies through discussion with
management, observation of procedures and controls and carrying out walk through
tests where appropriate.
D. IMPLICATIONS FOR THE STATUTORY AUDIT
Social and environmental issues can affect the statutory audit. Risks need to be considered
at the planning stage, impairments and provisions may be required during substantive
Page 187
s
procedures and going concern issues may arise during the review. Social and environmental
issues are important to the audit as they can potentially impact on the financial statements.
As part of planning the audit, the auditor should be aware of any environmental regulations
the entity may be subject to and any key social issues arising during the course of their
operations. The auditor should review the company’s quality control documentation and the
results of any environmental audits carried out.
Examples of the impact of social and environmental matters on the financial statements:
• Provisions re site restoration, fines etc,
• Contingent liabilities,
• Asset values adjusted re impairment or purchased goodwill,
• Capital/revenue expenditure,
• Development costs,
• Going concern issues.
A key risk that arises with regard to valuation is that an asset might be impaired. IAS 36
notes that a significant change in the technological, market, legal or economic environment of
the business in which the assets are employed should trigger an impairment review. It is
possible that a significant adverse change could take place in the legal environment.
The auditor should carry out the following audit procedures to establish whether an
impairment review is necessary:
• Review board minutes for any indications of changes in environmental regulations
• Review relevant trade magazines
• Discuss with management especially those responsible for environmental issues.
Some environmental issues may result in provisions being required such as the clean-up of a
contamination or a potential fine where environmental legislation is broken.
Environmental obligations would be core in some businesses such as the oil and chemical
industries while in others it would not. ISA 250, Consideration of law and regulations in the
audit of financial statements, talks of laws that are central to the company’s ability to carry on
a business. In the case of a business that stands to lose its licence to carry on business in the
event of non-compliance, environmental legislation is central to the business.
E. IMPLICATIONS FOR ASSURANCE SERVICES
Auditors can provide a variety of services in respect of environmental and social issues:
• Internal audit services,
• Review of internal controls and procedures,
• Management letter concerning controls,
• Assurance services.
If directors issue an environmental and social report, it may contain figures and statements
that are verifiable. In addition, the auditor can obtain details of the strategy and ascertain
Page 188
s
how fully it has been implemented by making enquiries of the staff who should be
implementing the strategy.
Question 14.1
Storm is a wind farm company situated on an island along the east coast of Africa. The
company was set up a number of years ago by a millionaire energy fanatic, who is the
majority shareholder and he continues to loan Storm money despite its history of loss
making.
The company owns and operates 15 windmills which are situated on the island. The
windmills are connected to a generator, which mainly supply the major shareholder’s
dwelling on the mainland. A small element is sold to a number of power companies. One of
these companies, Mini power, has a small equity stake in Storm.
Storm has had problems during the year. One windmill has fallen into the sea due to coastal
erosion and three more are not far off suffering a similar fate. In addition, the generator lies
close to a cliff.
Furthermore, during the year Storm invested in a small stake in an oil pipeline which runs
near the island. The co-owners of the pipeline have just advised Storm that they have
discovered a crack in the pipeline.
Required:
• Outline reasons why social and environmental issues are of interest to an external
auditor.
• Comment on the financial implications of the above on the audit of Storm.
Page 189
s
Study Unit 15
Group Audits
Contents
A.
Group Accounting and the Holding Company Auditors
B.
Principal Auditors and Other Auditors
C.
The Consolidation Process
D.
Joint Audits
E.
Auditing Foreign Subsidiaries
F.
Recent Developments
G.
Sample Question
Page 190
s
GROUP AUDITS
A. GROUP ACCOUNTING AND THE HOLDING COMPANY
AUDITORS
The duty of the principal auditor is to report on the group accounts, which include balances
and transactions of all the components of the group.
"Principal auditor" means the auditor with responsibility for reporting on the financial
statements of an entity whose financial statements include financial information from one or
more components audited by another auditor.
"Other auditor" means an auditor, other than the principal auditor, with responsibility for
reporting on the financial information of a component that is included in the financial
statements audited by the principal auditor. Other auditors include affiliated firms, whether
using the same name or not, and correspondents, as well as unrelated auditors.
"Component" means a division, branch, subsidiary, joint venture, associated company or
other entity whose financial information is included in financial statements audited by the
principal auditor.
The principal auditor has sole responsibility for reporting on group financial statements even
where they include amounts derived from accounts that have not been audited by him.
Therefore, he cannot discharge his responsibilities by an unquestioning acceptance of
component company’s financial statements, whether audited or not.
Principal auditors have the right:
• To require from auditors of subsidiaries the information and explanations they require
and
• To require from the principal company the necessary information and explanations
from subsidiaries that they deem necessary.
The principal auditors have all the statutory rights and powers in respect of their audit of the
holding company similar to individual companies.
B. PRINCIPAL AUDITORS AND OTHER AUDITORS
ISA 600, using the work of another auditor, sets out the relevant guidelines to be considered.
When the principal auditor uses the work of another auditor, the principal auditor should
determine how the work of the other auditor will affect the audit.
The auditor should consider whether his own participation is sufficient to be able to act as the
principal auditor. For this purpose the principal auditor should consider:
• The materiality of the portion of the financial statements which he audits,
• His degree of knowledge regarding the business of the components,
Page 191
s
• The risk of material misstatements in the financial statements of the components
audited by the other auditor,
• The performance of additional procedures on the components audited by the other
auditor resulting in the principal auditor having significant participation in such audit,
• The nature of his relationship with the firm acting as other auditor.
Principal auditor’s procedures
When planning to use the work of another auditor, the principal auditor's consideration of the
professional competence of the other auditor should include consideration of the
professional qualifications, experience and resources of the other auditor in the context of the
specific assignment.
The principal auditor should consider the standing of any firm with which the other auditor is
affiliated and also should consider making reference to the other auditor's professional
organisation. The principal auditor's assessment may be influenced by the review of the
previous work of the other auditor.
The principal auditor should perform procedures to obtain sufficient appropriate audit
evidence, that the work of the other auditor is adequate for the principal auditor's purposes, in
the context of the specific assignment. The principal auditor would advise the other auditor
of:
• The independence requirements regarding both the entity and the component and obtain
written representation as to compliance with them;
• The use that is to be made of the other auditor's work and audit report and make
sufficient arrangements for the coordination of their efforts at the initial planning stage
of the audit. He would inform the other auditor of matters such as areas requiring
special consideration, procedures for the identification of inter-company transactions
and the timetable for completion of the audit;
• The accounting, auditing and reporting requirements and obtain written representation
as to compliance with them.
The principal auditor might carry out some of the following procedures:
• Discuss with the other auditor the audit procedures applied,
• Review a written summary of the other auditor's procedures which could be in the form
of a questionnaire or checklist or
• Review the working papers of the other auditor.
The principal auditor may wish to perform these procedures during a visit to the other
auditor.
The nature, timing and extent of procedures will depend on the circumstances of the
engagement and the principal auditor’s knowledge of the professional competence of the
other auditor. This knowledge may have been enhanced from the review of previous audit
work of the other auditor.
The principal auditor should consider the significant findings of the other auditor.
Page 192
s
He may consider it appropriate to discuss with the other auditor and the management of the
component, the audit findings or other matters affecting the financial information of the
component and may also decide that supplementary tests of the records or the financial
information of the component are necessary. Such tests may be performed by the principal
auditor or the other auditor.
Co-operation between auditors
The other auditor, knowing the context in which the principal auditor will use the other
auditor's work, should co-operate with the principal auditor.
For example, the other auditor would bring to the principal auditor's attention any aspect of
the other auditor's work that cannot be carried out as requested. Similarly, subject to legal and
professional considerations, the other auditor will need to be advised of any matters that
come to the attention of the principal auditor that may have an important bearing on the other
auditor's work.
Where the component is a subsidiary, the other auditors may be under a statutory obligation
to co-operate. Where there is no statutory duty but the principal auditor declares his intention
to use the other auditor’s work, then the other auditor may need to obtain permission from his
client to communicate with the principal auditor.
Where such permission is refused, the other auditor should inform the principal auditor so
that the latter can discuss with management what action to take.
It is also possible that the principal auditor may need to communicate matters to the other
auditor but this is subject to the normal rules of confidentiality.
Reporting considerations
When the principal auditor concludes that the work of the other auditor cannot be used and he
has not been able to perform sufficient additional procedures regarding the financial
information of the component audited by the other auditor, the principal auditor should
express a qualified opinion or disclaimer of opinion because there is a limitation in the scope
of the audit.
If the other auditor intends to issue a qualified auditor's report, the principal auditor should
consider whether the subject of the qualification is of such a nature and significance, in
relation to the financial statements of the entity on which the principal auditor reports, that a
qualification of the principal auditor's report is required.
When the principal auditor is satisfied that the work of the other auditors is adequate for the
purposes of the audit, no reference to the other auditors is made in the principal auditor's
report.
The local regulations of some countries permit a principal auditor to base the audit opinion on
the financial statements taken as a whole solely upon the report of another auditor regarding
the audit of one or more components. When the principal auditor does so, his report should
state this fact clearly and should indicate the magnitude of the portion of the financial
statements audited by the other auditor.
Page 193
s
Other aspects
Supporting letters may be necessary from a parent company to a principal auditor in cases
where the subsidiary does not appear to be a going concern. This letter states the intention of
the parent to continue to support the subsidiary, making it a going concern.
Developing countries
Consolidating accounts from a developing country may pose some problems. The basis of
the preparation of the accounts may not be in line with generally accepted accounting
practices and as a result, the principal auditor may not be able to conclude that the accounts
show a true and fair view. This is of particular importance where the differences caused by
the basis of preparation are material to the group.
This problem can be averted by the auditors requesting the directors to restate the accounts.
In addition, the increased convergence of standards worldwide will greatly reduce the risk of
this problem arising.
Control environment and systems
Assessment of the control environment and systems will include the assessment of the overall
group environment. Factors to consider include:
• Organisational structure of the group,
• Level of involvement of the parent company in subsidiaries,
• Degree of autonomy of management of subsidiaries,
• Supervision of subsidiary management by parent company,
• Information systems and information received centrally on a regular basis.
Management representations
When the auditors have responsibility for reporting on group financial statements they should
obtain written confirmation of representations relating to specific matters regarding both the
group financial statement and the financial statements of the parent undertaking.
