ACCA Paper F8

ACCA Paper F8
Audit and Assurance

(INT)

December 2011 Exams
Syllabus
A Audit framework and regulation
B Internal audit
C Planning and risk assessment
D Internal control
E Audit evidence
F Review
G Reporting
Examiner and Exam Format

Question 1 Application of audit procedures to a scenario 30
Question 2 Short factual questions on ISAs and other
knowledge-based areas
10

Question 3 20
Questions with short practical scenarios
Question 4 covering topics such as: internal audit, risk 20
assessment, planning, controls, evidence,
Question 5 conclusions and reporting 20

Total 100
Chap 1
Definition of an audit
An audit is the independent examination
of the financial statements of an entity
by a duly appointed auditor.

Once the examination is done, the
auditor provides a report to the
shareholders that the FS show a ture
and fair view.
Objective of an audit
Auditor to state an opinion as to whether
the FS:

Give a true and fair view

Are prepared in accordance with applicable
frameworks
Types of external audits
Statutory
Required by law to undertake an audit (all
public and large companies)

Non-Statutory
No legal requirement to do so.

Reasons to undertake a non-
statutory audit
Providing assurance to the owners over financial
results

Making accounts more acceptable to tax
authorities

Making a sale of the business more easy

Providing assurance to those providing finance
to the business

Accountability, stewardship and
agency.
Stewardship: someone is responsible of
taking care of something on behalf of
another person. Ex. directors.

Accountability: people in positions of power
can be held to account for their actions.

Agency: where an agent acts on behalf of a
principle to perform tasks for them.

Materiality
If the omission or misstatement of an item
in the FS could influence the economic
decision of users, that item is said to be
material.
Errors found by an auditor in the FS could
be substantial, influencing the decision of
the investors. Hence such an error is
known as a material misstatement.

Types of assurance engagements:
The framework permits only 2 types of
assurance engagement:

reasonable assurance engagement)
limited assurance engagement)
Reasonable assurance
engagement
Auditor gathers sufficient evidence to conclude
that the subject matter agrees in all material
respects to the agreed criteria.

The assurance given is in the form of positive
assurance, meaning that in their opinion, the
subject has been prepared in accordance with
the criteria required.

Reasonable assurance engagements provide
high level of assurance.
Reasonable assurance
engagement
An example of a reasonable assurance
engagement is an audit.

Auditor gives his report in the form of
positive assurance
The financial statements have been prepared
in accordance with applicable legislation and
standards
Limited assurance engagement
Auditor gathers sufficient appropriate audit
evidence to be satisfied that the subject matter is
probable in the circumstances.

Report given in the form of negative assurance
Nothing has come to our attention that causes us to
believe that the financial statements are not prepared
(in all material aspects) in accordance with an
applicable financial reporting framework.

Limited assurance engagement
Limited assurance engagements provide moderate
assurance.

An example of a limited assurance engagement is a
review. A review engagement is undertaken b an
auditor using less evidence than required by an audit.

The users of the review report will be those who have
commissioned the review, example banks, and not
the shareholders.
Chap 2
Regulatory environment
International Federation of Accountants:
Serves to strengthen the profession worldwide
Serves the public interest, and
Promote adherence to high quality standards.

International Auditing and Assurance Standards
Board:
Subsidiary of the IFAC and sets International
Standards on Auditing.
Duty of auditors
Form an opinion as to whether the FS
provide a true and fair view, and prepared
in accordance with applicable accounting
standards.

Prepare and issue a report.

It is the management of the company who
has the responsibility of preparing the FS.
Benefits of statutory audits
Investors more able to rely on the information
provided in the FS
Management able to verify that the systems /
controls in pace are effective
Management are less likely to undertake
fraudulent activities if they know that an audit is
to take place
Auditor will highlight any weaknesses in a
management letter.
Appointment, resignation and removal
Appointment

Member of a recognised supervisory
board ex ACCA
Allowed to act as an auditor by that board
Or
Directly authorised by the state
Appointment

Resolution at each general meeting (re-
appointment not automatic).

Directors pre first GM and to fill casual
vacancy.

Exclusions by law

Those involved with the management off a
company cannot audit it:
Directors
Employees
Business partners
Removal

Special notice sent to auditor
Auditors can make representations about why they
should stay in office.
If resolution passed, company must notify regulatory
authority.
Auditors must deposit statement of circumstances at
companys office + sent to regulatory authority.
Auditors can receive notice and speak at GM where their
term of office would have expired.
chap3

Corporate Governance
Corporate governance system by which
companies are directed and controlled.

Corporate governance - concerned with
matters such as directors responsibilities, board
of directors, audit committee and relationship
with external auditors.

The focal point of corporate governance is to
ensure that companies are run in the interests of
their shareholders and the wider community.
OECD: Principles of Corporate Governance
Ensuring the basis for an effective corporate governance
framework
making sure everyone involved is aware of their individual
responsibilities so no party is in doubt as to what they are
accountable for.
The rights of shareholders
management should recognise that they are agents of the
shareholders and act in their interests.
The equitable treatment of shareholders
All shareholders should be treated fairly and in a just manner.
The rights of stakeholders
The corporate governance framework encourage active cooperation
between the entities and stakeholders in creating wealth, jobs and
the sustainability of financially sound entities.

OECD: Principles of Corporate Governance
Disclosure and transparency
The corporate governance framework should ensure that timely
and accurate disclosure is made on all material matters
regarding the entity, including the financial situation,
performance, ownership and governance of the entity.
Responsibility of the board
The corporate governance framework should ensure the
strategic guidance of the entity, the effective monitoring of
management by the board, and the boards accountability to the
entity and its shareholders.
Combined Code of Corporate Governance
The Board
Should meet regularly
Rigorous/transparent nomination process
Directors to submit for re-election
Roles of chairman and CEO to be separate
Board should establish a sound system of
internal control
Audit committee should be established
Consider the need for internal audit
Corporate governance in action
Segregation of roles
Chairman of the board and CEO must be
different people.

