ACCA AAA S18 Notes PDF

Se
pt
e
20 mb
18 er/
Ex De
O OpenTuition
am ce
s mb
er
Free resources for accountancy students
ACCA
Advanced Audit
and Assurance
(AAA)
Spread the word about OpenTuition,

so that all ACCA students can benefit.
How to use OpenTuition:

1) Register & download the latest notes
2) Watch our free lectures
3) Attempt free tests online
4) Question practice is vital - you must obtain
the Exam Kit from BPP/Kaplan
OpenTuition Lecture Notes can be downloaded FREE from http://opentuition.com

Copyright belongs to OpenTuition.com - please do not support piracy by downloading from other websites.
Free Free
ACCA ACCA
Notes Lectures
Ask Free
ACCA ACCA
Tutor Tests
Find Spread  
ACCA the word
Study about
Buddy OpenTuition
ACCA AAA (December 2018 Examinations) Watch free ACCA AAA lectures 1
Advanced Audit and Assurance

INTRODUCTION TO ADVANCED AUDIT AND ASSURANCE (AAA) 3
REGULATION, LEGAL MATTERS AND QUALITY CONTROL 7

1. What is Assurance? 7
2. Corporate Governance and Auditor Regulation 11
3. Appointment as an Auditor 17
4. Professional Ethics 23
5. Money Laundering 29
6. Responding to Non-Compliance with Laws and Regulations (NOCLAR) 33
7. Auditors’ Liability 37
8. Fraud, Error, the Evaluation of Misstatements and Reporting Control Weaknesses 41
9. Quality Control 45
AUDIT PLANNING AND RISK ASSESSMENT 49

10. Audit planning 49
11. Risk 55
12. Question Practice on Risk 61
AUDIT EVIDENCE 69
13. Audit Evidence 69
14. A Summary of Important Accounting Standards 75
15. Audit evidence: Computer Assisted Audit Techniques 83
16. Audit evidence Provided by Third Parties 85
17. Audit evidence Provided by Internal Audit 87
18. Outsourced Accounting Functions 89
19. Written Representations 93
20. Related Parties 95
THE AUDIT OF GROUP FINANCIAL STATEMENTS 99

21. Group Audits 99
THE FINAL STAGES OF AN AUDIT 107

22. Events Occurring After the Reporting Period/Subsequent Events 107
23. The Audit Report 1: Overall Structure 109
24. The Audit Report 2: Going concern, KAM, Emphasis of Matter 119
25. The Audit Report 3: Types of Audit Report 123
OTHER ASSIGNMENTS 129

26. Types of Assignment 129
27. Reporting on Prospective Financial Information 131
28. Forensic Audits 137
29. Social and Environmental Auditing 141
30. Due Diligence Reports 145
31. The Audit of Performance Information in the Public Sector (International Variant only) 147
Only on OpenTuition you can find: Free ACCA notes • Free ACCA lectures • Free ACCA tests • Free ACCA tutor support • The largest ACCA community
INTRODUCTION TO ADVANCED AUDIT AND

ASSURANCE (AAA)
1. Warning!
Do not even think of studying this paper if you haven’t already studied paper P2, Corporate Reporting
In every AAA paper, there is at least one question dealing with audit risk and/or audit evidence. Audit
risk is the risk that there might be a material misstatement in the financial statements. Whenever
there is such a risk, the auditor must decide how to respond and that usually means carrying out more
audit work to gather more audit evidence.
What you need to realise is that material misstatements can be caused by two types of error:
๏ The amount is wrong.

๏ The item has not been treated in line with the relevant accounting standards or financial
reporting standards.
For example, if the company incurs research and development expenditure, not only does the auditor
have to obtain evidence about the amount of expenditure, but must also collect evidence that the
expenditure has been written off or capitalised in line with IAS 38. Therefore, if the expenditure has
been capitalised, the auditor must collect evidence that the project is technically viable, that the
company can fund its completion….and so on. If you do not know the standard, you cannot plan to
collect the right evidence.
Every accounting standard studied in P2 sets out rules that govern how amounts in financial
statement are to be displayed and therefore each standard has implications for auditors
2. The ‘maturity’ of answers required

Consider this: During attendance at a stocktake at a client who makes jars of preserved food, a pack of
12 jars falls from its shelf in the warehouse and the jars shatter. The contents smell awful and it is
obvious that pack contained food that had gone bad. What audit issues does this incident cause and
how should the auditors respond?
At the AA level you might simply have said that the pack had to be written off. At P7, the incident
raises many more issues. See if you can think what they might be. This is discussed in the lecture for
Chapter 12.
3. Topics in AAA, not in AA

The main additions are:
๏ Business risk (audit risk, but not business risk, was in AA)
๏ The audit of groups
๏ Non-audit assurance (eg forecasts, budgets etc).
๏ Environmental and social auditing
๏ The audit of performance information in the public sector
๏ Professional liability
Most AA topics appear again in AAA but to a more detailed level. Professional ethics remain very
important. You will not be asked to evaluate an accounting system to identify weaknesses in internal
control.
4. Syllabus
4.1. Aim
To analyse, evaluate and conclude on the assurance engagement and other audit and assurance
issues in the context of best practice and current developments.
4.2. Objectives
On successful completion of this paper, candidates should be able to:
๏ Recognise the legal and regulatory environment and its impact on audit and assurance practice.
๏ Demonstrate the ability to work effectively on an assurance or other service engagement within
a professional and ethical framework
๏ Assess and recommend appropriate quality control policies and procedures in practice
management and recognise the auditor’s position in relation to the acceptance and retention of
professional appointments.
๏ Identify and formulate the work required to meet the objectives of audit assignments and apply
the International Standards on Auditing.
๏ Evaluate findings and the results of work performed and draft suitable reports on assignments.
๏ Identify and formulate the work required to meet the objectives of non-audit assignments.
๏ Understand the current issues and developments relating to the provision of audit-related and
assurance services.
5. Approach to examining the syllabus

The syllabus is assessed by a 3 hour 15 minute paper-based examination.
The examination is constructed in two sections. Questions in both sections will be largely discursive.
However, calculations will be expected, for example to be able to assess materiality and calculate
relevant ratios where appropriate.
Part A
Case study (50%)
Set at the planning stage of the audit. Candidates will be provided with detailed information and be
required to address a range of requirements from syllabus sections A, B, C and D.
Four professional marks are available in Section A
Part B
Two compulsory 25 mark questions, predominately based around a short scenario.
One question will always predominantly come from syllabus section E (completion, review and
reporting). The other question can be drawn from any other syllabus area
Syllabus section G, Current Issues, may be examined in Section A or Section B, but is unlikely to to
form the basis of any question on its own.
Full details are shown on syllabus available from the ACCA’s site:
http://www.accaglobal.com/gb/en/student/exam-support-resources/professional-exams-study-
resources/p7/syllabus-study-guide.html
REGULATION, LEGAL MATTERS AND QUALITY

CONTROL
Chapter 1
WHAT IS ASSURANCE?
1. Audit and assurance

We start with a little bit of revision of AA, and indeed you will be making use of AA skills throughout
AAA (such as suggesting audit evidence to look for).
The paper is called ‘Advanced Audit and Assurance’ and we start by explaining what is meant by the
terms ‘audit’ and ‘assurance’.
It is often not possible to check things for yourself, whether quality, accuracy, performance or
existence: you might not have the skills or the time, or you might be in the wrong location. Therefore
you must rely on someone else to give you assurance. This means you have to decide:
๏ What standards should be applied?