Examples of specific work carried out by principal auditors in reviewing other auditor’s
work:
Sending a questionnaire to all other auditors requesting detailed information such as:
• An explanation of their general approach,
• Details of the accounting policies of major subsidiaries,
• Their opinion of the subsidiaries overall level of internal control and the reliability of
their accounting records,
• Any limitations placed on the scope of the auditors work,
• Any qualifications and the reasons for them.
Carry out detailed review of the other auditor’s working papers on each subsidiary whose
results materially affect the view given by the group’s financial statements. This review will
enable the principal auditors ascertain whether:
Page 194
s
• An up to date file exists with details of the nature of the subsidiaries business, its staff
organization, its accounting records, previous year’s financial statements and copies of
important legal documents;
• A systems examination has been properly completed, documented and reported to
management after discussion;
• Tests of controls and substantive procedures have been properly and appropriately
carried out and audit programmes properly completed and signed off;
• All other working papers are comprehensive and explicit;
• The overall review of the financial statements has been adequately carried out and
adequate use of analytical procedures have been undertaken throughout the audit;
• The financial statements agree in all respects with the accounting records and comply
with all relevant legal requirements and accounting standards;
• Minutes of board meetings have been scrutinised and important matters noted;
• The audit work has been carried out in accordance with approved auditing standards;
• The financial statements agree in all respects with the accounting records and comply
with all relevant legal and professional requirements;
• The audit work has been properly reviewed within the firm of auditors and any laid
down quality control procedures adhered to;
• Any points requiring discussion with the holding company’s management has been
noted and brought to the principal auditor’s attention;
• Adequate audit evidence has been obtained to form a basis for the audit opinion on both
the subsidiaries financial statements and those of the group.
C. THE CONSOLIDATION PROCESS
After receiving the subsidiaries’ accounts, the principal auditor can audit the consolidated
accounts. An important part of this work will be reviewing the consolidation adjustments
that fall into two categories:
• Permanent adjustments
• Adjustments for the current year
The following audit steps are involved in the consolidation process:
1. Check the transfer of data from the audited accounts to the consolidated schedules;
2. Check the adjustments are appropriate and comparable with the previous year;
3. Record the dates and costs of acquiring subsidiaries and the assets taken over;
4. Calculate goodwill and pre-acquisition reserves arising on consolidation;
5. Check combinations are appropriately treated (acquisition or uniting of interests);
6. If acquisition accounting is used, check that the fair value of acquired assets and
liabilities is reasonable;
7. Check the appropriateness of the date used as the date of combination;
8. Check the treatment of results of investments acquired during the year;
9. Check that the amortisation of goodwill is reasonable;
10. Check for disposals and the appropriateness of the date used as the date for disposal;
11. Consider whether previous treatment of existing subsidiaries is still correct;
12. Review the consolidated accounts for compliance with the legislation, accounting
standards and other relevant regulations;
Page 195
s
13. Review for group companies that do not have coterminous accounting periods or
where subsidiaries are not consolidated or where accounting policies of group
members differ because foreign subsidiaries operate under different rules;
14. Review treatment of participating interests and associates;
15. Review the treatment of intangible assets and foreign currency translations;
16. Review the treatment of loss making subsidiaries;
17. Review the consolidated accounts to confirm they give a true and fair view.
The principal auditors are often requested to carry out the consolidation. In these
circumstances the auditor is acting as an accountant and auditor and care must be taken to
ensure that the audit function is carried out and evidenced as appropriate.
D. JOINT AUDITS
A joint audit is one where two or more auditors are responsible for an audit engagement and
jointly produce an audit report to the client.
The relationship between principal and other auditors is not the same as that between the
auditors involved in a joint audit.
Two or more firms may act as joint auditors for a variety of reasons:
• The holding company may insist that their auditors act jointly with those of the new
subsidiary after a takeover.
• A company operating from dispersed areas may find it easier to have joint auditors to
get around locational problems.
• Political problems of overseas subsidiaries may necessitate the need to employ local
auditors to satisfy the laws of the country.
• Some companies prefer to use local accountants while at the same time having a wider
range of services provided by a large national firm.
Accepting a joint audit
Some points must be borne in mind before accepting a joint audit. It will be necessary to
assess the experience and standards of the other firm. This can be done by reviewing the
audit techniques used, scrutinising their working papers and establishing whether they have
had any experience in similar type jobs.
The auditors should agree whether a joint or separate letters should be sent to the client.
Separate letters would need to be sent to the client where other services are provided.
Once a joint position has been accepted, it will be necessary to discuss the audit plan and the
detailed work programme.
A major criticism of joint audits is that they can be costly. This can be reduced if the two
firms have organised the work between them properly. In addition, an increase in the fees
can be justified by improved services due to more efficient work and a sense of professional
pride.
Both firms must sign the audit report as both are responsible for the whole audit irrespective
of what particular area they carried out the work. Therefore, both firms will be jointly liable
in the event of legal action.
Page 196
s
E. AUDITING FOREIGN SUBSIDIARIES
The auditing of a foreign subsidiary can pose problems for auditors. It is vital that one would
have an appreciation of the features of doing business in the foreign country.
When an auditing firm has a client that owns overseas subsidiaries the client may choose to
have the foreign subsidiary audited by local firms or request that its own auditors undertake
the audit of the foreign subsidiary.
Where local offices audit the foreign subsidiaries, the principal auditor may often undertake
an audit visit to a major foreign subsidiary each year. Some audit firms have an international
network and may be able to use an affiliated partnership to audit the foreign subsidiary.
Some difficulties and possible solutions in auditing foreign subsidiaries would include:
• Difficulties with languages might be overcome by using a member of the office who
speaks the language or the use of a translator.
• Cultural differences can be tackled by the auditors learning about the country.
• Differences in local accounting, auditing conventions and legislation can be overcome
through learning before the audit begins.
• Some countries might have very specific problems such as high inflation or currency
restrictions.
• The subsidiary’s country may have different company laws from the ones the auditor is
familiar with.
• The auditors may face difficulties obtaining the necessary work permit to work within
the country. The auditors should seek help from the client company.
F. RECENT DEVELOPMENTS
A new exposure draft of ISA 600 contains two new definitions referring to a related and
unrelated auditor.
A related auditor is an auditor from the group auditor’s firm or from a network firm who
operates under, and complies with, common monitoring policies and procedures under
ISQC1 and performs work on one or more components for the purpose of group financial
statements.
An unrelated auditor is an auditor other than the group or the related auditor who performs
work on one or more components for the purpose of the group audit of financial statements.
A key requirement is the group auditor must perform work on the significant components of
the group or be involved with the work of other auditors.
Another key issue is what constitutes a significant component. This is a matter of judgment
for the auditor. The ISA suggests a general benchmark of 20% of key value items such as the
group’s assets, liabilities, cash flows, profits or turnover.
Page 197
s
The group auditor must:
• Consider the ethics, professionalism and quality control of the other auditors,
• Ensure the other auditors understand the relevant frameworks,
• Assess the risks of material misstatement at group level,
• Determine materiality levels for the other auditors to use,
• Determine what type of tests other auditors will carry out in response to assessed risks,
• Set out the required work in relation to subsequent events,
• Evaluate the adequacy of the other auditors work,
• Communicate various matters to management of the group.
Question 15.1
ABC has been an audit client of your firm for many years. It is a business which
manufactures soft furnishings. It also has a shop from which it sells its own soft furnishings
and other manufacturers soft furnishings and small items of furniture.
On the first day of the year ending 30 June 2010, ABC Ltd undertook a major reconstruction
of its operations. It set up two subsidiary companies. A Ltd and B Ltd. It then transferred its
trade to those companies. A Ltd took the manufacturing trade and B Ltd took the retail trade.
On the same day, A Ltd entered into a joint venture with its former chief designer. The joint
venture AC designs will provide designs for the soft furnishings manufactured by A Ltd and
will also operate an interior design service, which will be advertised strongly by B Ltd.
ABC Ltd is 100% owned by John Browne, ABC Ltd will charge A Ltd, B Ltd and AC
designs management charges.
The former chief designer, now a 50% shareholder in AC designs is Jackie Browne, John’s
only daughter. They make decisions about AC designs jointly and have agreed that the audit
of AC designs shall be carried out by David Beckham and co. David Beckham is a friend of
Jackie Browne.
Required:
1. Outline the audit planning issues raised by your firm in the above scenario.
2. Briefly state the steps you would carry out to audit a consolidations.
Page 198
s
BLANK
Page 199
s
SOLUTIONS
Solution 1.1
• Every item is not checked. In fact, only test checks are carried out by auditors. It
would be impractical to examine all items within a class of transactions or account
balance. Hence, it is not really possible to give absolute assurance.
• Auditors depend on representations from management and staff. Collusion can
mitigate some good controls such as division of duties. There is always the
possibility of collusion or misrepresentation for fraudulent purposes.
• Evidence gathered is persuasive rather than conclusive. It often indicates what is
probable rather than what is certain.
• Auditing is not purely an objective exercise. Judgements have to be made in a
number of areas. The view of financial statements is itself based on a combination of
fact and judgement.
• The timing of an audit.
• An unqualified audit opinion is not a guarantee of a company’s future viability, the
effectiveness and efficiency of management or that fraud has not occurred.
Solution 1.2
(a) The advantages of having an audit can include the following:
• Shareholders not involved in the management of the company can gain reassurance
from a set of audited accounts about management’s handling of the business.
• Audited accounts are a good reliable source for a valuation of shares in an unquoted
company.
• Banks may review a set of accounts for the purposes of making a loan and assessing
the value of the security on offer.
• Suppliers can use audited accounts to assess the potential strength of a company.
• An audit provides a useful independent check on the accuracy of the accounting
systems and the auditors may also recommend improvements in those systems.
(b) The audit of Mr J Butera’s company is still an exercise designed to express an opinion
on the truth and fairness of the accounts. So the method of undertaking the audit will
be the same as that of Bank of Kigali’s and the same auditing standards will be
applied. However, the auditor must be aware of the different inherent risk in the audit
of a small company and in applying auditing standards. He should consider all the
relevant risks. The audit of a small company is often affected by certain factors
namely the concentration of ownership and management in one person, the
professional relationship between the auditor and the business and the fact that small
audit teams are involved.
(c) The alternative to an audit for a small company is to have a review. Although it is
similar to an audit, a review is designed to give a lower level of assurance. As a
result, the procedures undertaken to express an opinion are less detailed and generally
comprise enquiry and analytical review procedures.
Mr J Butera needs to decide what level of assurance he needs. He needs to assess the
advantages of having an audit which will give a higher degree of assurance and decide
Page 200
s
whether his business actually needs this. Bear in mind that some of the advantages to
an audit will also be given by a review.