Chairman:
Ensures full information and
discussion at board meetings
Runs the board of directors
CEO:
Ensures the operational
functioning of the company
One person might end up having too much power and decisions might be
taken which are not in the best interest of the shareholders.
Audit committees - structure
At least one member should have relevant
financial expertise.
At lest 2 NEDs for smaller companies, and 3
for larger ones.
Listed companies should have and audit committee with at least 3 NEDs
Audit committees - role
To improve the quality of financial reporting and
increase the confidence of the public in the FS
Assist directors in meeting their responsibilities in
respect of financial reporting.
Provide a channel to external auditors to report
concerns or issues.
Review the companys internal control systems
Strengthen the position of internal audit by providing
greater independence from management.
Audit committees - advantages
Provides the internal audit function with an
independent reporting mechanism. Without this
management may be tempted to hide unfavourable
reports.
leaves top management free to manage by providing
expertise on financial reporting
Ensures that corporate governance requirements are
brought to attention of the board
Ensure that proper internal control systems are
maintained.
Communication between directors, external audit and
management is facilitated.

Audit committees - disadvantages
Finding NEDs with the necessary expertise
may be difficult
Additional costs will be involved

Chap 4

PROFESSIONAL ETHICS AND
ACCAS CODE OF CONDUCT

ACCA sets out a code of ethics for
members and disciplinary action is taken
against those who fail to uphold them.

The fundamental principles are the following:
Integrity
Members should be straightforward and honest in all
business and professional relationships
Objectivity
Members should not allow bias, conflicts of interest or undue
influence of others to override professional or business
judgements.
Professional competence and due care
duty to maintain professional knowledge and skill at a level
required to ensure that a client or employer receives competent
professional service


Confidentiality
respect the confidentiality of information acquired as a result
of professional and business relationships and should not
disclose any such information to third parties without proper or
specific authority or unless there is a legal or professional
right or duty to disclose

Professional behaviour
Members should comply with relevant laws and regulations and
should avoid any action that discredits the profession.

Threats to objectivity

Five potential threats are identified in the
ACCAs code of ethics. Safeguards are
suggested in order to counter each of the
threats.

1. Self interest - when the auditor has either a financial or
personal interest in the client.

Examples:

Dependence on client
If a client makes up too high a percentage of an auditors income, they
may be afraid of losing the income.

Safeguard If a Listed company makes up more than 10% of a firms
income, they should not audit that client. (15% for non listed
companies)

1. Self interest

Examples:

Lowballing
Lowballing is setting a very low fee either to attract new clients or
ensure further work.

Safeguard Auditors should not set fees in this way, the fee must be
based on a pre-determined level of work required.

1. Self interest

Examples:

Loans, Guarantees and overdue fees

If an auditor fears he may not get such items paid back his objectivity may
be threatened. In this case significant overdue fees constitute a loan.

Safeguard Do not offer loans, guarantees or allow fees to go unpaid for
a significant time.

1. Self interest

Other Examples:

Hospitality and Benefits
Contingent Fees
Financial or Business interest
Financial interest such as shares etc.

2. Self review threat - if an auditor provides other services
to a client such as Tax advice, then the auditor will be
reviewing their own work during the course of the audit.

Examples:
Accounting Services

If an auditor prepares the accounts it is 100% sure that they will be reviewing
their own work. They may be tempted to hide errors to save face.

Safeguard - Auditor must not undertake accounting services for a client is they
are a LISTED company.

2. Self review threat

Examples:
IT
If the auditor advises on or installs accounting software for a client this will have
to be reviewed during the audit.

Safeguard - If the IT system is important to a significant part of the accounting
system, the auditor should not design, provide or implement it.


Examples:
Valuation Services

A valuation made by the auditor could have a material effect on the financial
statements.

Safeguard If valuation requires a degree of judgement and have a material
effect on the financial statements, then the auditor should not undertake to
provide it.


Examples:
Valuation Services

A valuation made by the auditor could have a material effect on the financial
statements.

Safeguard If valuation requires a degree of judgement and have a material
effect on the financial statements, then the auditor should not undertake to
provide it.


Other Examples:
Tax Services
Corporate Financial Services
Internal Audit Services
Former Employee of Client joining Audit Firm

3. Familiarity threat - If the auditor is too familiar with the
client, then this may give rise to a familiarity threat.

Examples:
Participation in Client Affairs

The auditor may be too familiar with the client and be unwilling to
upset them.

Safeguard Auditor cannot be a director, employee or business
partner of client. Cannot be part of team if have been one of these in
the last 2 years.

3. Familiarity threat

Examples:
Family/Personal Relationship

An auditor may be unwilling to criticise or upset a family member if
they work for the client.

Safeguard No member of the audit team may have a family member
or close personal relation in the client firm.


Examples:
Audit Partners joining client

If a partner joins the client firm this may affect the judgement of the
auditors involved.

Safeguard All links to audit firm severed. Removed from audit team
as soon as appointment made. If made director or key management
and has worked for auditor in previous two years the audit firm must
resign. (Can be reappointed after 2 yr period is up).

Examples:

Acting as Auditor for prolonged period

If a partner has acted as auditor for a client for too long a period, they
may become complacent or over familiar with them.

Safeguard - If client is listed company engagement partners should
act for maximum of 5 yrs with 5 yr break in between rotations.

A Key audit partner must have a break of 2 yrs after a period of 7 yrs
and senior staff on listed audits should also not act for more than 7
yrs. For non-listed clients it is advised that partners act for no longer
than 10 years.

4. Advocacy threat - Advocacy threat is where an auditor
represents the client or is involved in representing
them.
Examples:

Legal Services

If an auditor provides legal services, they may be perceived to take
the same view as the client and therefore lose independence.

Safeguard No legal services to be offered to client or defence in
dispute material to the financial statements.