๏ What represents ‘good’, ‘acceptable’ or ‘unacceptable?
๏ How much checking should be done? All checking and assurance has an associated cost.
Audit is one form of assurance. We will see that in AAA other forms of assurance might have to be
described and discussed too, such as providing assurance to a bank that a company’s cash flow
budget is not a work of fantastic fiction or that a take-over target is not hiding horrific liabilities.
An audit is defined as: the independent examination of and expression of opinion on the financial
statements of an entity by a duly appointed auditor in pursuit of that appointment.
The important words here are ‘independent’ and ‘opinion’.
Independence is essential and underlies the value of auditing - and of all other forms of assurance
Opinion really means that one auditor or accountant could look at a set of financial statements (or a
cash budget) and disagree with the opinion of another.
Judgment is essential to all assurance: there are no certainties and there are no certifications of
correctness or accuracy.
Auditing is the most regulated form of assurance you will meet in AAA. Legislation, International
Auditing Standards and accounting standards all lay down rules about how auditing should be
carried out and how financial statements should be prepared. Other forms of assurance are much less
uniform and this can cause a problem unless the work to be performed is precisely agreed between
auditor and client at the very start. For example, if you are asked to give assurance about a cash flow
forecast you need to find out if it is a one, three or five year budget as the work and difficulties are
very different in each case.
2. Elements of an assurance engagement

2.1. The elements of an assurance engagement
The following are the five elements of an assurance engagement:
(1) A three party relationship involving a practitioner, a responsible party, and intended users.
(2) Appropriate subject matter (for example the financial statements, a budget, a take-over target).
(3) Suitable criteria (for example accounting standards)
(4) Sufficient appropriate evidence.
(5) A written assurance report in the form appropriate to a reasonable assurance engagement or a
limited assurance engagement.
Item 4 on the list is sufficient appropriate evidence and if assurance had to be summed up in one
word ‘EVIDENCE’ would be it. Assurance is not based on the auditor guessing or hoping that
something is the case. All assurance is based on gathering sufficient appropriate evidence and if the
required evidence is not available then assurance cannot be given.
It will be said again, but when it comes to the audit of financial statements evidence is required about
two elements:
๏ Is the amount substantially correct?

๏ Do the presentation and disclosures conform to the accounting standards?
There is no point in tracing research and development expenditure back to invoices supporting the
accuracy of the amounts if you do not also give assurance that the amounts have been written off or
capitalised in line with the IAS 38. Evidence is needed to support the treatment of the amounts.
2.2. Professional scepticism
A practitioner should plan and performs an assurance engagement with an attitude of professional
scepticism to obtain sufficient appropriate evidence about whether the subject matter information is
free of material misstatement. An attitude of professional scepticism means the practitioner questions
the validity of evidence and is alert to evidence that brings into question the reliability of documents
or representations.
Scepticism means that you don’t know. It does not mean that the practitioner assumes everyone is
dishonest or that figures have been deliberately misrepresented. Nor does it mean that you believe all
figures and statements are correct. It means you are aware that we can all be subject to optimism
(perhaps too much), human error, giving quick answers because we are short of time, and
misunderstanding. It also recognises that sometimes people are deliberately misleading or dishonest.
Scepticism means that evidence is required to test statements or assumptions. You could almost
summarise the process of assurance in the phrase ‘collect evidence that supports everything that is
being claimed’.
Sufficiency is the measure of the quantity of evidence. Appropriateness is the measure of the quality
of evidence - its relevance and its reliability.
The reliability of evidence is influenced by its source and by its nature, and is dependent on the
individual circumstances under which it is obtained, eg documentary evidence is better then oral,
directly obtained evidence better then evidence provided by a client.
2.3. Assurance Report
The practitioner provides a written report containing a conclusion. There are two types of assurance
reports:
In a reasonable assurance engagement the practitioner’s conclusion is worded in the positive form,
for example: “In our opinion internal control is effective, in all material respects, based on XYZ criteria.”
It is called ‘reasonable’ because the practitioner will never give guarantees. Only reasonable assurance
is ever given
In a limited assurance engagement the conclusion is worded in the negative form, for example,
“Based on our work described in this report, nothing has come to our attention that causes us to
believe that internal control is not effective, in all material respects, based on XYZ criteria.”
2.4. Examples:
Positive
๏ The financial statements show a true and fair view
๏ The value of amount of inventory lost is $x
Negative
๏ We have discovered nothing wrong with the financial statements
๏ The basis of the forecast is not unreasonable
๏ There is no evidence of discrimination in the appointment.
All statutory audits attempt to provide positive assurance ie the financial statements show a true and
fair view. There are some types of assurance assignment where giving a positive assurance is not
possible. For example, it would be impossible to give assurances that a budget is correct because it
depends on so many assumptions and factors that cannot be verified with certainty, such as the state
of the economy next year, competitors’ plan and sales forecasts.
A practitioner would not express an unqualified conclusion for either type of assurance engagement
when:
There is a limitation on the scope of the practitioner’s work ie sufficient appropriate evidence cannot
be obtained; or
The assertion is not fairly stated, and the subject matter information is materially misstated (ie the
assertion is incorrect).
Chapter 2
CORPORATE GOVERNANCE AND
AUDITOR REGULATION
1. Why corporate governance is needed

Corporate governance is the system by which companies are directed and controlled. Auditing
financial statements adds to their credibility and this enables shareholders to better understand how
the directors and company have performed.
2. Principles of corporate governance

The Organisation of Economic Cooperation Development (OECD) put forward some principles of
corporate governance:
๏ Corporate governance frameworks should protect shareholders’ rights, ensuring fair treatment
of all shareholders, particularly minority and foreign shareholders. For example all shareholders
should have access to the same information.
๏ The corporate governance framework should also recognise the rights of all stakeholders, not
just shareholders, and should encourage active cooperation between the entities and
stakeholders in creating wealth, jobs and sustainability of financially sound entities.
๏ There should be disclosure and transparency.
๏ The corporate governance framework should ensure that timely accurate information is made
available in all material matters.
๏ Responsibility of the board is also covered, and the corporate governance framework should
ensure the strategic guidance of the entity, effective monitoring of management by the board
and the board’s accountability to the entity and their shareholders. In particular the board
should set its own objectives, monitor its own performance and have its own performance
assessed.
3. The UK Corporate Governance Code