Solution 2.1
(1)
There is a threat of self-interest. John has an indirect financial interest in the client.
However, the interest is immaterial to the client or to John. It is a pool of general
investments.
John is a junior member of the team and does not have a significant role in terms of drawing
audit conclusions or highlighting audit risk areas.
The risk to independence is insignificant.
To eliminate all elements of the risk, John could be asked to divest his interest but this seems
inappropriate. Other than that, he could be removed from the audit team. However, such a
step is not vital in this situation.
(2)
Firstly, there appears to be multiple provisions of services leading to a self-interest threat.
However, there is insufficient information to draw a conclusion as regards the significance of
the threat. Need more information in relation to the nature of the services supplied, fee
income and the various team members assigned.
To eliminate the risk, different teams could be assigned to the various assignments. The risk
is likely to be significant only if audit is one of the services provided.
Secondly, a manager on the team wants to engage in a personal relationship with a person
connected to the subject of the assignment. This could give rise to the threat of familiarity or
intimidation.
Paul has a significant role in the team and his love interest is closely connected to key staff at
the target company. The timing of all this is a key issue as it is a one off review.
Presently, Paul has no relationship to threaten the independence of the work. Therefore, you
should request that he hold off his romantic intentions until the assignment is complete. If he
declines the request, then he should be immediately removed from the team.
(3)
Long associations and personal relationships may lead to a risk of familiarity, not to mention
the acceptance of significant hospitality.
The risk here is significant. The assignment is audit but the company is not listed.
In order to mitigate against the risks, invite a second partner to do a review of the audit files
or consider rotating off the audit for a period and let a different partner handle the
engagement for a while.
Page 201
s
Solution 2.2
Independence
It is vital that auditors are, and are seen to be, independent. Independence is the key to the
auditors’ claim to give an impartial, objective opinion on the truth and fairness of a set of
accounts.
Objectivity
A family relationship can substantially affect the objectivity of the audit, so auditors are
advised not to build up close personal relationships with audit clients and should not audit a
company where family members are employed in sensitive roles. In this case, the partner
was not the audit engagement partner and so in line with generally accepted ethical practice,
the firm appeared to be independent as long as the partner had nothing to do with the audit.
Resolution
Given the existence of computer networks and modern communications capabilities, it seems
unlikely that any auditor would not be able to have similar access and influence over a single
audit carried out by a firm as a partner in the locality.
Be seen to be independent
It would appear that the body seems to be concerned about the “seen to be..” section of the
independence requirement. It also seems that they have concerns over whether the public can
make the distinction between an engagement partner and any other partner in the same firm.
Arguably, it is only in publicising the problem that the public are likely to have a perception
at all. In addition, if the public do perceive a problem with independence, moving 400 miles
in this day and age of modern communications is unlikely to convince them otherwise.
Split of firm
The split could enhance the public perception of independence, although there is likely to be
some cynicism such as a marketing ploy or shifting the profile of the non-audit divisions for
capital raising purposes.
Page 202
s
Solution 2.3
(a) The problems with an audit partner becoming FD of the firm’s client are:
• He will have detailed knowledge of the audit approach and this gives him the
opportunity to conceal matters from the auditors. The auditors will need to bear this
in mind when planning the audit.
• If a significant connection, such as the receipt of benefits, remains between the ex-
partner and the firm, then the firm’s objectivity may be threatened.
• Public perception may involve a view that the two parties are no longer independent,
even where there may be no actual threat to objectivity. The ex-partner may be
perceived to have some influence over the new audit team members.
• There is a risk that the audit team may place greater reliance on representations from
the ex-partner. To ensure objectivity, they should not place any undue reliance on the
evidence. They should evaluate risk as they would with any other client.
• If the partner takes part in the audit knowing that he is about to join the client shortly,
then there is a threat to objectivity. Public perception is unlikely to view the two
parties as been independent of each other.
(b) The following advantages exist for a client if their auditor becomes a senior executive:
• He will have a good understanding of the environment in which the client operates.
He should find it easier to integrate with the rest of management.
• No recruitment costs and no risk that a recruitment company would recruit the wrong
person.
• Ex-auditor will be familiar with a number of accounting systems and is likely to be up
to date with current accounting techniques and current thinking.
(c)
Current rules do not specifically prohibit an audit firm from continuing to act as auditors to a
client if an ex-partner or employee now works in a senior position for that client.
A member’s objectivity must be beyond question. This objectivity can only be assured if the
member is and is seen to be independent.
A member’s objectivity may be threatened or appear to be threatened as a consequence of a
family or other close personal or business relationship. Where a relationship exists between
an officer of the client and a partner or member of staff of the audit firm, safeguards should
be set up to ensure objectivity.
Objectivity may be threatened by undue dependence on an audit client. It is suggested that
the public perception of an auditor’s objectivity is likely to be impaired where the fees for the
audit and other recurring work for a client exceed 15% of gross practice income.
Where a senior member of staff has joined a client, the safeguards are suggested:
• Consider modifying the audit plan for the engagement.
• Assign the engagement to an individual of sufficient experience in relation to the ex-
member of staff.
• Involve some new experienced staff not previously involved with the audit.
• Conduct a thorough quality control review of the engagement.
Page 203
s
One final point is that the ex-member must not receive benefits from the firm unless they are
made in accordance with fixed, predetermined rates, and he must not participate in the affairs
of the firm, otherwise the whole question of objectivity and independence comes into
question.
Solution 3.1
(1)
A B Ltd is a high risk client. The property development business is a high risk activity and
the weakness of the company’s internal control system and the lack of integrity of the
founder Mr Narang also give risk to additional risk.
The auditors must ensure that no independence or other ethical issues exist that are likely to
cause conflict with the ethical code before accepting the appointment.
The procedures which an audit firm should carry out before accepting an appointment are:
• Request permission to communicate with the previous auditors. If permission is
declined, the auditor should decline the appointment. If permission is granted, the
auditors should request in writing of the previous auditors all information which should
be made available to them to enable to them to decide whether they should accept the
appointment.
• Ensure that the firm’s existing resources are adequate to service the needs of the new
client. Specifically, expertise may be needed as the new clients are property
developers.
• Seek references in respect of the new client company. If the directors are not known to
the audit firm, independent enquiries should be made concerning the status of the
company and its directors, for example company searches, which may uncover
qualified audit reports.
• A preliminary assessment of audit risk should be made. This will involve discussions
with management and assessing the internal control structure, which in the client
company’s case is very poor.
• The costs and benefits of accepting the appointment should be estimated. The cost may
be considered to be too costly in terms of potential liability, or raised insurance
premiums and bad publicity.
(2)
Ethical guidelines for auditors require that an auditor be independent and objective. It is an
auditor’s integrity that gives weight to his audit opinion. The maintenance of the secret fund
is a definite lack of integrity on behalf of the audit partner. His objectivity is also impaired
by his lack of independence. He has also contravened ethical guidelines by carrying out the
preparation of accounting records for a quoted company.
He has also colluded with the managing director of the company to conceal questionable
transactions from fellow directors and shareholders. This could be viewed as a fraud and also
there could be breaches of tax laws.
His position as auditor is untenable and his audit opinion is valueless.
Page 204
s
(3)
The measures that might be introduced to try and minimise the practice of opinion shopping
by prospective audit clients are as follows:
• Establish why the question is been asked in the first place.
• No opinion should be given until the present auditors have been informed. This is not
just a matter of courtesy but it may highlight additional information with which the
client was not forthcoming.
• If the audit firm decides to give an opinion, they should do so in writing giving the facts
of the problem as it has been presented to them.
Legislation exists to protect auditors, allowing them to present their case to the shareholders
of a company. When they resign, they have a right to make a statement regarding the
resignation which should, as “best practice”, be sent to the Office of Registrar General and
anyone who is entitled to receive the financial statements. Auditors often do not do so
because of the bad publicity involved.
(4)
Audit firms can reduce the risk of litigation and its effects by ensuring:
• Audit standards are applied at all times.
• Adequate quality control procedures are in place and are enforced.
• Adequate review procedures are in place before a new client is accepted.
• Adequate professional indemnity insurance is in place. It does not reduce the risk of
litigation but it will limit the damage it causes.
Solution 3.2
Auditors might not seek re-election for ethical reasons such as fees, perhaps a disagreement
with client over accounting policies or there could be a conflict of interest with another client.
When submitting a tender, the auditor should consider:
• Are specialist staff with specialist skills required,
• Where is the work to be performed and are suitable staff available,
• Does the planned work fit in the firm’s current work timetable,
• Will current staff require further training.
Solution 3.3
Under normal circumstances, accountants should not advertise fees. Any advertisement is
unlikely to be sufficiently detailed to allow a comprehensive understanding of fee structures
and any facts given about such fees could mislead potential clients.
Solution 4.1
Auditor responsibility
It must be acknowledged that the primary responsibility for the prevention and detection of
fraud lies with the management of the company. It is they who should safeguard the assets of
Page 205
s
the company while the auditor’s primary responsibility is to express an opinion on the
financial statements.
It should be noted however, that the auditor has a duty to plan his audit to consider the risk
that a material misstatement could occur in the financial statements as a result of fraud.
Extend responsibility
The Public, the shareholder’s and even the government’s expectations of the auditor are
changing and they are increasingly calling on the auditor to widen his responsibility.
Some of the problems that may arise are the difficulty in defining fraud and determining an
appropriate level materiality.
Currently, the auditor assesses materiality in relation to the true and fair view shown by the
financial statements. This may no longer be valid if all or most frauds have to be detected by
the auditor.
Fraud covers many types of activities at all levels within a company. Should the auditor be
expected to detect a petty theft committed by a junior employee and who determines what
falls as significant or insignificant frauds?. The guidelines simply define fraud as involving
the use of deception to obtain an unjust illegal financial advantage.
Changing the auditor’s responsibilities in relation to fraud needs to be considered in the light
of different types of organisations and the different interested parties that exist. It would be
reasonable for the auditor of a financial institution, where deposit holder’s savings are at risk,
to have a greater responsibility for the detection of fraud than the auditor of a small private
company run by the owner/managers themselves. Similarly, the auditors of public limited
companies and probably other public companies, such as high profile charities, should have a
greater responsibility than those of private companies. This would reflect the public’s
perception of the role of the modern auditor and legislation should then react to these
expectations.
Since fraud has an impact on the financial statements, it is generally accepted that the
auditors need to plan their audits so that they have a reasonable expectation of detecting
material misstatements caused by fraud.