4. Advocacy

Examples:

Corporate Financial Services

May be seen to be less than independent if advising on such matters

Safeguard Dont negotiate on clients behalf with the bank or advise
on debt restructuring

5. Intimidation threat

Intimidation threat is simply what it says, i.e. that the
auditor feels unable to give an independent opinion for
fear of losing the client or upsetting someone. The
safeguards will be the same as those outlined above.

Dealing with Threats
The way in which an audit firm should deal with potential
threats to independence is to have in place procedures
to:

Identify any potential threats
Evaluate what level of risk they pose
Check that necessary safeguards are in place
Correct any problems if necessary.

Confidentiality

Information should only be disclosed by auditors:

If the client has given their consent
Under a legal obligation e.g. money laundering,
terrorism, drug trafficking
If required by regulatory body e.g. FSA
Under a court order
If in the public interest e.g. environmental pollution.

Engagement letters
Define auditors responsibilities
Written evidence of auditors acceptance
Send to board of directors/or audit
committee prior first audit
Identify any reports to be produced in
addition to audit report
Update for changes
Engagement letters
Contents:

Objective of audit
Management responsibilities
Applicable reporting framework
Test nature inherent responsibilities
Unrestricted access to records
Confidentiality of reports
Planning
Fees
Role of Internal audit
Chap 5

Internal audit

A department within the company which
oversees internal control systems and
ensures that procedures are in place to
ensure good corporate governance.
Internal audit
Provides assurance to the board by:

Reporting on and monitoring the effectiveness of internal controls.

Assisting with implementation of required accounting standards.

Ensuring that laid down procedures are being followed.

Liaising with external auditor to reduce time and expense of external audit.

Ensures compliance with OECD Principles.
Internal audit
One of the key concepts surrounding internal audit is the
independence of internal audit from management.

Ways to keep internal audit independent are to:

Have them report to an independent committee i.e. the Audit
Committee.
Ensure that the internal audit function is well regarded by
other departments.
Have a whistle blowing function for internal audit to report
serious misconduct when found.

Outsourcing of Internal audit
Advantages
The provider will have specialist
staff.
Cost of employing and training
full time staff is avoided.
Outsourcing provides an
immediate internal audit
department.
The time scale is flexible with the
contract for the appropriate time.
Independence may be improved.
Audit methodology and
technologies will be up to date.

Disadvantages
If Internal and External audit are
provided by the same firm (prohibited
under ethics rules in UK) then there
may be a conflict of interest.
Independence may not be ensured by
outsourcing due to threat of
management not renewing the
contract.
The cost of outsourcing may be so high
as to encourage the firm not to have an
internal audit function at all.
Lack of understanding of firms culture,
objectives and attitudes.
The standard of service provided
cannot be controlled.
Blurring of the distinction between
internal and external audit function.

Types of Internal audit
assignments
Value for Money

Value for money can be broken down into 3 sectors:

Economy: Are goals achieved at a minimum cost (still paying attention to
quality)?
Efficiency: Are resources being used to maximise output?
Effectiveness: Are objectives being achieved?

These three areas can be thought of as Input Process Output.

Inputs Economy As cheap as possible given quality
Process Efficiency Perform the process as efficiently as possible
Outputs Effectiveness These match objectives set

Chap 6

ISA 200 Overall Objective of the
Independent Auditor

To obtain reasonable assurance, the
auditor shall obtain sufficient
appropriate audit evidence to reduce
audit risk to an acceptably low level.

Audit risk = the risk that the auditor
expresses an inappropriate audit
opinion.
ISA 200 Overall Objective of the
Independent Auditor

In order for the auditor to reduce audit
risk he identifies the areas which are
more likely to be risky, and then he
plans the audit testing accordingly.
The need to plan
- required by ISA 300 to plan the audit so
that the engagement will be performed in
an effective manner.
- planning will make the audit address
salient issues and hence less time is
wasted.
- ensuring the correct audit team is in
place
- the team is working efficiently
ISA 300 Audit planning
The audit plan involves a number of
activities:

Risk Assessment - the identification of risk will
determine the entire audit process

Audit Strategy - The audit strategy sets out the
scope, timing and direction of the audit.

The scope of the audit will be determined by the
reporting framework applied as well as any industry
specific requirements

The timing of the audit will set out any deadlines
applicable and the dates of the interim and final audit
visits.

The direction of the audit will be determined by the
identification of high risk areas and materiality.

Prevention and detection of fraud is the responsibility of management.

The risk of fraud is important to the auditor because it may lead to a
material misstatement.

This will impact the audit strategy in the following ways:

Testing may be focused on the areas in which fraud is suspected.
The auditor may choose not to rely on the representations of management if
they are suspected of involvement in fraud.
Materiality may be reduced.
Evidence provided by the client may not be relied upon.
The auditor may have to generate more 3
rd
party evidence.

Knowledge of the business - KOB
Auditors are required to obtain an
understanding of their clients, their
business and their internal controls.

The purpose is to identify the risks that the
business is exposed to and how these
could lead to a risk of material
misstatement in the financial statements.

Knowledge of the business - KOB
This generally includes:
Industry and regulatory factors;
Operations of the entity;
Ownership and governance structures;
Type of investments it makes;
Accounting policies used by the entity;
Entitys objectives;

Where to get the info from?

Information from the audit firm ex. partner;
Information from external sources ex.
newspaper;
Information from past audits;
Information from the client ex. website;

Understanding the entity and its
environment
We are required to:
Make enquiries with management and
others within the company;
Analytical procedures;
Observation and inspection.

Analytical procedures

Evaluation of financial information, used in:
Planning stage of the audit;
Testing stage of the audit;
Review stage of the audit;


They incorporate the comparison of:
Current and prior year figures;
Current and budgeted/forecast figures;
Client and industry averages.