The OECD principles are put into effect in a variety of ways in different countries. The UK Corporate
Governance Code can be referred to as an example of best practice.
The code states that the purpose of corporate governance is to facilitate effective entrepreneurial and
prudent management that can deliver long-term success of the company.
Note the conflict between between being prudent and being entrepreneurial.
Comply or explain
The code has no force in law and is enforced on listed companies through the Stock Exchange. Listed
companies are expected ‘‘comply or explain’’ and this approach is the trademark of corporate
governance in the UK.
Listed companies have to state that they have complied with the code or else explain to shareholders
why they haven’t. This allows some flexibility and non-compliance might be acceptable in some
circumstances.
The UK and most of Europe have adopted a principles based approach rather than a procedural
approach to Corporate Governance. Broad principles are set out but then companies decide how to
put those into operation. This can provide flexibility and adaptability.
In the USA most corporate governance is regulated through statute, The Sarbanes-Oxley Act. This
takes a procedural approach that is much more prescriptive, requiring both directors and auditors to
sign off documentation stating that the rules have been followed. Criminal charges can follow if the
Act is not followed.
The code then goes on to list the main principles of the code:
Main principles
๏ Leadership
๏ Effectiveness
๏ Accountability
๏ Remuneration
๏ Relations with shareholders
Leadership
๏ Every company should be headed by an effective board which is collectively responsible for the
long term success of the company.
๏ There should be a clear division … between the running of the board and the executive
responsibility for the running of the company’s business. No one individual should have
unfettered powers of decision. This means that the roles of CEO and Chairman should not be
performed by one person as that concentrates too much power in that person.
๏ The chairman is responsible for leadership of the board.
๏ Non-executive directors (NEDs) must be appointed to the board and they should constructively
challenge and help develop proposals on strategy. NEDs sit in at board meeting and have full
voting rights, but do not have day-to-day executive or managerial responsibility. Their function
is to monitor, advise and warn the executive directors.
Effectiveness
๏ The board should have an appropriate balance of skills, experience, independence and
knowledge. In large companies NEDS should be at least 50% of the board; in small companies
there should be at least 2 NEDS.
๏ New directors should be appointed by a Nomination Committee to ensure a formal, rigorous
and transparent procedure for their appointment. The Nomination Committee consists of NEDs.
This provision is to prevent directors appointing their friends and colleagues to the board and
ensures that the best people for the job are considered and appointed.
๏ All directors should be able to allocate sufficient time to company business
๏ There should be induction on joining the board and a programme to update and refresh
directors’ skills and knowledge.
๏ The board should be supplied in a timely manner with necessary information
๏ The board should undertake a formal and rigorous annual evaluation of its own performance
and that of its committees and individual directors.
๏ All directors should be submitted for re-election at regular intervals
Accountability
๏ The board should present a balanced and understandable assessment of the company’s
position and prospects.
๏ The board is responsible for determining the … significant risks …and should maintain sound
risk management and internal control systems.
๏ The board should establish formal and transparent arrangements for applying the corporate
reporting, risk management and internal control principles, and for maintaining an appropriate
relationship with the company’s auditor. This means that an Audit Committee (NEDs again)
should be established to liaise with both internal and external auditors. Before audit
committees, the finance director liaised with auditors, but this was not satisfactory because the
finance director was often the person responsible for accounting problems. Therefore auditors
were often reporting problems to the person who caused them. The directors are responsible
for establishing an internal control system and must review the need for internal audit.
๏ Note that is is management who are responsible for ensuring that an effective system of internal
control operates to:
‣ achieve the orderly and efficient conduct of business
‣ safeguard assets, prevent and detect fraud and error
‣ ensure the accuracy and completeness of the accounting records
‣ allow the timely preparation of financial information.
Remuneration
๏ Levels of remuneration should be sufficient to attract, retain and motivate directors of sufficient
quality… but avoid paying more than is necessary.
๏ A significant proportion of executive directors’ remuneration should be structured so as to link
rewards to corporate and individual performance. In other words, profit-related pay is
encouraged. Directors should not receive high pay irrespective of company performance.
๏ There should be a formal and transparent procedure for developing policy on executive
remuneration and for fixing the remuneration packages of individual directors. No director
should be involved in deciding his or her own remuneration. This means that a Remuneration
Committee (NEDs) should be formed to fix directors’ remuneration.
Relations with shareholders
One of the problems with achieving good corporate was encouraging shareholders to take an active
interest in the company. Too often they did not fully participate at AGMs and would wave through
motions. This passive attitude might well have been encouraged by directors to move power towards
them and away from members.
The code therefore specifies:

๏ There should be a dialogue with shareholders based on the mutual understanding of objectives.
The board as a whole has responsibility for ensuring that a satisfactory dialogue with
shareholders takes place.
๏ The board should use the AGM to communicate with investors and to encourage their
participation.
4. The role of the audit committee

The audit committee is now very important part of corporate governance.
Review of internal audit
Financial Statements Review of internal control
Special investigations
Liaison with external auditors:
• Scope of external audit
• Forum to link directors/auditors
• Deal with auditors’ reservations
• Obtain information for auditors.
The committee should be dominated by non-executive directors. The functions are as follows:
๏ They will review the work of internal audit. Companies don’t have to have an internal audit
department, but corporate governance rules now stated that management should keep the
need for internal audit on the review.
๏ From time to time the audit committee may launch special investigations. For example, if a
fraud had been discovered within the organisation the audit committee may ask for a report on
how it happened and how to prevent it in the future.
With regard to functions specifically useful to the external auditors, the audit committee:
๏ Will review the system of internal control. Corporate governance now imposes on management
the requirement that they implement a system of internal control.
๏ Must be willing to receive information from whistle-blowers.
๏ Make recommendations to the board and members about the appointment, reappointment
and removal of the external auditors and agree the terms of engagement. Liaise on the process
of appointing auditors and setting their fees. (Note that the external auditors are appointed by
members in general meeting, but the audit committee is likely to make recommendations.)
๏ Annually assess the independence, objectivity and effectiveness the external auditors including
confirming that there are no self-interest or familiarity issues and that partners and staff are
rotated properly.
๏ Ensure that audits are properly planned and meet with the auditors to discuss matters such as
materiality, audit team composition and quality control procedures.
๏ Act as a forum to link directors and auditors. Auditors will typically write to the audit committee
about any problems they may be having on the audit or obtaining all the information they
require. If the auditors are worried in some way about the financial statements they will raise
those concerns with the audit committee.
๏ If the auditors can’t find information in any other way and feel perhaps they are being
obstructed, they can go to the audit committee and explain the problem and the audit
committee can try and investigate on their behalf.
๏ The audit committee will also review any significant judgements or other issues affecting the
financial statements that management has prepared and also assess the external auditor’s
handling of these matters and will report to the board n the effectiveness of the external
process.
๏ Review the management letter sent to the company by the auditors.
๏ The audit committee should also be involved in decisions whether or not to use the external
auditors for non-audit services: skills, approval and non-approval for certain services, ensuring
any threats to independence and objectivity are reduced to acceptable levels and monitoring
the fees for those services and the total fee for all services provided by the external auditor.
5. Regulation of auditors
Auditors are regulated by:
๏ Professional bodies (eg ACCA). ACCA is a recognised supervisory body that supervises
qualifications, behaviour and quality.
๏ National bodies. In the UK and Ireland, the Financial Reporting Council. This regulates auditors
and accountants and sets the UK’s Corporate Governance Code. In the USA the Auditing
Standards Board regulates auditors
๏ International bodies (eg IFAC, the International Federation of Accountants). The purposes of
IFAC are to serve public interest, strengthen the worldwide accountancy profession, establishing
and promoting adherence to high-quality professional standards.
The IFAC has a number of committees such as:
‣ IAASB (International Auditing and Assurance Standards Board): ISAs and other assurance
standards
‣ The International Ethics Standards Board for Accountants (IESBA): IFAC Code of Ethics.
‣ TAC (Transnational Auditors Committee): international dimension of audits.
๏ The Public Interest Oversight Board. This has representatives from a wide variety of users of
financial statements. It provides independent oversight throughout the entire process of
standard-setting to ensure that standard-setting is responsive to stakeholder needs, is
accountable and transparent.
IFAC ISAs are adopted by the FRC in the UK which has local regulatory power.
Chapter 3
APPOINTMENT AS AN AUDITOR
1. Overview of the audit process

Appointment
Plan the audit
Understand entity
Assess risk of material misstatement
Respond to risk
Expect effective controls Expect ineffective controls
Unsatisfactory Report significant deficiencies

Tests of controls to those charged with
governance to management
and all weaknesses to
Satisfactory management
Restricted substantive Full substantive

tests tests
Overall review of F/S

Report to management
Auditor’s report
This is an important and useful diagram and it sets out the stages or approach to an audit.
2. Marketing professional services

The ACCA Rulebook sates that professional accountants can inform the public about their services
using advertising and other form of promotion, subject to the general requirement that the medium
shall not reflect adversely on the professional accountant, ACCA or the accountancy profession.
It is recognised that there can be a conflict between some of the ethical principles, for example, a self-
interest threat and complying with the principle of professional behaviour.
The professional accountant in public practice must be honest and truthful and must not:
๏ Make exaggerated claims for services, experience etc or be misleading in other ways.
๏ Make disparaging references or unsubstantiated comparisons to the work of another.
๏ Bring the ACCA, the accountancy profession or other accountants into disrepute.
If fees are mentioned, promotional material must state the basis of charging and great care has to be
taken that readers are not mislead about the services offered and the fees that will be charged. It is
possible to compare fees with those of other firms provided the comparison is not misleading.
If commissions are paid or received (for example, by recommending software package), full disclosure
of the commercial arrangement must be made.
3. Tendering for professional services