While few people disagree that the auditor should have some responsibility for the detection
of fraud, the widening of the auditor role would mean additional audit costs would be
incurred by all organisations to detect fraud.
Perhaps the auditor should advise management as to how to prevent and detect fraud and
penalties for it under company law could be increased so that there is a greater deterrent. If
companies and other organisations could prevent fraud more effectively there would be no
should need for auditors to try and detect it during an audit.
Fraud can be difficult to detect where internal control systems are very weak or non-existent
at all. Some types of fraud require special expertise to be brought in so that the fraud can be
detected. All auditors should already be detecting frauds which give rise to material errors in
the financial statements. The procedures used to detect immaterial frauds would just be an
Page 206
s
extension of the usual audit procedures applied but the time taken to extend the level of
testing would probably be considerable.
The auditor needs to judge the amount of work that is necessary to obtain sufficient, reliable
evidence on which to form an opinion on the financial statements. If his objective was
changed the amount of work necessary to be carried out would increase substantially,
although the methods and procedures used would probably be the same. The auditor would
probably not accept a greater responsibility for the detection of fraud without a substantial
hike in the audit fee. It is questionable whether this would be considered value for money for
most organisations.
There is also the question of to whom the auditor should report a fraud. If senior
management are involved and the auditor has no real concrete proof and there is no material
effect on the financial statements, then the auditor will need to seek legal advice on what
action should be taken next. The auditor has a duty of confidentiality from disclosing
information to third parties without the client’s permission. However, this duty of confidence
is not absolute, and the auditor may disclose certain matters to a proper authority such as
where it is in the public interest.
Another problem which might arise is a possible deterioration in the relationship between the
auditor and the client. If the auditor had to report directly to the authorities, the client may be
reluctant to provide vital information.
Conclusion
Auditors have the skill necessary to detect most types of fraud but there is the possibility that
the cost of so doing would exceed the likely benefits. The recommended solution is for the
auditor to make recommendations to management about how they could reduce the likelihood
of fraud or irregularities and increase the possibility of detection.
Solution 4.2
In order for an action to succeed, a duty of care must exist, negligence must have occurred
and one must have suffered a loss as a result of the negligence.
Solution 4.3
In order to avoid litigation, an auditor can:
• Implement and apply client acceptance procedures
• Perform all work in line with accepted auditing standards
• Implement and perform adequate quality control procedures
• Use disclaimers.
Page 207
s
Solution 5.1
(1) The reasons for a merger include:
• The desire to increase their market share and operate on the global markets
• A wish to serve multinational clients who demand an international presence and who
require the use of large amounts of resources
• Increased expertise in all fields
• Increasing funds available for investment such as infrastructure or IT
• A desire to compete with banks and other who are expanding into the consultancy
business
• To resist liability claims which could close smaller audit firms
• To reduce the ability of major clients to exert fee pressures and thus improve financial
independence
• To increase the range of opportunities available to staff within the organisation.
• To take advantage of cost savings
(b) Possible problems could include:
• A reduction in the choice of clients available to the firm,
• Possible conflicts of interest,
• A reduction in the auditors independence, particularly with the increase of consultancy
services,
• The emergence of audit giants which weakens the argument for limiting auditor’s
liability.
• Domination of the profession by large firms ,
• Increase in the influence of large firms on the standard setting process,
• Redundancies in offices caused by the elimination of overlapping departments,
• Scrutiny of the mergers by outside agencies. ,
• Disputes emerging between partners in firms as to the management style leading to
resignation of disaffected partners and loss of experience,
• A loss of the personal touch which is a feature of smaller firms and which many clients
crave.
Solution 5.2
The following factors could cause an audit business to fail:
• Litigation against the firm
• Bad publicity
• Loss of key personnel
• Loss of clients
• Disciplinary action by regulatory body.
Solution 5.3
An audit can be lost due to size where the client becomes too large for the audit firm to be
able to manage. This could be for example due to insufficient staff or insufficient technical
expertise. Imagine a 2 partner size practice trying to do the audit of a major bank.
Page 208
s
In addition, the audit may be lost where the company no longer requires an audit. For
example, with the influence of new legislation among jurisdictions with revised thresholds
being applied a number of small companies may now no longer require a statutory audit.
Solution 5.4
To: The Board of Directors of Read Ltd
From: A. Accountant
Re: Directors’ responsibilities
This memorandum addresses some of the issues raised previously by members of the board.
1. Statement of Directors’ Responsibilities
This statement is part of the response of the accountancy profession and the regulatory
authorities to the difference between what the auditors and directors of a company are
responsible for compared to what the public perception of these responsibilities and duties
actually are.
In the UK, the Cadbury report on corporate governance recommended that the financial
statements should contain statements laying out clearly what the directors and auditors
responsibilities.
The public concern about the responsibilities of both directors and auditors was brought to
the fore with the unexpected collapse of large groups of companies in the UK for example,
such as Maxwell, Polly Peck and BCCI. When investors, shareholders and account holders
looked for people to blame for these disasters, it was invariably the auditors. Very few
people knew which of the auditors, directors and regulatory authorities were responsible for
what in respect of reporting on a company.
2. True and Fair
The accounts of a company are required by law to show a true and fair view of the financial
position as at the balance sheet date and of its profit and loss for the year. The auditors are
required to state in their report whether, in their opinion, the accounts satisfy that
requirement.
Legislation contains many requirements as to the form and content of company financial
statements, but it does not actually define what is meant by true and fair. The meaning can be
best understood by referring to case law.
The courts will treat real compliance with accepted accounting principles as prima facie
evidence that the accounts are true and fair. On the contrary, where there is non compliance
with the principles, this will be seen as prima facie evidence that they are not true and fair.
The true and fair view is a legal concept and the question of whether company accounts
comply with the company’s acts can only be decided by a court.
The concept of true and fair is very subjective in nature, in spite of the connection between
accounting standards and true and fair discussed above.
Page 209
s
As directors of Read, in deciding whether the accounts are true and fair, you should bring
your collective business knowledge to bear. The first question must be whether accounting
standards have been followed and if in some cases they have not, then you must consider
whether this override was justified on the grounds that it was necessary in order to show a
true and fair view and that this explanation is properly disclosed.
In making your decision, you should consider whether the accounting policies and principles
used are appropriate to Read’s business and whether the accounts reflect the substance of
transactions which have actually occurred.
In summary, the directors should be satisfied that the financial statements reflect the true
situation of the company and are not misleading in any way.
3. Detecting fraud and safeguarding assets
Directors can try to prevent fraud and safeguard assets by instituting a strong system of
internal controls. Physical controls over tangible assets are important such as locking up
cash, tagging computers etc., but fraud is most often prevented by good segregation of duties.
Controls of this nature mean that staff collusion in order to steal should be frustrated
Supervision is an important control for directors. The Cadbury report suggested that directors
should make a comment in the financial statements stating whether an adequate system of
control was in operation during the period under question. Guidance has been produced on
what directors should consider when assessing their internal control systems, but it is still not
possible to say exactly what a good control is. In the financial statements, directors must
state their responsibility for the system of internal control, but they do not have to comment
on its effectiveness.
I hope this memorandum has cleared up these issues. Please contact me with any further
queries.
Signed,
A. Accountant
Solution 6.1
1. Consideration of the materiality level
The traditional value indicators of materiality levels include turnover (0.5% to 1%), profit
before tax (5%), total assets (1% to 2%) and net assets (2% to 5%).
The percentages would derive the following figures:
Turnover 12,670-25,340
Profit before tax 3,050
Total assets 10,090-20,180
Net assets 7,380-18,400
A simple average of these gives RWF13,870. This is a useful indicator but you should
consider some qualitative factors such as:
Page 210
s
• Interest is an important figure due to the terms of the covenant with the bank. It might
be wise therefore to include profit before tax and interest in the calculations. This
would raise the above figure to RWF13,970.
• Net assets are also important as a result of the bank agreement. The current ratio is
required to be 1.5. This would require current assets to be RWF586k which they are
well above at the moment. When considering materiality, the auditor should look at
cumulative matters. However, the ratio is material to the balance sheet, so any issues
relevant to that ratio may be material, regardless of value.
I would set planning materiality at RWF14,000. However, I would treat issues arising in
relation to net current assets as potentially material and consider the cumulative impact that
any issues had.
2. Audit risks
Inherent risks
The key issue relating to the balance sheet is the factoring of debts. This raises a number of
questions. The first question is why factoring. Presumably, this is to insure that the interest
cover will be maintained by keeping bad debts in check. It will also be important to check
whether the factoring is as a result of poor cash flow. The year end cash figure is down on
the previous year. Cash flow problems can also indicate going concern issues
Secondly, in relation to debtors, it raises issues over the accounting for the factored debts.
Have they been accounted for in the balance sheet and properly disclosed according to their
substance. When there is a high transfer of all significant risks and rewards to the factor the
substance may be that the debtors are no longer assets of the company but that any cash
advances made by the factor to the company are assets. As the entire sales ledger function
has been outsourced to the factor, this need investigating. Adjusting the debtors figure would
clearly be material to the balance sheet and could have an impact on the covenant with the
bank. However, there would also likely to be a major influx of cash so the net effect on the
ratios would be negligible. If, on the other hand, the factoring has been accounted for, then
cash appears to be very low given that there should have been a major cash inflow and this
would have implications for going concern. However, as there remains a large debtor
balance it seems to appear that the factoring has not yet been accounted for.
The relationship with the bank is clearly important. The whole issue must be considered
particularly as there appears to be a worsening cash position and there is a question mark over
the factoring of debts. Going concern is a risk for this audit, especially if accounting issues
radically change the balance sheet and have an impact on the covenant to the bank.
As part of the restructuring and the factoring of debts, the sales clerk has been dismissed.
She is bringing a number of claims against the company. It is unclear whether she has
grounds for such action. There may be a cap on damages for unfair dismissal but unlikely to
be so for discrimination cases. Hence there is a potentially material contingent liability. It
will be important to investigate this on the audit and to establish if she has a case it may be
necessary to seek an expert legal opinion.
Page 211
s
There appears to be a problem with stock, a possible stock obsolescence. It is unclear
whether this is material or not. However, given that the current assets are material by their
nature (details of covenants) and the possible effects of accounting for substance on debtors,
this matter of stock obsolescence may be material by its very nature.
Control risks
As part of the control risk evaluation the auditor must consider the effect of factoring on the
systems of the business and the fact that the sales ledger is now outsourced and may have
been for a portion of the year been audited. The related controls must be assessed. There is
the risk that the controls over the transfer may not have been good and errors could have been
made.