At the planning stage analytical
procedures are useful to gain an
understanding of the clients performance
over the last 12 months and to identify any
changes.
Chap 7

ISA 320 Materiality

Information is material if its omission or
misstatement could influence the
economic decisions of users taken on the
basis of the financial statements.
ISA 320 Materiality

Materiality is important to the auditor
because if a material item is incorrect, the
financial statements will not show a true
and fair view.
ISA 320 Materiality

Establishing materiality:

(1) 0.5-1% of turnover
(2) 5-10% of profit before tax
(3) 1-2% of total assets
Prevention and detection of fraud
and error

ISA 240 recognises that misstatement in the
financial statements can arise from fraud
or error. The first one being intentional
and the latter being unintentional.
Fraud

Fraud can be split into 2 types:

Fraudulent financial reporting
Misstating the accounts of the company
Misappropriation of assets
Theft of companys assets
The auditors responsibility
Obtaining reasonable assurance that the
financial statements are free from
material misstatement, either due to
fraud or error;
Communicate any identification of fraud
to management;
The directors responsibility
Prevent and detect fraud;
Implement an effective system of internal
control;
Chapter 8
Risk assessment
Audit risk

The risk that the auditor expresses an
inappropriate opinion on the financial
statements.
Risk assessment
Audit risk:

Inherent risk x control risk x detection risk
Inherent risk
This is the risk related to the nature of
the activities of the company.
Considered in the planning stages of the
audit.
Inherent risk
Examples:
Consumables
Auditor might be concerned about items being expired

Clothing
Auditor might be concerned about items becoming out of
fashion

Electronics
Auditor might be concerned about stock becoming
obsolete
Control risk
Risk of material misstatement due to
inadequate internal controls within the
business
Control risk
Examples:
No segregation of duties
No controls over assets
No controls over IT
Large number of signatories
Detection risk
The work carried out by the auditor does
not uncover a material misstatement that
exists
This may be due to sampling and non-
sampling risk
Detection risk
Sampling risk

The risk that the conclusion reached
because of a sample being taken would
differ from the conclusion given had the
whole population been tested.

i.e. the sample taken was not correct!!!
Detection risk
Non-sampling risk

The risk that the conclusion reached by the
auditor would be incorrect due to factors other
than the sample being taken.

Example:
Procedures used
Interpretation of results

Affecting audit risk

Auditor cannot affect inherent risk or control
risk as these are internal to the client.

Affecting audit risk

If the auditor assesses both the inherent
risk and control risk as being high, he
has to make sure that detection risk is
low, so as to even out the other results.

Reducing detection risk

Increase amount of tests
Increase sample

Chap 9

Internal Control Systems

Controls set up by the management of a
company to carry out the business of the
company in an orderly and efficient
manner.

The purpose of internal controls is to help
prevent fraud and errors which would
make the accounting information incorrect.

strong controls by the entity

=

auditor relies on info. produced

Components of an Internal Control
System
1 - Control activities

Approval and Control of Documents (approval by senior
management)
Controls over IT (passwords etc)
Reconciliations
Arithmetical Accuracy
Control Accounts
Restricted access to physical assets
Compare physical counts with accounting records
Segregation of Duties

System
2 Risk assessment

Management should be undertaking regular risk
assessments to ensure that all risks are identified and
mitigated.

System
3 Information system

The auditor must obtain an understanding of the
information system, including the related business
processes, relevant to financial reporting.

The auditor must decide what areas of the information
system are relevant to the financial reporting of the entity
and only concentrate on those systems.

System
4 Monitoring of controls

Controls may be monitored either by management or by
the internal audit function if one exists.

The auditor may be able to rely on some of the work of
internal audit, but must first gain an understanding of
how controls are monitored and how effective the
monitoring is.

System
5 The control environment

The control environment refers to the framework around
which the controls of the organisation operate.

Management attitude will largely determine the nature of
the control environment.

Controls over IT systems
(i) General controls

protect the system by restricting access through
passwords, usernames etc. Other general controls will
include back-up procedures, controls over changes to
the system or software, controls to prevent access to
sensitive data.

Controls over IT systems
(ii) Application controls

specific control procedures over the accounting
applications that are built into the system. They will
include checks to ensure the arithmetical accuracy of
transactions as well as controls preventing the reversing
of transactions

Chapter 10

Internal control and the audit

Tests of control test the systems in place by determining whether
the controls over it are sufficient or not. If the control in place is
strong, then the auditor is able to place reliance on the information
generated by that particular system.

Substantive procedures on the other hand are procedures to gain
direct assurance over a figure in the financial statements

Internal control fraud and error

If the auditor decides that the internal controls are strong, this may
mean that they may not have to gain less evidence from other
sources.

Chapter 11

Specific internal controls - Revenue
Taking orders
CONTROL OBJECTIVE CONTROL PROCEDURE
Orders should be raised
accurately.

The customer should be
credit worthy.

Credit limits should not be
exceeded.

The company should be able
to fulfil the order.

All orders should be in writing from
customer or confirmed with customer.

All customers undergo credit checks.

Credit limits should be checked before
accepting an order.

Inventory should be checked before issuing
an order.

Dispatch of goods
All orders should be sent
to the warehouse.

The goods required
should be in inventory.

The correct goods
should be sent to the
correct customers.
Order pads or computer generated
orders should be sequentially
numbered to ensure none go
missing.

Goods should be selected from
inventory using the customers order.

The order should be authorised and
signed when goods selected.

Match GDN with customer order.

Customer signs GDN & returns to
company.

GDN recorded and filed with
sequential numbers.
Raising invoice
An invoice should be
raised for all
deliveries.

The invoice should be
for the correct
amount.

Any credit notes
should be valid and
authorised.
GDN sent to invoicing dept. Invoice
raised to match and copy attached to
GDN and filed sequentially.

Order agreed to GDN. GDN agreed
to invoice.

Invoice agreed to price list.

Above checked and signed by person
in authority.

All credit notes allocated and copy
attached to invoice to which it relates.

All credit notes authorised by line
manager.
Recording of the sale
All sales should be
recorded.

The correct amount
should be recorded for
each sale.

The sale should be
recorded against the
correct customer.
Review debtors ledger for credit
balances where invoices may not
have been recorded.