Often, to obtain new work, accountants will be asked to submit a tender in competition with other
firms. Before submitting a tender, contact must be made with the existing or previous accountant (see
section 5, below) to see if there are any reasons why the appointment should not be accepted.
The fees quoted can can be whatever the accountant thinks appropriate, but there can be threats to
compliance with the fundamental principles. For example, if the fee were so low that it would be
difficult to carry out the work to the required standard of competence and due care. The IESBA states
that:
๏ Auditors should perform high quality audits irrespective of the audit fee charged
๏ Adequate time must be planned and spent to enable the audit to be performed in accordance
with the technical and professional standards.
๏ Audit personnel with appropriate expertise and experience should be assigned to the work.
๏ Two-way communication between the auditors and those charged with governance to mitigate
the threats that can arise from fee pressure
There is no set format for a tender document, but a little thought will show that something like the
following would be usual for a tender for audit work:
๏ A brief introduction to the accountancy firm.

๏ Areas of expertise and specialisms.
๏ A reiteration of the requirements of the client (to confirm understanding) and suggestions for
other work that might be needed.
๏ An outline of the proposed audit approach. For example:
‣ Planning.
‣ Assessment of the internal control system.
‣ Testing internal control and reporting on control weaknesses (interim audit timing might be
suggested).
‣ Possible use of internal audit for some aspects of the audit.
๏ Timing of the final audit and suggested dates for audit report signature.
๏ Work do be done at the final audit stage (eg attend stock take and certain branches etc).
๏ Planned use of computer assisted audit techniques.
๏ Quality control steps and systems that the firm uses to ensure that a ‘good’ audit will be
performed.
๏ Key partner’s and manager’s name. Details of audit team composition.
๏ Fee and the basis of its calculation. Invoicing arrangements and terms of payment.
4. Before you say ‘yes’ (and continuance decisions)

It is, of course, flattering to be asked to be the auditor of a company. Now only does it feed one’s ego,
it also promises more income for the firm. However, auditors must exercise great caution: they must
be confident that they can carry out the work profitably, ethically, competently, incurring an
acceptable level of risk and avoiding damage to their reputation.
The following need to be investigated:
๏ Are they professionally qualified to act? Is it legal and ethical for them to do so? For example,
they shouldn’t accept an appointment if the fees from that appointment are above the
suggested 15% limit for public interest companies. Are there issues of familiarity or self-review?
๏ Do they have adequate resources in terms of staff, time, and expertise? Can the new work be
carried out when the client wants without adversely affecting existing clients? If the potential
audit client acts in a specialist area of business and the auditors have no prior experience of that,
it would be very unwise for them to accept the appointment.
๏ Investigate the client, its management, and directors. Many firms of auditors have access to
databases which, for example, will allow them to search on directors’ names to see if any of the
directors have been banned from being directors of companies because of their past behaviour.
They may discover that it is too risky to become the auditor of a company if they have no trust in
the honesty of the directors. The audit fee is often modest, why risk your reputation by
undertaking an audit where the directors are likely to be fraudulent?
๏ Consider the nature of the industry or business. If there is a risk of criminal involvement or
money laundering it might be better to stay clear.
๏ Money laundering regulations (covered in a later chapter) require auditors to ‘know their
client’: ownership, commercial rationale, sources of funds etc.
๏ Communicate with present auditors. There is a professional requirement to do this and it is
essential to find out why the old auditors are retiring or being removed.
๏ Is the accounting framework that will be used by the potential client acceptable?
๏ Consider politically exposed persons. These are people who have or who have had positions
of political influence. For example, politicians, senior military personnel, senior civil servants.
Unfortunately, there is a history of many of these individuals having profited from corruption
and they might still have influence that permits the misuse of public funds, the improper
awarding of contracts and large-scale money laundering.
๏ The potential client’s credit-rating.
๏ Preconditions for the audit: will the financial reporting framework used be acceptable and do
management understand and accept their responsibilities for preparing the financial statements
and for supplying the auditors with all the information they require?
5. Communication with existing auditors

If the auditor is approached by new audit client, if it’s a new business and this is the first audit there
will be no previous auditors to communicate with and new auditors must make their own decision.
If it is not a new business and there is an existing auditor then the new auditor must ask the client for
permission to contact the old auditor. If permission is not given, the appointment should be declined.
Why would permission not given? Is a client trying to conceal something? Why else would they not
allow a new auditor to communicate with the existing auditor?
Assuming permission is given the new auditor will write to the old auditor for information. The old
auditor can’t simply send that information to the new auditor because that is confidential, and the old
auditor has to ask the client for permission in turn. If that permission is not given the new auditor
should decline the appointment because again the client is trying to stop communication between
the old and new auditors.
If the old auditor provides information then the new auditor is more fully equipped to make their
accept or reject decision. If the existing auditor decides not to provide information the new auditor
should try to persuade the old auditor to provide it, but otherwise might have to rely on information
as been found in other ways.
6. The engagement letter

Upon appointment, auditors should send an engagement letter to their new client.
Engagement letters are often regarded as rather dull documents, sent once and then forgotten.
However, they are of crucial importance because they set out the contractual relationship between
the auditor and the client. If the engagement letter is not sent out it’s very difficult for an auditor
subsequently to complaint that the client hasn’t done what was expected, or it might be difficult for
the auditor to defend the firm against a claim that the auditor has not done what was expected.
Engagement letters:
๏ Define the auditor’s responsibilities

๏ Provide written evidence of the auditor’s acceptance of the appointment.
๏ Should be send to the board of directors or audit committee prior to the first audit.
๏ Identify any reports to be produced in addition to the audit report. For example, for banking or
insurance clients who may come under additional scrutiny
๏ Should be updated for all changes. For example, if the auditor begins to undertake tax work for
the client.
7. Typical contents of an engagement letter

๏ Description of the objective of an audit: to determine whether or not the financial statement
show a true and fair view.
๏ Defining responsibilities: management’s are to prepare the financial statements and to set up a
system of internal control. It is the auditor’s responsibility to audit the financial statements.
๏ Reference to the applicable reporting framework. For example, a particular company’s act or a
particular national legislation,
๏ Emphasis that audits depend on sampling that there are no guarantees. The audit look for only
material misstatements. It will examine records on a test bases that can only give a reasonable
assurance.
๏ The auditors will state that they expect unrestricted access to the company’s records and they
expect full explanations for any queries they might have.
๏ They will state that the audit report is a matter between them and the addressees of the audit
report (the members of company) and that the audit report should not be provided or relied
upon by other parties.
๏ There will be certain matters about planning the audit, such as arranging the interim audit and
final audit, attending the stock take, organising a circularisation of receivables, and liaison with
the internal audit department.
๏ Almost certainly there will be something about fees, and remember fees should never be
absolute. They should be estimate but subject to the proviso that if more work needs to be
done, it will be done and additional fees will be required.
๏ Description of the expected relationship between the external auditor and internal audit; how
the work of internal audit might be reviewed and then relied on by the external auditors.
Chapter 4
PROFESSIONAL ETHICS
1. Introduction
It was mentioned in the previous chapter that before accepting an appointment, the auditor must
ensure that the appointment will be ethical.
Ethics is seen as the unique selling proposition of professional accountants. If they do not adhere
strictly to ethical principles, how could they continue to earn good fees? What is the point in paying
someone for advice or assurance if they cannot be trusted or believed?
The ACCAs guide to professional ethics is based on the IESBA’s Code of Ethics. It sets out certain
fundamental principles about how its members should behave. It also recognises how its members
could be subject to certain threats which would compromise their behaviour, and suggests ways in
which members can safeguard themselves against the operation of those threats. The ethical
framework recognises that there are:
๏ Ethical principles to be followed.