Detection risks
An expert may be required to obtain evidence about the contingent liability.
The auditor must ensure that he has all the information he requires from the service provider.
3. Administrative planning matters
The engagement partner must organise a planning meeting to discuss the audit with the team.
The supervisor should obtain key dates relating to the audit, such as the dates of the manager
and partner reviews, and client related dates such as when the final accounts will be ready
and when the accounts need to be signed by.
The supervisor needs to obtain client permission to contact the company’s lawyer and the
debt factor and he needs to organise when the audit team will be able to liaise with them.
4. Conflict of interest
The audit firm is in possession of sensitive information relating to the company’s new
customer. However, the company could have obtained a lot of this information themselves
through a credit rating agency which they really should have done anyway as part of good
control procedures over opening new accounts.
It would be in the interests of the new customer that the auditors would not share this
information with M Ltd
Whether a conflict exists depends on the size of the audit firm and the procedures put in place
in the audit dept. to maintain the independence of the two audits. In a small dept. it is likely
that it will be difficult in practice to keep matters completely confidential.
In this situation, it is probably best that the auditor make both parties aware that they are
auditors for both and restate their duty of confidentiality to both. It may be wise to revisit the
engagement letter for both clients to ensure that the duties and procedures in relation to this
potential conflict are set out.
Page 212
s
Solution 6.2
1. Business risks relating to e-commerce operations set up
Technological issues
It is likely that in operating through the internet, the company has changed from a moderately
low tech company to one that is now high tech.
This raises a number of significant business risks:
• It is now possible that current customers are not equipped to continue to be customers
over the internet in terms of skill and opportunity.
• The greater degree of technology will come at a cost. The cost of setting up a website
will have been incurred already, but there are likely to be further future costs involved
in maintaining the website, such as the need for upgrades to ensure that the technology
continues to run smoothly and as effectively as possible.
• The company is now open to greater security risks than it was previously. It is now
exposed to greater risks of credit card fraud and may also be at risk of computer
hacking.
Customers
Problems relating to customers are not entirely technology based. Firstly, the company has
changed from dealing with customers face to face to one that is considered very impersonal.
Customers may complete a deal with the company without ever speaking to an individual.
Customers may have appreciated the personal touch in the past in receiving help in selecting
gifts and may not be keen to purchase on-line on the internet.
Secondly, the company operates largely to the tourist trade. Many of the customers would
have been holiday makers eager to snap up gifts of their trip. The company may now find
that it will lose a lot of this “feel good factor” sales and that in the general gifts market, the
competition is much more intense.
Delivery issues
The company has opened up new distribution issues for itself which it did not have
previously in that sales made over the internet require delivery and that this delivery is now
available from all the stores. The company is therefore now exposed to potential customer
dissatisfaction over delivery. Given that the company proposes to use the current postal
system, any problems arising may largely be out of their control.
There is also a risk of liability for breakages and spoilt goods, and given that many of the
products outlined are fragile, this could be a significant cost. A customer might be happy to
pay a little extra to have fragile goods delivered, rather than face the risk of breaking it on the
way home, but that risk is now transferred to the company.
2. Audit risks arising
Inherent
There are a number of issues which may represent inherent audit risks:
• The company has closed a substantial part of its retail operation and has changed the
focus of the business to e-commerce. The shop business may be considered to be a
Page 213
s
discontinued operation and consideration will need to be given to the accounting
treatment and disclosure in the financial statements.
• There is likely to be a substantial investment in technology in terms of computer
equipment for the warehouse and branches and for setting up the website. The
expenditure in the year will need to be scrutinised to ensure that this expenditure is
properly capitalised where this is required and also that appropriate depreciation
policies are implemented and operated.
• The company may face liabilities for items broken in transit. Some provisions may be
required and this should be investigated to ensure that all such provisions necessary
are created and are valued appropriately.
Control
The restructuring will have resulted in a number of new systems particularly in the
warehouse. All controls will need identifying, assessing and recording.
Detection
The e-commerce element will almost be like a new audit. There is unlikely to be any useful
analytical evidence as it is the first half year of such activity. Also, there may be a
requirement to use some CAATs to investigate the ordering system. This may require a
higher use of substantive testing than might have been the case in previous audits to ensure
that transactions are fairly stated.
3. Audit strategy
There is a lack of analytical evidence about half of the business year due to the shift to e-
commerce. This makes certain approaches, such as the business risk approach, to the audit
unacceptable, as it relies on a high level of analytical procedures.
An audit risk approach should still be taken so that the audit is cost and time effective and it
would seem wise to take a combination of other approaches to the audit.
A balance sheet approach may be appropriate in these circumstances, as it is highly
substantive and is cost effective because it results in a small number of high value balances
being tested. In addition, there is often good availability for evidence of a balance sheet
nature.
However, when the balance sheet approach is used, the profit and loss transactions, are
usually audited by analytical review. Given that a number of transactions are on new
systems, a better approach for this year might be a transactions approach looking at the
various cycles such as sales and purchases. This means that the balances which lead up to the
balance sheet are substantiated, rather than the closing position itself. The balance sheet is
then audited by analytical review.
A transaction approach is more time consuming than a balance sheet approach. This should
be discussed with the client so that they are aware that as a one off exercise, due to
circumstances in the year of the introduction of the e-commerce operation, the audit will cost
more in this year.
Page 214
s
4. Control issues
There are a number of control procedures adjustments that should be made:
Confirmations
An email should be sent to all customers to confirm their order. At present this is only done
when there is a problem.
Segregation of duties
There is a potential problem in that there is no segregation of duties between orders and
payments as the two clerks often help each other out when it is busy. It is vitally important
that there is segregation of duties. If just the one person deals with orders and payments there
is a greater risk of fictitious orders raised and false payments taken. Other people should be
drafted in as back up for both roles as the need arises.
Stock check facility
There is scope to integrate a stock check facility into the ordering system so that a customer
cannot send an order which cannot be met from current stock. At present there has to be a
manual check. This would eliminate the delay between an order being made and the
customer being told that it cannot be met and allow for possible alterations rather than a lost
customer.
Solution 7.1
1. Letter of representation
Newworld properties
Kigali
Rwanda
Auditors & Co
Old Street
Kigali
Rwanda
30 June 2010
Dear Sirs,
We confirm to the best of our knowledge and belief, and having made appropriate enquiries
of other directors and officials of the company, the following representations be given to you
in connection with your audit of the company’s financial statements for the year ended 30
April 2010.
General
Page 215
s
We acknowledge as directors our responsibility for preparing financial statements which give
a true and fair view and for making accurate representations to you. All the accounting
records have been made available to you for the purpose of your audit and all the transactions
undertaken by the company have been properly reflected and recorded in the accounting
records. All other records and related information, including minutes of all management and
shareholders’ meetings, have been made available to you.
Financial support
Oldworld properties, a subsidiary of the company, is experiencing going concern problems.
We confirm that the company will continue to make financial support available to Oldworld
properties for the foreseeable future.
Claim
Trouble Manufacturing has made a claim against the company for RWF5m arising from
alleged negligent construction. This represents RWF3m for repairs and RWF2m for the cost
of business disruption. Following discussions with the company’s professional advisors we
consider that Trouble Manufacturing has no claim on the company and therefore no provision
is required in the accounts for the year ended 30 April 2010, although the contingency is fully
explained in a note to the financial statements.
Transactions with directors
The company has had at no time during the year any arrangement, transaction or agreement
to provide credit facilities (including loans, quasi-loans or credit transactions) for directors
nor to guarantee or provide security for such matters, except as disclosed in note 20 to the
financial statements.
Post balance sheet events
There have been no events since the balance sheet date which necessitates revision of the
figures included in the financial statements or inclusion of a note thereto. Should further
material events occur, which may necessitate revision of the figures to be included in the
financial statements or inclusion of a note thereto, we will advise accordingly.
Yours faithfully,
Signed on behalf of the Board of Directors
……………..Director
2. Reliability of letter of representation
The letter of representation is a record of statements, in writing, made by management to
auditors during the course of the audit. Being a written record, it is much stronger evidence
than oral representations would be.
Page 216
s
However, representations coming from management do not come from an independent source
and as such should not therefore be relied on when other evidence is available or would
reasonably be expected to be available.
Nevertheless they may be the only available evidence especially when facts are confined to
management or the matter is one of judgment or management opinion. Independent, external
confirmation will not be available in these circumstances.
Reliance on letter
On receipt of the letter the auditor will need to ensure that there is no other evidence that he
has discovered during the audit which conflicts with the written representation received from
management. He will then have to review the representations and decide, given the test
results of the audit and his risk assessment, whether he is able to rely on the representations in
order to issue an unqualified opinion upon the financial statements.
3. Work to be performed
• Obtain and review all correspondence relating to the claim
• Review written advice obtained from the company’s lawyers and the surveyor
• Review the original contract with the customer to assess the extent of the company’s
responsibilities for repairs and any time period limitations that may have been put in
place.
• Ascertain whether the company’s insurance covers this claim should it be payable
• Examine minutes of meetings of the board and management to see how they dealt with
this matter.
• Review the disclosure and/or the provision to comply with IAS provisions, if
appropriate.
4. Refusal to sign
Where the directors refuse to sign the letter, the following procedures should be considered:
• A meeting between the auditors and directors should be convened to discuss a revision
of the wording of the letter, so as to allow the directors to sign the letter.
• Alternatively, a letter of representation excluding the paragraph relating to the claim
should be obtained.
• Where management refuse to sign the letter, the auditors should prepare a statement
setting out their understanding of the principle representation and ask management to
confirm in writing that their understanding of the situation is correct.
Where satisfactory representations are not obtained, such as the original letter is amended to
exclude the claim or that the directors refuse to confirm the auditor’s explanatory statement,
then the auditors will need to consider the implications of this especially with regard to a
limitation on the scope of their audit.
Given the refusal by the management to give satisfactory representations concerning the
claim, raises uncertainty about the eventual outcome of the claim, the auditors should
probably decide to qualify their audit report on the grounds of uncertainty.
Page 217
s
Solution 7.2
The audit objectives are:
• Existence
• Occurrence
• Validity
• Completeness
• Valuation
• Rights and obligations
• Presentation and disclosure
Page 218
s
Solution 8.1
(a)
(1) Auditors perform procedures designed to obtain audit evidence that all material
subsequent events up to the date of their audit report have been identified and properly
reflected such as by an adjustment in the figures or by appropriate disclosure in the notes.