Reconcile the debtors ledger.

Check all entries to invoices

Send out statements to all customers
regularly.
Receipt of payment
All customers should pay the
correct amount.

All invoices should be paid.

All receipts should be
recorded.

The correct amount should be
recorded.

The payment received should
be allocated to the correct
customer.

All money banked promptly.
Cash received agreed to invoice.

Review aged listing and investigate old balances.

Chase up old outstanding amounts.

Perform regular bank reconciliations

Lodge cash and cheques to the bank regularly.

Ensure that segregation of duties exists

Review customer statements.

Retention of customer remittance details
Specific internal controls -
Purchases
Raise requisition and place order
The requisition should be for a
valid business reason.

The cost of the requisition should
be reasonable.
Items should only be
requisitioned when required.

Orders should be raised for all
requisitions.

Line manager authorises all requisitions.

All purchasing is centralised.

Suppliers used are approved.

Inventory levels checked before ordering.

Sequentially pre-numbered requisition pads with
order matched to requisition.

Orders confirmed in writing.

Check price is the same as price list being used.

Purchases
Goods received
For all orders that are made, the
goods are actually received.

The goods should be the correct
goods as ordered.

The quality of the goods should
be acceptable.

The quantity of goods received
should be as ordered.
All goods received are delivered to one area which is
secure.

Records are updated as soon as the goods arrive.

Sequentially numbered purchase order matched to the
GRN and checked correct.

Inspect the goods received to ensure quality and
quantities.

Sign and authorise GRN
Purchases
Receipt of invoice
Invoices should be received for
all goods received.

All invoices received are for
valid purchases.

All invoices have the correct
items, quantities and prices.

All invoices should be
arithmetically correct.

When goods received a copy of the
GRN (sequentially numbered) sent to
invoicing dept. and matched to invoice.

Items checked to invoice to ensure
validity.

Invoice checked, signed and authorised
for payment.

Purchases
Recording of the purchase
The correct amount should be
recorded for all purchases.

All purchases should be
recorded.

The transaction should be
recorded in the correct supplier
account.
All invoices checked and stamped.

All invoices filed away should
therefore be stamped.

Suppliers statements should be
reconciled regularly

Reconcile purchase ledger control
account.

Purchases
Payment to supplier
All invoices should be paid.

All invoices should be paid on
time.

All invoices should be paid only
once.

All invoices should be paid at
the correct amount.

All payments should be for valid
business expense.
All invoices stamped as paid when
done.

Ensure system in place to pay on
time to retain credit limits and supplier
goodwill.

Ensure stamped invoice is not paid
again by keeping separate once paid.

Vouch payment amount to invoice
amount.

All invoices should be authorised
before payment.

All payments should be authorised.
Specific internal controls - Payroll
Timesheets submitted
All of the sheets or cards
should be received.

All sheets or cards
should be valid

All of the hours
submitted should have
been actually worked.
The number of sheets or cards
should be counted to ensure the
number matched the number of
employees.

Access to additional sheets or cards
should be restricted.

All sheets and cards should be
authorised by line managers.
Inputting of information
All information should be
input with none missed
or omitted.

Information should be
input accurately.

No information should
be included twice.

No bogus employees
should exist.
Totals should be checked.

Sheets should be signed once input.

No duplicate employees should be
possible on the system.

Passwords and usernames should
restrict access to data.

New employees should only be set
up on the computer by a senior
manager.

Segregation of duties should exist.

Standing data / date kept for long term inputted
Payments to leavers
should cease once
they have left.

The data on the
system should be
accurate.
Managers should authorise and
promptly inform the payroll dept of
leavers and joiners.

Regular checks of standing data
should be undertaken by senior
management.

Forms should be signed to verify
leavers/joiners are recorded on the
system.

Changes should be authorised by
senior member of staff.
Processing and recording of payroll
The payroll calculations should
be correct.

The correct wages, PAYE &
NICs should be recorded on the
system.

A sample printed out and checked
manually.

System produces report automatically
for over/under payments.

Print out signed by clerk to confirm
accuracy.

Senior management review to ensure
reasonable.
Payment made to staff
All staff should
receive payment.

No bogus employees
should be paid.

The correct amount
should be paid to
staff.
If cash wages are paid ensure that
two people are present when
payment is made.

BACS summary should be reviewed
by manager and authorised prior to
payment.

List of BACS payments should be
reviewed to verify all payments made.
Inventory
Goods arrive into inventory
All goods should be
protected from theft on
arrival.

New deliveries should
be kept separate from
returns.

Goods received should
be of suitable quality.

Inventory should be
recorded.

Only inventory ordered
should be accepted.

Locations kept secure with access
restricted.
Separate areas for new deliveries
and returns.
Goods checked for quality on arrival.
Purchases cycle controls should be in
place. (see above)
Inventory
Inventory stored until needed
Inventory should be
stored safely and
securely to ensure
good condition.
Oldest inventory
should be used first
to prevent
obsolescence.
Inventory should be
protected from theft.
Ensure that storage area is
weather proof, has fire
protection and is at the correct
temperature.
Ensure inventory system is
based on FIFO.
Access to stores should be
restricted.
Warehouse should have a single
secured exit.
Inventory
Materials leave stores to go to production
The correct
amount of
inventory should
be sent to the
production
centre.
The correct type
of materials
should be sent.
The production manager
should authorise all
requisitions from stores.
Requisition orders should be
checked to goods sent out.
Standard quantities of
materials could be used.
Inventory
Finished goods sent to customers
The correct
goods should be
sent.
Quality should be
maintained.
Records should
be updated
promptly and
accurately.
The same procedures as the
sales cycle apply here.
Inventory
Inventory is counted
The count should
be accurate.