๏ These are subject to risks
๏ Accountants should use safeguards to avoid or to respond to risks by reducing them to
acceptable levels.
The guide applies to all members of ACCA and also to all ACCA students. Note that its operation is not
restricted to auditors and covers ACCA members working in industry and commerce.
2. Fundamental principles
The ACCA’s fundamental principles are as follows:
๏ First, integrity, basically this means that members should be honest, straightforward. If they see
something is amiss, they should say so and shouldn’t try to conceal it; they shouldn’t ‘turn a
blind eye’; they shouldn’t try to be ambiguous; they should state things plainly.
๏ Secondly, objectivity, members should be influenced by the facts and the facts only. They must
avoid bias, conflict of interest and undue influence.
๏ Third, members should exercise professional competence and due care. They must keep
themselves up-to-date with legislation and recent developments. They shouldn’t take on work
which they are not qualified for or for which they have no skills. They must be diligent, they
must be careful.
๏ Fourth, confidentiality. Members, particularly perhaps those who are auditors, have access to
information that is highly confidential and which is price sensitive. That information must be
held confidentially. Members should not disclose confidential information unless they have a
legal or professional duty to do so. An example of a legal duty to disclose information can arise if
a member thinks that a client or the person they are working for is involved in money
laundering. Many countries have very strong regulations nowadays so that money laundering
suspects should be reported to the authorities. Note that it is now easier to disclose information
to authorities if it is in the public interest to do do (see Chapter x on Laws and Regulations)
๏ Finally, members should show professional behaviour. They should comply with the law and
they should avoid any actions which discredit the profession. So, for example, when they are
trying to advertise their services they shouldn’t say that other members are bad or poor. They
should confine themselves to promoting what they are good at; they shouldn’t criticise other
professionals.
3. Threats to professional ethics

Threats to professional ethics arise from
๏ Self-interest
๏ Self-review
๏ Advocacy
๏ Familiarity
๏ Intimidation.
Note also there are management threats, where the auditor performs managerial functions for the
client. These are not listed by the IESBA, but covered under several of the above, such as self-interest,
familiarity and advocacy.
Where such threats exist, the auditor must put in place safeguards that eliminate them or reduce
them to clearly insignificant levels. Safeguards apply at three levels:
๏ Safeguards in the work environment,

๏ Safeguards that increase the risk of detection, and
๏ Specific safeguards to deal with particular cases. If the auditor is unable to implement fully
adequate safeguards, the auditor must not carry out the work.
3.1. Self-interest threats
Self-interest threats are the following:
๏ Financial: For example if an auditor owns shares in the client, the auditor could be accused of
wanting the client’s profits to look good, so that the share price rises thereby enriching the
auditor.
๏ Close business relationships are also threats. For example, if a partner retired from an audit
partnership and then immediately went to work for a client, they could be accused for having
lined themselves up for a job and to do that they perhaps did not do their audit rigorously. A
period of at least two years should pass before an ex-partner takes up an appointment with a
client. Having a partner on the client board is also unacceptable.
๏ Loans and guarantees from the client to the auditor should be looked at carefully. If the audit
client is a bank and it makes a loan on a normal business terms to a member of the audit staff,
for example a mortgage, this would normally be regarded as acceptable. If however the bank
(the audit client) makes a large loan into the partnership then this again could leave the audit
firm open to accusations of having being treated faithfully by the bank. Certainly no loans or
financial relationships should exist between a client and an auditor if it is not normal business
for the client to make loans.
๏ Overdue fees put the auditor at some risk as there is a possibility that client will never pay those
fees. This could lead to accusations that the auditor has not qualified the audit report to reduce
the likelihood that a worried creditor triggers the company’s liquidation. If there are overdue
fees the auditor should not make the situation worse and should not incur any more chargeable
time until those fees have been settled. If fees remain outstanding, the auditor should resign.
๏ Contingent fees are obviously dangerous. A contingent fee, for example, would be where the
auditor is paid a small fee if the auditor report is qualified, but a larger fee if the audit report is
clean.
๏ High percentage fees. If the auditor earns a high percentage of total income from one audit
client, then the auditor will rely too much on that client and can’t afford to lose them. This can
give the client too much leverage over the auditor. For a public interest company, such as a
company listed on a stock exchange, the maximum proportion of fees arising form that client
should not be more than 15% of total fees in two consecutive years. No figure is mentioned for
non-public interest companies, but auditors need to be mindful of this threat.
๏ Low-balling refers to the practice of quoting a very low audit fee to a client and then hope that
profits would be made another work awarded by the client. This means really that the audit
does not pay for itself so how, therefore, could a proper audit be done? Winning an audit is a
competitive business and the audit fee is an important factor to clients. However, an auditor
could find it difficult to claim that a proper audit has been carried out if a loss were made on the
audit. Fees should be profitable for the auditor.
๏ Recruiting staff on behalf of a client should not be undertaken. The danger here is that if
members of staff are recruited by the auditor, particularly financial staff, then subsequently the
auditor might be reluctant to criticise the performance of those staff members as the advice
they gave on recruitment looks bad. Similar considerations should be taken into account when
the auditor performs any management function for the client.
3.2. Self review threats
Self review threats arise when an auditor does work for a client and that work may then be subject to
self-checking during the subsequent audit. For example, if the auditor prepares the financial
statements, and then has to audit them, or the auditor performs internal audit services and then has
to check that the system of internal control is operating properly. Auditors could obviously be
reluctant to criticise the work which their own firms have earlier undertaken, and this could interfere
with independence and objectivity.
Generally auditors must be very careful when undertaking such work. Certainly it is common for
auditors to do additional work for their clients, but what is important that the work is done by an
entirely different team from the audit firm.
Really, checking your own work is a waste of time.
3.3. The supply of other services
The issue of auditor supplying multiple services to their clients, such as taxation and management
consultancy, is a controversial one and there are both pros and cons. For example, auditors will know
a great deal about the operations of their clients and this can make the performance of other work
much more efficient. If entirely new companies have to be brought in to supply these services, much
of the information they find out about the client will already be known by the auditor and there is a
real duplication of effort.
The danger, of course, is that the auditors come to rely too heavily on the fees earned from the other
work and are therefore reluctant to risk losing a client because of an adverse audit opinion. Large
audit firms can at least use separate departments, though this may be difficult with small firms.
In United States, listed companies are not allowed to obtain other services from their auditor. This is to
ensure that the auditor is independent and performs only the audit. In most jurisdictions, there are no
hard and fast rules but the overall guidance on ethics relating to objectivity and independence should
be adhered to.
3.4. Advocacy threats
Advocacy is where the assurance or audit firm promotes a point of view or opinion to the extent the
subsequent objectivity is compromised. An example would be where the audit firm promotes the
shares in a listed company or supports the company in some sort of dispute. Advocacy can interfere
with professional scepticism.
As always, the audit firm should weigh up the risks to its objectivity, integrity and independence and
should withdraw from performing further work if those risks are too high.
3.5. Familiarity threats
Familiarity threats arise because of the close relationship between members of the assurance or audit
firm and the client. The close relationship can arise by friendship, family or through business
connections. There is no general definition of what’s meant by close relationships, but if you were an
auditor and your brother was the Finance Director of a client firm then there probably is a close
relationship! If however the finance director was a remote cousin of yours, there might not be a close
relationship. Note that there does not have to be any family or legal relationship: friendship can
threaten independence and integrity.
Familiarity undermines professional scepticism
When dealing with close business relationships between the auditor and the client firm, the ACCA
suggests, the lead partner should be changed at least every five years and other partners involve
change at least every seven years. This is to prevent too close a relationship and friendship growing
between the two parties. The problem is that when a close relationship does grow, objectivity and
skepticism are liable to be lost.
3.6. Intimidation
The final groups of threats are intimidation threats. These can deter the assurance team from acting
properly.
Examples could be threatened litigation, blackmail, or there might even be physical intimidation,
though it is to be hoped that that is rare. Blackmail could be more subtly applied and might relate
back, for example, to a period where the auditor was not acting in accordance with the required
ethical standards.
3.7. Conflict of interest
This is not a a standard threat, but the phenomenon is included here because it has figured in exams.
An example is where the auditor has two clients and one of the clients wants to buy the other. The
auditor has been asked to advise the purchaser. The conflict of interest arises because the auditor will
have detailed knowledge about the target company: costs, mark-ups, budgets etc which would be
very useful to the purchaser. Even if no confidential information was supplied, there can be the
suspicion that it might be and you can understand why clients might feel uncomfortable.
In such a situation, the accountant should inform both parties. They might say that they are not
bothered, but even then the accountant must judge whether he or she would be seen to be
independent and if there is a risk to reputation the work should be turned down.
Chapter 5
MONEY LAUNDERING
1. Introduction
Money laundering is a process whereby the proceeds of criminal activity are converted into assets
appearing to have a legitimate origin.
Dirty money is made clean-looking. The money typically comes from extortion, drugs, prostitution,
illegal gambling, illegal arms sales and people-trafficking.
2. The stages of money laundering