These procedures should be applied to any matters which may be prone to change after the
year-end. These are in addition to normal tests on specific transactions after the year-end that
are carried out during the normal course of an audit e.g. cut off tests.
Non-adjusting subsequent events are disclosed in the notes to the accounts, whereas all
adjusting events should be reflected in the accounts.
(2) The directors are responsible for the accounts, therefore they would be expected to inform
the auditors of any material subsequent events between the date of the audit report and the
date the financial statements are issued by the directors. The auditors do not have any
obligation to perform any additional audit procedures after the date of their report.
Where the auditors become aware of any material subsequent events they should:
• Establish whether there is a need to amend the financial statements
• Discuss the material matters with the directors
• Consider the implications for their report, taking additional appropriate actions.
Where the accounts are amended, the auditors should extend their procedures to the date of
their new audit report and issue a new audit report dated the day it is signed.
(3) Auditors have no obligations regarding the financial statements after they have been
issued by the directors. Where they have been issued but not yet laid before the shareholders
and the auditors become aware of subsequent material events which might have caused them
to issue a different audit report, they should carry out additional procedures such as in (2)
above.
Where the directors do not amend the financial statements (although the auditor feels there
should be an amendment) and they have been issued but not yet laid before the shareholders,
or if the directors do not intend to make an appropriate statement at the Annual Meeting, then
the auditors should consider to take timely steps in order to prevent reliance on the report.
The auditors have no right to communicate directly in writing to the members.
(b)
The audit work in relation to post balance sheet events will be largely focused on the balance
sheet at the year-end. The following audit procedures should be carried out.
Non current assets
• Check for any disposals after the year-end which may require a write down to reflect
the net realisable value of the asset at the year-end.
Page 219
s
• Review non current assets for obsolescence such as plant that is no longer in use and
would have little residual value if disposed of.
Stock
• Review the selling price of major items of stock after the year-end to see if prices at the
year-end still hold true. Consider writing down any stock items where prices are
falling.
• Review the year-end stock for obsolete, damaged or slow moving stock and consider
writing down such stock to its net realisable value.
Debtors
• Review post year-end receipts to ensure that no write downs are necessary to the year-
end debtors’ figures.
• Review press and any other relevant correspondence with a view to highlighting any
potential issues with major customers.
• Review post year-end credit notes and returns of goods after the year-end to determine
whether adjustments are required in the accounts.
Cash at bank
• Review the reconciled items on the bank reconciliation to ensure that they have cleared
promptly after the year-end.
• Write back any old outstanding cheques.
• Review all material payments and receipts around the year-end to check the
completeness of both the accruals and prepayments figures.
Trade creditors
• Review reconciling items on the supplier’s statements reconciliations to check the
completeness of both the accruals and prepayments figures.
Going concern problems and other matters
The following procedures should be carried out as a post balance sheet review is essential in
respect of going concern issues:
• Review cash flow forecasts preferably at least 12 months from end of balance sheet
date.
• Review management accounts after the year-end.
• Inspect board minutes and notes from senior management meetings after the year-end.
• Seek a letter of representation from the directors stating that they have given all such
information as was requested and was necessary.
Non-adjusting events
Review for any issues which are considered to be non-adjusting events. These should be
disclosed in the accounts such as major disposals of non-current assets, accidental losses and
issues of equity shares and/or debentures.
Page 220
s
(c)
Review for instances where there have been any material post balance sheet events in this
specific period, especially if there has been a undue delay. Carry out such enquiries as
detailed in (b) above. In addition:
• Request the directors to disclose if any further material events have occurred which
might affect their opinion on the accounts being audited.
• Review the latest board minutes, reports and management accounts issued since the
date of the audit report.
• Any uncertain matters should be reviewed again to ascertain whether there will be any
effect on the accounts.
• Consider any matters which may have arisen in the industry or the general economy
which might affect the company and its results.
Solution 8.2
Enquiries which may be made of management:
• Any new commitments
• Issues of shares
• New developments in risk areas
• Areas which involve subjective judgements
• Sales of assets
• Any unusual accounting adjustments
• Major events affecting the business.
Solution 8.3
Analytical review would generally focus on issues such as:
• Accounting ratios
• Related items such as turnover and commission
• Changes in customers and products
• Changes price and product mix
• Wage variations
• Trends and variations in sales and production
• Variations in labour and material elements in production costs
• Major spends in profit and loss account
• Variations in industry and economy factors.
Solution 9.1
The availability of the financial statements on the website is likely to make the audit report
more available to the general public than would normally be expected when issuing a
hardcopy audit report. This increases the risk for the auditor.
Firstly, there is a risk that readers will misunderstand the report. The financial statements
need to be read in their entirety in order to draw valid conclusions. What if the website does
not have all the statements made available.
Page 221
s
Secondly, the general public may feel that the audit report covers all information up on the
website and that they can rely on it because the auditor says it is ok. The audit report only
relates to the financial statements themselves and not any other data that the company may
choose to put up on the website.
Finally, there is a risk that someone may alter the financial statements or even the audit report
on the website.
These risks only serve to expand the expectations gap between what the auditor is actually
responsible for and what the general public perceives the auditor is responsible for.
Furthermore, there is the possibility that the auditor’s liability may be affected by a perceived
increase in his duty of care.
Solution 9.2
The audit evidence in relation to the website that you will seek will relate to its existence and
valuation. You could review the website online and seek advice (possible externally or
internally through the company) on, whether due to its complexity or whatever, the cost to
develop the site is actually borne out. Next, you could examine the related invoices and
backup documentation from the supplier to ascertain whether the costs are reasonably
disclosed.
You should seek to examine any agreements in relation to the advertising to assess whether
there is a net benefit or cost to the arrangement which may need to be disclosed and
physically inspect all the sites involved to verify what is in the agreement.
There are a number of implications for your audit report.
In the first instance, the website would ordinarily fall within the definition of an asset and as
such should be capitalised in the balance sheet and not written off in the profit and loss.
The amount would be material and if the directors did not agree to an adjustment in the
accounts, it is likely that an audit qualification due to disagreement would result.
It is also possible that the advertising on other websites could be treated as an intangible
asset. IAS 38 allows for assets to be recognised where they can be reliably measured. If
there is a market for this style of advertising, then it is possible to put a value on it. However,
being on someone else’s website would mean that you would have little or no control over
the asset. The audit partner would have to take a view on this and it may differ from that of
the company. An audit qualification could arise.
Solution 9.3
There are implications in three areas of this question. Tangible fixed assets, stocks and
provisions.
The first area with regard to the tangible fixed assets is whether the company’s revaluation
policy is correct and whether the company should capitalise the refit costs.
Page 222
s
IAS 16 allows assets to be held at cost or valuation. Where there are revaluations done, they
should be done on a regular basis and the carrying amount must not be materially different
from the value applied using a fair value at the balance sheet date. Also, the revaluation must
be carried out to all assets within the same class of asset.
HSF revalues it stores annually and it can be argued that the manufacturing facility is a
different class of asset to the stores by its very nature and use.
The refits are likely to fall within the definition of an asset especially where potential future
economic benefits are expected to arise. You could argue that perhaps it should be classified
as fixtures and fittings but as long as the policy is applied consistently from year to year it
would appear to be reasonable.
The amounts involved are material. However, there would be appear to be no issues on
which there would be a disagreement nor limitations to the scope of the audit, so a
unqualified report would be issued.
The second area concerns the valuation of stocks. IAS 2 requires that stock is valued at the
lower of cost and net realisable value. Cost being that cost of purchase, conversion or other
costs incurred in bringing the stock to its present location and condition. The use of
calculating cost based on selling price less a margin is permissible as long as it gives a
reasonable valuation of the cost.
50% of the company’s stock is manufactured so the method of applying a margin to the
selling price to derive the cost is a reasonable basis. You might suggest by way of a
management letter that costing systems should be considered for the future but as long as the
current policy is applied consistently and this policy gives a reasonable approximation of
cost, then it is unlikely that there would be any adverse effect on the audit report. Any
difference due to the approximation of costs is unlikely to be material and the auditor will
only be considering material issues.
The final area concerns provisions. HSF should not recognise profits on the sales which are
refunded but it is reasonable to recognise profits on the exchanges (so long as the returning
garments do not require a write down in value)
If the refunds policy was for say 28 days, then it would be prudent for the company to have a
provision which could approximate to about 1/12th of their annual margin on such sales. This
amount would be considered material. Only the last month of the trading year would require
a review and it would be possible to assess the levels of returns around the year end to assess
whether a suitable provision is required.
The audit report would only be modified where the auditors felt a provision was required and
the company refused to accrue for one in the accounts.
Solution 9.4
The types of audit opinions can be:
• Unqualified
• Qualified due to a disagreement with the company
• Qualified due to a limitation in the scope of the audit.
Page 223
s
Solution 10.1
(1)
The relevant audit tests in verifying the value attributed to development expenditure are:
• Obtain a breakdown which allows tracing amounts spent to the nominal ledger and the
financial statements.
• Individual items should be vouched to supporting documentation. The relevant
documentation will vary according to the type of expenditure, and might include
requisitions, orders, goods received notes, invoices and bank statements. Labour costs
should be agreed to the payroll and to other supporting evidence, such as the time
sheets or job cards. Where overheads have been included in the figure, ensure that they
have been calculated on a consistent basis with that used normally by the company and
that the calculation appears reasonable.
• The arithmetical accuracy of the schedule of the expenditure should be checked and
confirmed.
• Ensure that there has been no double counting. Development items capitalised should
not also be charged as an expense in the profit and loss account.
• Carry out a review of the development figure in order to be satisfied that it is
reasonable and consistent with your knowledge of the company and its business.
(2)
The following audit procedures should be performed to verify the gain arising on the
revaluation of non-current assets.
• First, ensure that the valuer is appropriately qualified and independent of the company.
If these conditions do not exist, the auditor will need to consider their possible impact
on the results of the valuation.
• Ensure that the valuation has been performed on a reasonable basis and is consistent
with previous years.
• Check that profits or losses on individual non current assets have been correctly
calculated by reference to the non-current asset register and the detailed analysis of the
revaluation.
• Check the arithmetical accuracy of the compilation of the revaluation schedule.
(3)
IAS 38 lays down the basis on which development costs can be carried forward. They may
be carried forward only to the extent that they represent an asset which is likely to generate
future economic benefits for the company. It would not be prudent to carry forward
expenditure which is not reasonably expected to generate benefits in the future.