Counted areas marked to
prevent double counting.
Managers check accuracy by
spot counts.
Counting done in pairs.
Employees dont count areas
they are responsible for.
Count sheets sequentially
numbered.
Controls over inventory arrivals
during the count.
Specific internal controls - Cash
Cash amounts should be safeguarded
Cash should be
locked in safe.
Access to cash
restricted.
Security
movements for
large amounts.
Banking
times/routes
varied.
Perform surprise cash count.
Ensure only authorised staff
have access to cash.
Check sequential numbering
of cash receipts.
Check mail is opened by two
members of staff to reduce
the chance of fraud.
Cash held at premises is kept to a minimum
Cash should be
banked regularly.
Cash balances in
tills should be
emptied regularly
Check all cash lodged intact
to bank regularly.
All lodgements are
authorised.
Examine bank reconciliations
and ensure regularly
performed.
Investigate old outstanding
items.

Withdrawals authorised
Limited number of
authorised signatories.
Banking online should have
restricted access.
Cheques should not be
signed in advance.
Cheque books should be
kept under lock and key.
Cheque book should be reviewed to
ensure no cheques are missing and no
cheques are signed in advance.
Verify that cash payments are
arithmetically correct.
Direct debits should be consistent and
authorised.
Petty cash balances should be counted
and checks made that controls are in
place over petty cash.
Chapter 12

Reporting control weaknesses
If management are interested, the auditor
can also offer to provide what is called a
MANAGEMENT LETTER whereby
weaknesses in the controls of the
company are highlighted.

The weaknesses highlighted in this letter
are those found during the audit testing
and not necessarily all the weaknesses in
the controls of the company.

It should be highlighted that:

The list only includes weaknesses that came to light
during the audit
The report is for the sole use of the company
No disclosure should be made to 3
rd
parties without prior
notification to the auditor
No responsibility is assumed to other parties.

the structure of the report will be as follows:

(i) WEAKNESSES
(ii) CONSEQUENCE
(iii) RECOMMENDATION

Chapter 13

Audit evidence
ISA 500 mentions that different
assertions apply to different figures in
the financial statements. These
different figures include:

Transactions and events
Account balance
Presentation and disclosure


Mainly, figures relating to transactions and
events relate to entries which are reflected
in the statement of comprehensive income
/ income statement.

Account balance
Items found in the balance sheet

Presentation and Disclosure
The notes to the accounts, which
incorporate how the financial statements
have been presented and items disclosed.

COMPLETENESS: all transactions that should have been recorded,
have been recorded.

OCCURRENCE: transactions which have been recorded, have occurred
and pertain to the company.

CUT-OFF: transactions have been accounted for in the proper accounting
period

CLASSIFICATION: transactions have been recorded in the proper
accounts

ACCURACY: transactions have been recorded appropriately

Account Balance
COMPLETENESS: all assets, liabilities and equity
that should have been recorded, have been recorded.

EXISTENCE: assets, liabilities and equity really exist

RIGHTS AND OBLIGATIONS: the company has
a right over the asset and the obligation over the liability

VALUATION: assets, liabilities and equity are correctly
valued in the financial statements

Presentation and Disclosure
COMPLETENESS: all disclosures that should have
been disclosed, have been disclosed.

OCCURRENCE: disclosed events have been
recorded and pertain to the entity

CLASSIFICATION: disclosures are appropriately
presented and expressed.

ACCURACY: disclosures have been disclosed
appropriately

How to test these assertions.
INSPECTION OF RECORDS/TANGIBLE ASSETS invoices,
contracts etc.

OBSERVATION observation of events like mail opening, stocktake
etc

ENQUIRY asking management, accountant, staff.

CONFIRMATION contacting third parties

RECALCULATION example depreciation, accruals.

RE-PERFORMANCE redo procedures like stock take, reconciliations

ANALYTICAL PROCEDURES comparing the figures.

How to test these assertions
COMPLETENESS

Inspection of records
Analytical review
Recalculation
confirmation

RIGHTS AND OBLIGATIONS

Confirmation

VALUATION AND ALLOCATION

Recalculation
Confirmation

EXISTENCE

Inspection of assets
Confirmation

OCCURANCE

Inspection of assets
Enquiry

ACCURACY

Re performance
Analytical review
confirmation

Chapter 14

Audit evidence
ISA 500 states that..

The objective of the auditor is to design and
perform audit procedures in such a way to
enable the auditor to obtain sufficient
appropriate audit evidence to be able to
draw reasonable conclusions

Audit evidence
SUFFICIENT EVIDENCE

There must be ENOUGH evidence to support the auditors
opinion. Determining whether evidence is sufficient
depends on:

Risk of material misstatement
Results of tests of controls
Size of population being tested
Size of sample selected
Quality of evidence obtained

Audit evidence
APPROPRIATE EVIDENCE

This is made up of:

Reliability of evidence
Relevance of evidence

Reliability
Evidence is considered reliable when:

It is obtained from independent sources
Generated internally but subject to
effective internal control
Obtained directly by the auditor
In documented form
In original form

Relevance

To be relevant, audit evidence has to
address the objective of the procedure.

Accounting estimates
Characteristics of accounting estimates:

Confirmation of estimates is difficult
Prone to inaccuracy
No physical evidence
Prone to management bias

Accounting estimates
The auditor must obtain an understanding
of:

Managements assessment of the
estimates
How the estimate is actually done

Not for profit organisations
Properties of a not for profit organisation:

Lower risk activity is relatively simple

Direct control by owners persons coming up with the idea of an
NFP are the ones who have total control

Simpler systems

Evidence implications:

Same auditing rules apply

Quantity of evidence may be well less than for a larger
organisation

It may be more efficient to carry out 100% testing ie no
sampling

Problems:

Management override

No segregation of duties

Less formal approach

Differences from privately owned entities

NFPs:

Do not have profit maximisation as their main objective

Do not have external shareholders

Will not distribute dividends

Problems auditing NFPs

Weaker systems due to:
Lack of segregation of duties
Use of volunteers
Less formalised systems and controls

Income received by way of donation

Assessing going concern may be difficult

Opening balances and comparative
information
When taking on new clients, the auditor must ensure that:

Opening balances are correct

Prior period closing balances have been brought forward
correctly

Appropriate accounting policies been consistently used
or changes appropriately disclosed.