The process of money laundering can be described in the following three steps:
๏ Placement: this is the process of introducing the money into a legitimate business activity so
that its origins appear bona fide. Methods include:
‣ Blending funds: mixing the dirty money with legitimate cash such as boosting the cash
takings of a business. Tax will have to be paid, but that’s a small price if the remainder of the
money is safe-guarded.
‣ Gambling: winnings are artificially increased and this can be used to explain the source of the
funds.
‣ Currency smuggling: move the cash to a lax jurisdiction where few questions will be asked.
You will notice that cash transactions facilitate placement because cash is relatively difficult to
trace compared to bank or credit transactions
๏ Layering: repeated transfer of money through different bank accounts and different countries
in an attempt to conceal or camouflage its origins. That way, even if the placement process
becomes known to the authorities it becomes difficult for them to trace the cash and recover it.
๏ Integration: the movement of previously laundered money into the economy so that the
money can be safely used. Examples include the purchase of assets such as expensive cars and
art works and jewellery.
3. Legislation
Many countries now have legislation attacking money laundering and the proceeds of crime and also
to interfere with money being used by terrorism organisations. As well as creating criminal offences
for the immediate perpetrators of the crimes the legislation can also cover the behaviour and
responsibilities of auditors and accountants.
In the UK the Proceeds of Crime Act 2002 sets out five types of offence:
๏ Concealing, disguising, converting or transferring money that is from the proceeds of crime.
๏ Entering into an arrangement to launder the proceeds of crime or having the suspicion that
money laundering is taking place yet not reporting it.
๏ Acquisition, use and possession of criminal property
๏ Failure to disclose
๏ Tipping off
The penalties are severe. For example, taking part in money laundering attracts a maximum prison
sentence of 14 years and/or a fine.
Note that if the prosecution can show that a defendant had a even suspicion that money had criminal
origins that the defendant can be found guilty of these crimes. So, ‘turning a blind eye’ is no defence
Obviously an accountant could be directly participating in or abetting money laundering, but here we
will assume you are all ethical and won’t take part in that. However, it is easier to inadvertently
commit some of the other offences.
For example, suspicions would be expected to arise if:
๏ You work in a bank and see a customer dealing in large amounts of cash without any reasonable
explanation of their origin.
๏ You are an auditor and see cash passing through various banks accounts for no apparent
reason.
Tipping off is the offence of acting in a way that discloses to the potential suspect information that is
likely to prejudice an investigation. So, saying to a client “I think this is money laundering and I am
going to report my suspicions to the authorities” is clearly tipping off. However, what if you
repeatedly ask for evidence about a transaction? The client then knows that you might be suspicious
and that your next step is to report the matter. However, if you make no enquiries at all or inadequate
enquiries, you might fail to uncover a perfectly innocent explanation.
Auditors also do not want junior members of the audit team taking this into their own hands and
directly informing the authorities. Junior member of the team are relatively inexperienced and might
simply be jumping to the wrong, but dramatic, conclusions. Instead, all suspicions should be reported
to the auditing firm’s money laundering reporting officer. This is a person who has sufficient
experience and seniority to be able to make reliable decisions about when matters ought to be
reported to the authorities.
4. Auditors’ responsibilities
๏ ‘Know your client’. Proper identification of the people involved, the ownership of companies,
the economic rationale of the business, the sources of funds.
๏ Appointment of a Money Laundering Reporting Officer (MLRO).
๏ Train staff to identify the types and patterns of transaction that might indicate money
laundering.
๏ Establish a system for the reporting of suspicions to the MLRO.
๏ Include a paragraph in the engagement letter setting out the auditor’s responsibilities in respect
of money laundering.
๏ Maintain records detailing how the regulations have been complied with.
5. Risk factors for money laundering

๏ A cash-based business
๏ Many similar deposits and withdrawals in various bank accounts for not obvious reason
๏ Many jurisdiction involved in the transfer of money
๏ The use of tax havens
๏ Bearer bonds or cheques
๏ Higher profits than could be reasonably expected
๏ Poor documentation for transactions
๏ Secrecy
Chapter 6
RESPONDING TO NON-COMPLIANCE
WITH LAWS AND REGULATIONS
(NOCLAR)
1. Introduction
This chapter deals with how the auditor should respond to a client’s failure to comply with laws and
regulations. Potentially, non-compliance will lead to fines, penalties and damages and these should
be recognised as liabilities or contingent liabilities. Additionally, non-compliance might cause going
concern issues if the company is then prohibited from trading or the non-compliance damages the
reputation of the company to such an extent that its survival is threatened.
ISA 250 Consideration of Laws and Regulations in the Audit of Financial Statements is relevant. In
addition the IESBA issued their final pronouncement on Responding to Non-Compliance with Laws
and Regulations (NOCLAR) in July 2016.
NOCLAR is defined as comprising acts of commission or omission, intentional or unintentional,

committed by a client or those charged with governance…contrary to the prevailing laws and
regulations.
The new rules permit professional accountants to more easily set aside their duty of confidentiality
2. Management’s and auditor’s responsibilities

ISA 250 states that “It is the responsibility of management, with the oversight of those charged with
governance, to ensure that the entity’s operations are conducted in accordance with the provisions of
laws and regulations…..including the provisions of laws and regulations that determine reported
amounts and disclosures in an entity’s financial statements”.
Management’s responsibilities will be easier to meet if there is a good internal control system, an
internal audit department and an audit committee.
ISA 250 also states “..the auditor is not responsible for preventing non-compliance and cannot be
expected to detect non-compliance with all laws and regulations”.
However, overall the auditor is responsible for identifying material misstatements whether caused by
fraud or error but the ISA recognises that the risk of the auditor failing to detect material
misstatements arising because of non-compliance can be increased because:
๏ There are many laws and regulations that do not directly affect the financial statements and
these will not be part of the information reviewed by the auditor.
๏ Non-compliance might be accompanied by deliberate concealment.
๏ Whether an act amounts to non-compliance is ultimately a matter for the court or regulators.
ISA 250 distinguishes the auditor’s responsibilities for compliance between:
๏ The provisions of laws that have a direct effect on the financial statements (eg tax and pension
laws). Here, the auditor must obtain sufficient appropriate audit evidence regarding compliance
with these laws. This is, essentially a positive confirmation.
๏ The provisions of other laws that do not directly affect the FS but where there might be material
penalties or where the operation of the business is jeopardised. Here, the auditor’s responsibility
is limited to undertaking procedures to help the identification of non-compliance where this
could have a material effect on the financial statements. This is, essentially, a negative
confirmation.
3. Audit procedures to assess compliance