According to IAS 38, development expenditure should be written off in the year it is
incurred, unless the following can be demonstrated:
• The project is technical feasible
• There is an intention to complete the asset and use or sell it
• Details on how the asset will generate future economic benefits
• There exists the availability of resources to complete the development and use or sell
the asset
• The expenditure attributable to the development can be measured reliably.
Page 224
s
(4)
The decision to finance development internally has resulted in an increase in current
liabilities and a decrease in cash and bank balances. This may lead to liquidity problems in
the future, especially since the company will still need funds to complete the new project.
These funds will have to be generated either by the sale of further investments, the raising of
directors loans or outside investor or by the issue of shares.
If funding is not available, the development expenditure should be written off on the basis
that it will not be possible to complete the development project. This would eliminate the
accumulated profit reserve and could create doubts about the company’s status as a going
concern.
The auditor should discuss with the directors their plans for obtaining additional finance and
request that they produce cash flow forecasts to support these. If the auditor does not obtain
satisfactory evidence of the company’s ability to obtain funding, it may be necessary to
qualify the audit report on the grounds of going concern problems.
Solution 10.2
1. Investment in Ladies Ltd
The following matters need to be considered:
(a) Inclusion in Ace’s accounts
The investment may meet the criteria under IAS 28 for the investment to be accounted for as
an associate. The main issue is the existence of significant influence.
A company holding 20% or more of the voting rights in a company is presumed to exercise a
significant influence. If the entity meets the criteria for an associate, it should be included in
Ace’s accounts as a fixed asset investment at cost or less where costs overstate the value of
the asset.
(b) Requirement for group accounts
Both companies may represent a group for which group financial statements are required,
notwithstanding the fact that there is no subsidiary involved and consolidated financial
statements are not required.
If group accounts are required, a further set of accounts with Ladies Ltd equity accounted is
required or alternatively, Ace’s accounts could contain additional disclosure notes.
The Ace group might be exempted from group accounts if the group is small or medium
sized. Pre-tax profits of RWF1.5m and the cost of the investment to of RWF800k give some
indication that the group cannot be considered small.
If group accounts are required, as auditors of Ace, our firm would be the principal auditors
and we would need to liaise with the auditors of Ladies Ltd.
(c) Related parties
There may exist related party transactions to be disclosed under IAS24. In addition, Ace may
have dividend income from Ladies Ltd that will require disclosure in the accounts.
The audit evidence required will include:
Page 225
s
• The investment should be verified to a share cert and the auditor should review the
register of members of Ladies Ltd to check whether the shares are voting or not.
• The cost of the investment should be vouched to purchase documentation and the
payment should be traced through the bank statements.
• The auditor should review the most up to date financial information available to ensure
that the cost figure still reasonable and that all dividends have been correctly accounted
for.
• The various ledgers and bank statements should be scrutinised to assess whether there
are any related party transactions in the normal course of business and these need to be
discussed with the directors.
2. Competitor
The following matters need to be considered:
(a) Going concern
The new major competitor, the non-renewal of some contracts and the loss of personnel to the
competitor may raise doubts relating to the area of going concern. The auditor must consider
whether the directors assessed the impact of the new competitor on their business and
whether the non-renewal of contracts was anticipated. In addition, what plans are there in
place to replace the lost staff.
The large drop in profit also gives rise to a going concern problem. However, there appears
to have been sufficient funds available to make a substantial investment which may indicate
that going concern is not an issue. These issues need to be looked into.
(b) Receivables
If no additional contracts are in place, both revenue and receivables will have fallen on last
year and this would need to be reviewed.
(c) Non-current asset impairment
Significant changes such as the new competitor and the new investment have taken place
which could indicate non-current asset impairment needs to be given consideration.
The audit evidence required would include:
• Gaining evidence about the going concern issues. Review the cash flow statement and
the financial statements and assess the cash position of the company. Vouch how the
investment has been financed. Review arrangements with the bank and ensure that
there are sufficient funds to operate.
• Discussing and documenting the loss of the contracts and the new competitor with the
directors. Review budgets and sales projections and vouch against the current order
book for signs that the budgets are unrealistic.
• Documentary evidence of the directors’ reasons for the new investment plans.
• Evidence on file that the auditor has satisfied himself that the entity will continue as a
going concern or that the directors have made sufficient disclosures in the financial
statements.
• Reviewing the level of receivables in the light of known facts about customer contracts
especially where there are discussions in the press about the financial liability of any
football clubs that are customers.
Page 226
s
• Identifying whether the directors have carried out an impairment review and if so was it
reasonable. If no impairment review was carried out, the auditors should consider
whether one is required and discuss this with the directors. They should obtain written
representation from the directors that no impairment review is required.
3. Legal requirements
The matters to be considered include:
(a) IAS37
Provisions must be considered in relation to the legal requirements to amend machinists
working conditions and the increase in the national minimum wage.
A provision is required if:
• an enterprise has a present obligation as a result of a past event
• it is probable that an outflow of resources will be required to settle the obligation and
• a reliable estimate can be made of the amount of the obligation
Cost of adjustment
As the adjustments to the seats have not yet been made, there is no present obligation to pay
for them. A financial obligation to pay for the adjustments does not exist until a contract has
been formed for the adjustment. No provision is therefore required for the cost of the
adjustments.
Possibility of fine
As the company has not made the adjustments before the required date, it is possible that
there may be a fine under the legislation. However, it appears that no order has yet been
made, so no provision for a fine is required. However, the matter should be disclosed as a
contingent liability, were it material.
Liability to employees
Some of the employees are not being paid the national minimum wage. The shortfall is for
5% of employees and only a couple of months of the year, so it is extremely unlikely that this
matter is material.
However, the auditor must consider whether any employees are taking legal action over the
health and safety issue of the seats.
(b) ISA250
Both issues indicate that the company is not complying with the laws and regulations
concerning health and safety and the national minimum wage.
Firstly, the auditor must consider whether there is a material effect on the financial
statements. Given the considerations above, it would appear that the accounts are not
materially affected.
Secondly, the auditor must consider whether there is a need to report non-compliance to
regulatory authorities. This must be discussed with management. In this case, it is unlikely
that there is such a requirement.
Page 227
s
The audit evidence required would include:
• Identifying whether a contract has been entered into to make the adjustments to the
seats. Review the board minutes and carry out discussions with the directors.
• Reviewing the minutes to establish whether any fines have been levied. Review the
legislation requirements and correspondence from the company lawyer.
• Reviewing the payroll to assess the extent of the minimum wage issue.
• Establishing from the company lawyer whether any legal action has been threatened by
any of the employees over either the health and safety issues or the wage issues.
Solution 11.1
You, as the audit engagement partner, would have to consider the following before issuing a
reference on behalf of a client:
• Is there any additional work required to give such a reference to the bank?
• Should there be a separate engagement between the auditor and the bank? There may
be a need for written clarification of the status of the reference such as an explanation
that there has been no engagement between the parties, that no fee has been paid and
that it is given to the best of knowledge at the time.
• There is high risk associated with giving such an opinion due to the inherent
uncertainty of future income and expenditure. In addition, the auditors are about to
start the audit for the past year. As it is historical information, it may have little or no
bearing on current developments giving rise to a difficulty of issuing an opinion on the
current position, or for that matter periods into the future, which would be more
relevant to the bank.
• The risk to the auditor is greater given that a duty of care to the bank is likely to arise if
such a reference is given.
• Is there a need for disclaimers of liability. Legal advice should be sought as any such
disclaimers will need to be reasonable in order to have legal force. Also, is there any
need to negotiate a liability cap.
• The form that the reference may take. It may be inappropriate to sign a bank’s pre-
printed document. The audit firm may have a standard reference document of its own,
or may choose to draft one according to the facts.
Solution 11.2
The following matters will be relevant where the directors of the company have expressed an
interest in engaging the audit firm to undertake an assurance engagement in relation to their
risk management and controls:
1. Acceptance
You need to consider the issue of independence. It is vital that the provision of other
services do not impair your objectivity towards the audit.
You should obtain the client’s acknowledgement of responsibility for work done by your
firm. How audit independence could be affected will depend on the exact nature of the
Page 228
s
service provided. It is should be noted that testing the operation of controls could be seen to
be complimentary to the audit.
The firm should not accept the engagement as it is currently presented. An assurance
engagement needs certain elements, such as subject matter and suitable criteria. It is very
difficult to give assurance on the effectiveness of risk management, as there are no
recognised criteria by which to judge it. However, the firm could provide an assurance that
controls are designed according to management policy and that they operate according to that
policy.
2. Planning
The following matters would be relevant:
• Are you sufficiently independent of the client?
• Are all the elements of an assurance engagement present?
• Have you agreed terms with the client?
• Is the criteria for assessing the subject matter suitable? In this case, the detailed
management policy would be a suitable criterion for evaluating the operation of
systems.
• Have you assessed the materiality and risk of the engagement? These will be
incorporated into the fee and will influence the detailed procedures planned and
designed for the engagement.
• What form will the report take? As there is no standard report, it is important for you
and the client to agree the format of the report.
Solution 12.1
(a) Implications of external auditors providing internal audit service
International guidance suggests that external auditors can act as internal auditors as long as
these services do not interfere with the exercise of managerial functions and independence of
the auditor. Specifically, care must be taken not to give executive advice or to become part
of the client’s executive management.
There are specific problems which could occur where the external auditor provides an
internal audit service:
• Reporting weaknesses in internal controls in systems designed by auditor acting as
internal auditors of the client
• Objectively testing work carried out by internal auditors who are colleagues of the
external auditors
• Internal audit programmes designed to reduce the work of external auditors
• Risk of breaking rules of conduct where deemed to be part of the executive
management
• Fee pressures arising from fees for providing internal audit service leading to breaking
fee guidelines as laid down in the ethics
Page 229
s
(b) Effects of providing wider assurance
• There is an increased risk of liability claims as the exposure has increased.
• There will be additional costs to the auditor in employing suitably qualified staff to
provide wider assurance such as engineering consultants, IT experts etc.
• Fees charged to clients likely to increase.
• Potential increased expectations of audit clients.
• Wording an appropriate audit report. There is unlikely to be any standard report.
(c) Evaluation of move toward business risk assurance
Basic audit work is perceived as adding very little to any business so this new approach could
be seen as a repackaging of existing services where auditors concentrate upon providing
services which add value in the eyes of the client.
The problem with this is that auditors are increasingly faced with litigation claims and should
therefore provide more basic assurance.