Opening balances and comparative
information
Audit procedures:

Consult clients management

Reviewing documentation of prior period

Consulting previous auditor and reviewing his working
papers

Substantive testing if all the above are unsatisfactory

Chapter 15

Audit sampling

CONTROLS TESTING
LARGE SAMPLE TO BE
SELECTED
SMALLER SAMPLE TO BE
SELECTED
IMP: SUBSTANTIVE TESTING MUST BE ALWAYS CONDUCTED!!!

Audit sampling
Substantive procedures are carried out on samples of
the transactions making up a figure in the financial
statements.

The amount of substantive testing can be varied
depending on the size of the sample being chosen.

Due to the auditor choosing a SAMPLE he cannot give
ABSOLUTE ASSURANCE.
Ways to extract a sample
(i)Statistical sampling

(ii)Non-Statistical sampling

Statistical sampling
An approach to sampling that uses:

Random selection of samples; and
Probability theory to evaluate the results

Considerations when designing a
sample
The purpose of the procedure
Combination of procedures being
performed
Nature of evidence sought
Possible misstatements

Types of samples
Random selection: use of random number tables

Systematic selection: sampling interval used

Monetary unit sample: selecting sample based on the
value

Haphazard selection: no structured technique but one
avoids bias

Block selection: involves selecting a block of items which
are next to each other in the population.

Non-Statistical sampling
Judgement is used to select items
to be tested. This usually leads to
focusing on higher value items.

Chapter 16

Audit documentation
Imp things to note:
1. If the working papers do not exist, then the auditor will be unable to
prove how and why the opinion expressed was arrived at.

2. Working papers should provide evidence that a qualified practitioner
could easily follow and report the same conclusions.

3. Unclear working papers are USELESS.

Audit file structure
Planning stage:
1. Risk assessment.
2. Materiality.
3. Knowledge of the business.
4. Use of any experts.
5. Composition of the audit team.
6. Timing.
7. Reporting (does the client form part of a group of companies to which
we must report?)

Testing:
1. Property plant and equipment
2. Intangible assets
3. Receivables
4. Cash
5. Payables
6. Share capital
7. Etc.work carried out on the specific sections which we ll be
auditing. Each section will contain its lead schedule

Completion and review:
1. Final analytical review
2. Documentation of issues found
3. Subsequent events
4. Specific topic questions
5. etc

The lead schedule
Components of a lead schedule
1. Title: client name / year end / prepared by section / subject
2. Prior year figures
3. References

Chapter 17

Analytical Procedures
Used to highlight unusual figures in order to
focus the audit on them or to establish that
a trend has continued.

compulsory at the planning and final stage
of the audit. Also an effective tool for
gathering evidence throughout the audit.

Profitability Ratios

Gross margin (gross profit/sales)100
Net margin (net profit/sales)100
ROCE (profit before interest and tax / share capital +
reserves + borrowings)

Liquidity Ratios

Receivables days (receivables/sales)365
Payables days (payables/purchases)365
Inventory days (inventory/cost of sales)365
Current ratio (current assets/current liabilities)
Quick ratio (current assets inventory/current
liabilities)

Whether or not to rely on analytical procedures:

Suitability not suitable for every assertion
Reliability auditor may only rely on data generated
from a system with strong controls
Degree of precision some figures will not have a
recognisable trend over time or be comparable
Acceptable variation variations having an immaterial
impact on the financial statements will not hold as much
interest to the auditor as those that do

Chapter 18

Auditing specific items
Questions in the exam will focus on a scenario with the audit of
specific items.

For this section of the exam paper, the approach to such a question
should focus on three things:

What are the assertions for the item in the question.

What procedures should be carried out to test the balance?

Always relate these steps to the scenario in the question a list of
procedures not relevant to the scenario will not get any marks!

Receivables
Payables
Tangible Non Current Assets
Non Current Liabilities
Bank and Cash
Inventory
Chapter 19

THE WORK OF OTHERS
ISA 600 deals with the use of the work of an expert by the auditor.

The auditor may not have the expertise to make judgements on all aspects
of a clients business and may seek help in the form of an expert. Examples
of this are specialist inventory, property valuation and complex work in
progress.

If the auditor chooses to rely on the work of an expert, they must ensure that
the expert is independent and sufficiently competent.

THE WORK OF OTHERS
The auditor will decide whether the expert is competent based on their
qualifications and their experience.

If an expert in the inventory of the entity being audited is consulted on
valuation of inventory, but works for a subsidiary of the entity then the auditor
may consider them to be not sufficiently independent.

The auditor should make no reference to the use of the work of others in the
audit report. It is the auditors opinion in the report and the work of others is
simply one type of evidence that may be used, if sufficient and reliable, to
come to that opinion.
THE WORK OF OTHERS
ISA 610 sets out the considerations the auditor must make before relying
on work carried out by internal audit.

The auditor should consider:

Whether the internal audit staff are sufficiently independent to retain
objectivity.
The qualifications and technical competence of the internal audit staff.
The professionalism of the staff and the standing of internal audit within
the organisation.
Are internal audit constrained in any way by management?

THE WORK OF OTHERS
If these considerations are fulfilled the auditor may assess the reliability of
the work carried out by internal audit by ensuring:

Internal audit working papers are well documented hand have been
reviewed.
Evidence gained by internal audit is sufficient and appropriate.
Any conclusions drawn are reasonable and valid.
Management have acted on recommendations made by internal audit.

Chapter 20

Computer assisted audit
techniques

USING THE COMPUTER TO TEST OR
ASSIST THE AUDITOR IN
TESTING DURING THE AUDIT
PROCEDURES

CAATS
EXAMPLES:

1. To run client data to check for errors
2. To extract samples
3. Check calculations
4. Produce reports
5. Match transactions
6. Create test data, input it in the clients system and
compare the result to what was expected (auditing
around the computer input vs output).