๏ Obtain an understanding of the client’s regulatory environment and how the client complies.
๏ Obtain sufficient appropriate audit evidence where the laws and regulations directly affect the
FS.
๏ In respect of other laws, the auditor should (i) enquire of management as to whether the entity
is on compliance and (ii) inspect correspondence with relevant licensing authorities.
๏ Remain alert during the audit that other audit procedures might detect non-compliance.
๏ Ask for written representations from management declaring that all known incidents of non-
compliance and which should be taken into account in the preparation of the FS have been
disclosed to the auditor.
๏ In the absence of identified or suspected non-compliance the auditor is not required to carry
out audit procedures to confirm compliance other than those listed above.
4. Non-compliance is identified or suspected

The auditor must:
๏ Understand the nature of the non-compliance and evaluate the possible effects on the FS.
๏ Discuss the matter with management and those charged with governance if appropriate.
๏ If sufficient information about the suspected non-compliance cannot be obtained the auditor
must consider the effect of this lack of sufficient appropriate evidence on the audit opinion.
๏ The auditor should consider the effects of non-compliance on other aspects of the audit such as
risk assessment and the reliability of written representations. [In other words, the directors may
have shown that they consider compliance to be voluntary. If they act like this in one area how
many other incidents of non-compliance might exist?]
5. Reporting non-compliance
All incidents of non-compliance should be reported to those charged with governance (unless trivial).
If the auditor believes non-compliance is deliberate, this should be communicated to those charged
with governance.
If those charged with governance are complicit in the non-compliance, and there is no higher level of
authority (such as a holding company board or audit committee) then the auditor should take legal
advice.
Under the NOCLAR provisions in the IESBA guidance the auditor should
๏ Advise management and those charged with governance to take timely and appropriate action
to remedy the non-compliance.
๏ Deter further non-compliance
๏ Disclose the matter to the appropriate authority where required by law or regulation or this is in
the public interest.
The auditor must assess management’s response then decide if further action is required in the public
interest. This requires professional judgement: would a reasonable and informed third party be likely
to conclude that the auditor has acted in the public interest?
Further action might be for the auditor to make a disclosure to the regulatory authorities. Simply
withdrawing form the engagement is NOT a substitute to this and, indeed, the new guidance was
wary of auditors solving their problem simply by resigning.
Whether the auditor should disclose the matter to the authorities depends on the damage that might
be done to investors, employees members of the public and so on. Examples where disclosure is likely
to be justified include:
๏ Bribery
๏ The sale of harmful products
๏ Tax evasion
๏ Behaviour likely to damage financial markets.
If the disclosure is made in good faith it will not be considered to be a breach of confidentiality.
If non-compliance has a material effect on the FS that has not been reflected in the FS, then the audit
opinion will have to be modified (qualified or adverse)
If the auditor is prevented from investigating the matter then the audit opinion will have to be
modified (qualified or disclaimer).
It is important that all discussions, findings and disclosures are well-documented as there is obviously
a high risk to the auditor of fallout from these incidents.
Chapter 7
AUDITORS’ LIABILITY
1. Introduction
Auditors’ and accountants’ liability can arise from three branches of the law:
๏ Statute: for example if the accountant has been appointed as a liquidator of a company they
can be regarded as officers of the company and could be subject to criminal proceedings. This is
rare.
๏ Contract law: the letter of engagement sets out what the auditors and the client will do. For
example the auditors undertake to give reasonable assurance about the financial statements. If
the auditors carry out their work with due care and skill they will not be liable under contract law
๏ Tort law: the tort of negligence allows any injured party, not necessarily a party who has a
contractual relationship with the auditor, to pursue the auditor for damages if they have
suffered loss caused by the auditor’s negligence. This is the area where there is potentially most
difficulty.
2. The tort of negligence

An injured party has to show three things if the tort of negligence is to be proved:
๏ That a duty of care exists. The act of the accountant must be sufficiently close to the damage
(proximity). This is presumed to exist between an auditor and the audit client. However, with
other relationships this is more difficult to establish.
๏ That the duty of care was breached.
๏ That the breach caused financial loss.
3. The duty of care

For a duty of care to be owed by an auditor to a third party, then:
๏ The auditor knew or should have known that that person would rely on the auditor’s work.
๏ The third party has sufficient proximity (effectively, ‘close enough’ to reasonably rely on the
auditor’s work).
๏ It must be ‘fair, just and reasonable’ to impose a liability on the auditor.
Some cases illustrate these principles:
Caparo Industries v Dickman (1990)
Caparo sued an auditor after buying shares in a company they claimed was overvalued because of
inaccurate financial statements. They claimed that the auditor owed potential investors a duty of care.
The claim was unsuccessful as it was held by the court that the financial statements are prepared for
the current shareholders and that the auditor had no knowledge that Caparo would use the
information for their share-purchasing decision.
Royal Bank of Scotland v Bannerman (2002)
Bannerman was the auditor and issued a ‘clean’ audit report for a client. The client was a customer of
the Royal Bank of Scotland and used the financial statements to support a successful loan application.
The financial statements contained a serious misstatement arising from a fraud.
The claim was successful. The court held that the auditor would have known that the bank would
have used the audited accounts as part of their lending decisions and therefore owed the bank a duty
of care. The court stated that if the audit report had contained a disclaimer warning that only
members of the company should rely on the audit report then there would be no duty of care to third
parties.
4. Conclusion
The courts have been reluctant to extend the concept of duty of care to third parties such as
suppliers, lenders and potential investors.
Auditors will have exercised sufficient professional care if:
๏ They keep up to date with current approaches to auditing.

๏ They apply ISAs and ethical standards and safeguards.
๏ They comply with the terms of the engagement letter.
๏ They apply an adequate system of quality control: assignment of staff, direction of staff, review
of work.
๏ They undergo adequate supervision and education and training.
Since the Bannerman case it has become routine for auditors to include a disclaimer clause in their
reports. For example:
“Under section xxx we have a duty as auditors to report on the annual financial statements of the
company. This duty only extends to a report to the members of a company as a whole and not to an
individual shareholder or group of shareholders or to a third party who uses or places reliance on
our opinion in order to make a decision to enter any type of transaction with the company.”
However, there is criticism of disclaimer clauses because they can be seen as devaluing the audit
report:
๏ How can it be that the financial statements show a true and fair view for the shareholders but for
no one else?
๏ If the disclaimer clause reduces the chance of litigation then the auditors might not take as
much care whilst performing the audit.
5. Reducing exposure to audit liability

In addition to the measures set out above, auditors can make use of the following to reduce their
exposure:
๏ Professional indemnity insurance. This will pay compensation to injured parties in cases of
negligence.
๏ Fidelity insurance: Insures against the dishonesty of staff or partners
๏ Incorporation: Instead of being a normal partnership where the partners have unlimited liability,
the firm becomes a limited liability partnership. The partners’ personal wealth is protected.
๏ Liability limitation agreements. The engagement letter includes a cap on the amount of
compensation payable to clients. This gives no protection against third party claims.
๏ Proportional liability. Under this system the auditor and the client would share the burden of
paying compensation to injured third parties.
Chapter 8
FRAUD, ERROR, THE EVALUATION OF
MISSTATEMENTS AND REPORTING
CONTROL WEAKNESSES
1. Definitions
Fraud is the deliberate falsifying of records or misappropriation of company assets.
Fraud can be:

๏ Fraudulent financial reporting. For example, overstating profits to attract investors and lenders.
๏ Misappropriation of assets. For example, the theft of cash, inventory or non-current assets.
Error is the innocent misstatement of amounts or loss of assets.
Misstatement is when something has not been shown or treated properly in the financial statements.
A misstatement can be caused by either error or fraud. A misstatement can be:
๏ An incorrect amount.
๏ Incorrect presentation.
๏ Incorrect disclosure.
2. Fraud
It is management’s responsibility to prevent and detect fraud – not the auditor’s. It is management’s
duty to ensure that there is a good and effective system of internal control as this will greatly decrease
the risk of fraud and increase the risk of detection. Auditors are not expected to find every fraud, but
they are expected (with reasonable assurance) to find material misstatements, whether innocent or
fraudulent. They are expected to exercise professional scepticism and to follow up any suspicions that
they might have, for example if the results of analytical procedures do not make sense. Once a
suspected fraud or error is discovered the auditor must perform more audit work, such as:
๏ Discovering how the fraud or error occurred.