There is a risk assuming that external audit is a consultancy exercise aimed at adding value
because then the traditional audit assurance will be lost and overall levels of audit risk will
rise.
Solution 13.1
Going Concern
The concept makes the assumption that the business will continue to exist as a viable
commercial entity for the foreseeable future, without the need for any significant curtailment
to its present level of activity. What constitutes foreseeable future is a judgement call but the
auditor should normally expect the directors to have considered information which relates to
a minimum of 12 months following the date of approval of the financial statements.
Issues
The most common indicators suggesting going concern problems are as follows:
• Recurring operating losses,
• Dependence on overdue suppliers and other creditors to provide finance,
• Dependence on short term finance such as above for long term purposes,
• Consistent working capital deficiencies,
• Poor liquidity rates,
• High or increasing debt to equity ratios,
• Defaulting on loan agreements,
• Dividends in arrears,
• Restrictions placed on normal trade terms,
• Excessive or obsolete inventories,
• Long overdue receivables accounts,
• Deterioration of relationship with bankers,
Page 230
s
• The content of the order book.
There are other non-financial factors that should also be considered:
• Loss of key management or staff,
• Significantly increasing stock levels,
• Work stoppages,
• Excessive dependence upon the success of a particular project, asset or new product,
• Legal issues that may affect a company’s ability to continue in business,
• Loss of a key franchise or patent,
• Loss of a principal supplier or customer,
• Undue influence of a market dominant competitor,
• Political risks,
• New technical developments which may render a key product obsolete.
The significance of the indicators may be diminished by mitigating factors. For example,
indications of a business selling fixed assets to meet cash flow demands may be mitigated by
the possibility of obtaining new sources of finance.
Verification of forecasts
For items on the capital/disposals forecast the auditor should check that the quoted costs of
proposed capital expenditures are reasonable. Items can be checked against price lists, quotes
or compared with similar assets purchased in recent years.
In relation to disposals the auditors should check whether the proceeds appear to be
reasonable. You could relate the proceeds to the book value of the assets on the assets
register. You should also assess the reasonableness of the timing of the sale.
In relation to the profit forecast:
• Assess whether the level of projected sales is reasonable, having regard to previous
years and your knowledge of present market conditions and the state of the orders book.
• Consider whether the gross profit margin appears reasonable in relation to the current
and past experiences.
• Compare the profit and loss items to previous years, examining any areas of significant
change. Projected savings in expenditure should be justified and ensure proper
provisions have been made where appropriate.
The cash flow forecast should be checked as follows:
• The opening balance should be checked to the draft financial statements and the cash
book.
• All receipts and payments should be checked against supporting documentation.
• The reasonableness of the timing of future receipts and payments should be considered
in the light of what is considered normal activity.
• The consistency of items in the cash flow forecast should be checked against the other
forecasts as well as consistency and accuracy of all forecasts in previous years.
• Check all arithmetic figures.
Page 231
s
Solution 14.1
Importance of social and environmental issues
Social and environmental issues are important to the external auditor.
These matters are important to companies on whom the auditor is reporting as social and
environmental matters form a necessary part of knowledge of the business. Also companies
are increasingly reporting to their shareholders on matters of corporate responsibility. The
external auditors report to the shareholders and have a duty to review other information
presented with the audited financial statements.
Impact on the financial statements
Social and environmental issues can have financial implications which impact on the
financial statements.
• ISA 250
When planning the audit and gaining an understanding of the business, the auditors must
ensure that they are aware of any relevant regulation relating to energy provision and/or
piping oil which may impact on the financial statements.
• Non current assets
Storm appears to have accidentally disposed of a windmill in the year and three others show
signs of being impaired. The auditors must ensure that the disposal has been correctly
accounted for and appropriate disclosures made. The auditors must also ascertain whether
Storm has conducted an impairment review and if so, whether it is appropriate and
reasonable.
• Going concern
The loss of the windmills is likely to affect operations in the foreseeable future. However, as
the vast majority of the power is for private consumption, it is likely that the other customers
will still be serviced.
More importantly, the auditors must assess whether the generator is in danger of being
affected by the erosion as this will have a severe impact on the going concern assumption. It
should be noted that the millionaire appears happy to finance the loss making business but
without a generator, the business would cease.
• Cracked pipe line
The auditors need to assess whether this cracked pipe line gives rise to any obligation to
provide a provision for repair costs.
It is uncertain whether the crack will result in an oil spill and resulting environmental costs
and the auditors may need to obtain the opinion of an expert engineer as to the likelihood of
that happening. If contamination is possible or probable, there may be a contingent liability
arising in respect of fines, compensation or clean up costs. The impact of any such
provisions could have a serious effect on the company’s ability to continue as a going
concern.
Page 232
s
• Investment
Storm is a co owner of the pipeline. The auditors need to examine the details of this
investment to determine whether the pipeline is a non current or current assets or whether it
would constitute a joint venture.
Solution 15.1
1. Planning issues
Engagement letters
The audit firm needs to ensure that every entity that it audits is covered in an engagement
letter so there is no confusion over the audit that is undertaken. ABC Ltd requires a new
engagement letter itself because of the radical overhaul of its business and the impact that it
will have on its own audit.
Impact on ABC Ltd individual accounts
• Accounting for the investments in subsidiaries.
The auditors need to establish what the credit accounting entries were in ABC Ltd’s
financial statements. If the trade and assets have been transferred, ABC Ltd’s balance
sheet is likely to be substantially different from the previous year. As the firm were
probably involved in the reconstruction and may have advised the journals, this
information should be available at the firm.
• Profit on sale.
The auditors need to establish whether a profit or sale was made on the transfer of
assets to the subsidiaries, as this may require special disclosure under IAS 8.
• Other items requiring special disclosure.
The auditors should consider whether any costs of reconstruction e.g. legal fees or
accountancy fees represent exceptional costs under the requirements of IAS 8. If this
were the case, these would also require special disclosure.
• Discontinued operations.
Disclosures should be made in the previous year’s accounts for discontinued
operations under IAS 35. This should be checked in the comparatives for this year.
• Accounting for the investments in a joint venture.
In the individual financial statements of ABC Ltd, this should be accounted at cost.
The auditors will need to check that the joint ventures qualify as a joint venture
accounting purposes under the requirements of IAS 31.
New subsidiaries
The audit firm will have to ensure that financial statements are being drafted for the new
subsidiaries and that these are to be audited. They will have to determine an audit approach
for these new audits. It is likely that they will be able to make use of analytical evidence
Page 233
s
from the previous business of ABC Ltd, so while these will be the first year audits in many
ways they will not be as risky as first year audits can be.
Related party transactions
In the individual company accounts there may be some related party transactions, which
require disclosure under IAS 24. Some subsidiaries are not required to make disclosures. If
ABC Ltd’s parent accounts are published with the group accounts the parent does not have to
make disclosures either.
The relationships between the companies and directors and the ultimate controlling party will
all require disclosure in the accounts. When the accounts are consolidated, inter-company
trading will drop out, but the controlling party will still require disclosure.
Consolidation
• Required? The audit firm must determine whether the group will be required to
publish group accounts. This will depend upon its size. If it qualifies as a small
group, it may be exempt.
• Audited. If the company is required to produce group accounts then the consolidated
accounts must be audited.
• Other auditors. See below.
• Accounting. The subsidiaries will require consolidating into the results of the group.
The joint investment should be included in the group accounts using the equity
method. Inter-company transactions will have to be stripped out.
• Drafting. The audit firm should determine who is to draft any required group
accounts, in case the client would like them to. This would have to be included in the
engagement letter and would also impact upon new fee quotes for the group.
Arrangements with the other auditors
• Evaluation.
The firm is the principal auditor for the group, so it will need to evaluate the second
audit firm (David Beckham and co) to assess to what degree it is happy to rely on the
audit of AC designs. It will need to satisfy itself particularly that the audit is going to
be objective and independent, due to the personal relationship between the audit
partner and director of the firm. The firm may feel that the relationship is far too
close, the audit will not be objective, in which case they would have to discuss this
matter with the directors of AC designs.
• Procedures.
If the auditors are happy that the audit will be objective and they are satisfied with the
qualifications, resources and reputation of the other auditors, they will then have to
discuss the procedures and audit approach with the other auditors.
• Timing.
The principal auditors will also need to outline the deadlines that they are working to
so the time requirement for the audit of AC designs to be completed.
Costs and time budgets
As the group is new, it is difficult to determine the time that will be taken to complete the
audit of the group and this may impact upon the fee. The engagement partner should discuss
Page 234
s
the fee level with the directors and possible arrange a margin by which it might rise, as it
becomes apparent how long the audit will be.
The auditors will require good time budgets upon which to base future audits and billings.
The audit plan should require that very detailed time records are maintained in particular,
outlining time spent in the main because the audit of the group was new and on the
restructuring.
2. Audit of a consolidation
• Check the transposition from the audited accounts of each subsidiary/associate to the
consolidation schedules.
• Check that the adjustments made on consolidation are appropriate and comparable with
the previous year. This will involve recording the dates and costs of acquisitions of
subsidiaries and the assets required. Calculate goodwill and pre-acquisition reserves on
consolidation. Prepare an overall reconciliation of movement on reserves and minority
interests.
• Check for acquisitions. Check whether acquisitions or merger accounting has been
appropriately used, the appropriateness of the date used as the date of acquisition, and
the treatment of the results of investments acquired during the year. If acquisition
accounting has been used, check that the fair value of acquired assets and liabilities is
reasonable to ascertainable market value by use of an expert. Check goodwill has been
calculated correctly and if amortised period of amortisation is reasonable.
• Check for disposals. Check the appropriateness of the date used as the date for
disposal. This can be agreed to sales documentation.
• Check whether the results of the investment have been included up to the date of
disposal and whether figures used are reasonable. Audited figures may not be available
and management accounts may have to be to be used.
• Consider whether previous treatment of existing subsidiaries or associates is still
correct considering influence and degree of control.
• Verify the arithmetical accuracy of the consolidation workings.
• Review the consolidated accounts for compliance with the law and standards and other
relevant regulations. Care will need to be taken where:
- Group companies do not have coterminous accounting periods
- Subsidiaries are not consolidated
- Accounting policies of group members differ because foreign subsidiaries
operate under different rules
• Other important areas include:
- Treatment of participating interests and associates
- Treatment of goodwill and intangible assets
- Foreign currency translation
- Treatment of loss making subsidiaries
- Treatment of restrictions on distribution of profits of a subsidiary
- Review the consolidated accounts to confirm they give a true and fair view.