Chapter 21

Subsequent events and going
concern
During the audit it is likely that the auditor will come
across errors in the FS. The auditor should keep a record
of these and report to management.

The auditor will not be concerned with immaterial errors,
however, individual immaterial errors could aggregate to
amount to a material misstatements.

Also, there might be material misstatements.

concern
If management amend material errors, then the auditor
will issue an unqualified report.

If management do not amend the errors then a qualified
report will be issued.

concern
Between the year end and the date
of signing the audit report, the
auditor has an active duty to
search for all material events.

concern
Between the date of signing the
audit report and the date of issue
(usually AGM date), this turns to a
passive duty.

concern
Subsequent events review

Review of post year end management accounts
Review of post year end board minutes
etc

Adjusting vs non-adjusting
events
Adjusting events

Provide additional evidence relating to conditions
existing at the balance sheet date.

Example: a debtor going bankrupt after year end.

Adjusting vs non-adjusting
events
Non-adjusting events

Events taking place after balance sheet date but do
not fall under the definition of adjusting events.

Example: fire destroying inventory after balance
sheet date.

Subsequent events
A question on subsequent events will usually
involve a scenario with events which you
must decide are adjusting or non-adjusting
events.

ADJUSTING EVENT
IS THE EVENT MATERIAL?
DOES THE EVENT PROVIDE ADDITIONAL EVIDENCE OF
CONDITIONS EXISTING AT THE YEAR END?
FINANCIAL STATEMENTS
MUST BE ADJUSTED IF
MANAGEMENT REFUSE
THE AUDIT REPORT WILL
BE QUALIFIED.
NON-ADJUSTING EVENT
NO REQUIREMENT TO ADJUST THE
FINANCIAL STATEMENTS EVENT
MUST BE DISCLOSED - IF
MANAGEMENT REFUSE THEN
QUALIFY THE AUDIT REPORT FOR
DISAGREEMENT
YES NO
YES
NO ACTION
REQUIRED
NO
Going concern review
Consider economic conditions of the industry in
which the company is operating
Contact providers of finance to the business to
ensure they are happy to continue to do so.
Assess managements intentions of the future.
Review any budgets

Chapter 22

Management representations
The auditor may ask management to confirm in writing
certain issues which arose during the audit.

There are specific and non-specific items to be
included in the management representation letter.

Specific items: those required by ISAs

Non-specific items: items relevant to that particular
audit. Ex. No evidence was available on specific
elements of the FS.
Chapter 23

Audit reports
ISA 700 sets out the elements /contents of an audit report. They are:

Title
Identifies the report as an Independent Auditors Report

Addressee
The shareholders i.e. for whom the report is produced.

Introductory Paragraph
Sets out which pages in the report have been subject to audit and which have not.

Statement of responsibilities of management
Management have prepared financial statements in accordance with GAAP and
representing a true and fair view. Application of accounting policies and estimates as well
as responsibilities for systems and controls.

Statement of responsibilities of auditor
The audit was planned and assessed the risk of material misstatement considering internal
controls and obtaining sufficient appropriate evidence. That the auditor will express an
opinion.

Audit reports

Scope Paragraph
Standards under which the audit was conducted, the processes and the test basis as well
as the appropriateness of policies and disclosures.

Opinion
Do the statements present a true and fair view? Are they prepared according to applicable
GAAP and legislation?

Auditors signature
Auditor or firm is registered and authorised to conduct the audit.

Date of the Report
Signed after approved by directors on the same day.

Auditors address
le on specific elements of the FS.
Audit reports

If the auditor disagrees with some aspect of the financial statements or
is unable to state that they provide a true and fair view, then a
modified audit report will be issued.

There are two types of modified audit report:

An unqualified audit report with an emphasis of matter paragraph
A qualified audit report.
Emphasis of matter

If the auditor wishes to draw attention to a particular matter, but agrees
with the financial statements an emphasis of matter paragraph will be
included in the audit report.

The matter referred to will be fully disclosed in the accounts and the
auditor is simply drawing the users attention to it.

The paragraph will make it clear that the opinion is not qualified and
will be given a separate heading after the opinion paragraph.

Qualified Reports

There are two reasons that an auditor may qualify an audit report:

Disagreement
Limitation of scope
Disagreement
A qualified report for the reason of disagreement will be issued if the
auditor disagrees with the application of accounting policies, the
policies used, treatment of a particular item or the adequacy of
disclosures.

The disagreement can be such that it is either:

Material
Material and pervasive

Material

A material disagreement will mean that the auditor agrees with the
rest of the financial statements, but disagrees with that particular
element of them.

In this situation the auditor will qualify the audit with an except for
paragraph i.e. In our opinion, except for the effect on the financial
statements of the matter referred to in the preceding paragraph, the
financial statements give a true and fair view,

Material and pervasive

A disagreement which is material and pervasive is of such
significance that the financial statements do not give a true and fair
view.

In such a situation an adverse opinion is issued i.e. the financial
statements do not give a true and fair view.
Limitation of scope
If the auditor is unable to form an opinion, then the report will be
qualified for limitation of scope.

Limitation of scope will be due to being unable to obtain sufficient
evidence which should have been available.

A material limitation of scope will mean that the auditor agrees with
the rest of the financial statements, but is unable to agree with that
particular element of them.

In this situation the auditor will qualify the audit with an except for
paragraph i.e. In our opinion, except for the matter referred to in the
preceding paragraph, the financial statements give a true and fair view,
Limitation of scope

A limitation of scope which is material and pervasive is of such
significance that auditor is unable to state whether the financial
statements give a true and fair view.

In such a situation a disclaimer of opinion is issued i.e. the auditors
do not express an opinion on the financial statements.

ACCA Paper F8 - : Audit and Assurance (INT)

Hochgeladen von

Dokumentinformationen

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

ACCA Paper F8 - : Audit and Assurance (INT)

Hochgeladen von

Copyright:

Verfügbare Formate

Audit and Assurance

Das könnte Ihnen auch gefallen