๏ Discovering if the incident is isolated or is part of a larger pattern.
๏ Consider applying computer assisted auditing techniques to look for similar patterns within the
records (for example, all orders placed with a particular supplier)
๏ Estimating the financial effect
Although the auditor seeks to give reasonable assurance that the financial statements are free for
material misstatement, note that ‘reasonable assurance’ must mean that not every material
misstatement will necessarily be discovered even if the audit has been carried out diligently. It is
accepted that the chance of a material fraud being undetected is greater than a material error being
undetected because fraudsters seek to conceal their activities. For example, by creating forged
documents or by collusion with other parties.
Fraud required three conditions:
๏ Incentive to commit the fraud

๏ Opportunity to commit the fraud
๏ Attitude to go through with the fraud
At the planning state the susceptibility of an entity to fraud should be discussed. both amongst the
audit team and with management of the client The following make fraud easier:
๏ Lack of segregation of duties so that one person is in charge of all parts of a transaction.
๏ Poor internal control in general.
๏ Poor IT system control.
๏ Complex transactions so that is is difficult to check if they are being carried out correctly.
๏ Many estimates involved.
๏ Easy-to-steal assets: cash, compact but high-value inventory.
๏ Complex group structures so that related party transactions are difficult to discover.
๏ Pressure to perform
All instances of fraud should be reported to those charged with governance. It is important, even for
what appears to be a small fraud, to investigate how long it has been going on for, how much is
involved and who is behind the fraud.
3. Management bias
‘Management bias’ occurs when managers are under pressure or simply want to produce certain
financial results. For example:
๏ Their bonus depends on hitting a profit target.

๏ Their job depends on a level of performance.
๏ The business is going to be floated on the stock exchange so that good profits will allow a
higher flotation price.
๏ The business is going to be bought by another and the purchase price be will be influenced by
performance.
In these situations auditors should be wary of managers being more optimistic than is warranted so
that the value of inventory, recoverability of receivables, profit budgets and construction contract
profitability are overstated and potential liabilities are understated.
At some point optimism and wishful thinking will become more like deliberate misstatement and
fraud: making demonstrably undue claims about company performance and the deliberate omission
of liabilities.
Management bias is a common element of AAA questions: many describe bonus schemes or buy-outs
and you must respond to these by recognising that additional audit risk that inevitably arises.
4. Evaluation of misstatements identified

ISA450 requires auditors to accumulate misstatements identified during the audit other than those
which are clearly trivial. The triviality threshold will generally be much lower than the materiality
threshold.
๏ All misstatements accumulated during the audit should be communicated to the appropriate
level of management in a timely basis.
๏ Management asked to correct them or explain why not. Often the audit committee will be
involved in these discussions. Misstatements can be categorised as:
‣ Factual (definitely incorrect, like a mistake when adding up the stock-take sheets).
‣ Judgemental (where the auditor and client have different opinions, such as the valuation of
inventory or recoverability of debts).
‣ Projected. The auditors best estimate of the error of a population based on the error rate in
the audit sample.
๏ The categorisations affect how much negotiation or compromise is acceptable when it comes to
amending the financial statements. Essentially, no room for compromise with factual
misstatements, an intense discussion for judgements errors and for projected errors, rather than
request an alteration to the financial statements, more testing might be appropriate to estimate
the projected error more accurately and more convincingly.
๏ Obtain written representations from management that they believe uncorrected misstatements
are not material.
๏ Assess materiality of uncorrected misstatements individually and in aggregate. Note that the
auditors should check that the originally established materiality levels are still appropriate now
that they are possession of much more information at the end of the audit.
If management refuses to correct a misstatement which the auditor thinks is material then the auditor
will have to issue either a qualified or adverse opinion. Note that some individual misstatements can
be lower than the materiality level of the financial statements as a whole. For example, misstatements
relating to compliance or which decrease directors’ earnings or which hide trends in the results.
Note it is management’s responsibility to correct errors in the financial statements. Auditors cannot
unilaterally adjust the financial statements that have been prepared by management.
If is seems that management or those charged with governance are responsible for committing the
fraud then this implies that management integrity cannot be expected and the auditor, after legal
advice, should withdraw form the audit.
5. Reporting deficiencies in internal controls

If deficiencies in internal controls are found, the auditor should perform further work to determine the
extent of the errors.
After the deficiencies have been discovered and investigated, the auditor must determine if they are
‘significant deficiencies’. ISA 265, Communication Deficiencies Internal Control defines a significant
deficiency as one that is sufficiently serious that it should be brought to the attention of those
charged with governance. Factors influencing this include:
๏ The likelihood that the deficiencies will lead to financial misstatement.
๏ The susceptibility to loss or fraud of the related asset or liability

๏ The financial statement amounts exposed to the deficiencies
๏ The volume of activity exposed to the deficiency
The auditor must communicate in writing significant deficiencies in internal control to those charged
with governance on a timely basis.
Other deficiencies should be communicated to management at the appropriate level.
Chapter 9
QUALITY CONTROL
1. Introduction
Quality control in auditing doesn’t just mean do an audit properly: that could just be down to good
luck. It means that these must be a system of quality control which substantially ensures that all audits
are executed properly and which provides documentary evidence that quality control procedures
have been applied effectively.
2. Quality control
ISA 220 Quality Control for an Audit of Financial Statements states that quality control systems, quality
control policies and quality control procedures are the responsibility of the audit firm. In particular,
responsibility for the quality of each audit resides with the partner in charge of the audit.
Under International Standard for Quality Control 1 (ISQC 1), the firm has an obligation to establish and
maintain a system of quality control to provide it with reasonable assurance that:
(1) The firm and its personnel comply with professional standards and applicable legal and
regulatory requirements; and
(2) Reports issued by the firm or engagement partners are appropriate in the circumstances.
(3) Note again the use of the word ‘system’. You will know that under the Code of Ethics for
Professional Accountants to avoid self-interest threats firms have to ensure that no one involved
in an audit owns shares in the audit client and that fees from any one client must not be too
great. However, these safeguards cannot be left up to chance. Auditing firms need systems in
place that will ensure that ethical codes are not broken and will provide evidence that quality
has been maintained. To comply with the self-interest rules just mentioned, the quality control
system might require that each year:
‣ Every member of the audit staff must sign a declaration stating that they do not own client
shares.
‣ A partner should review fees and sign a declaration that fee limits have not been exceeded.
The ISQC 1 quality control requirements refer to six key areas:
๏ Leadership. The firm must establish policies and procedure designed to promote an internal
culture that recognises that quality is essential in performing engagements.
๏ Ethics (covered earlier in these notes). Throughout the audit engagement, the engagement
partner shall remain alert, through observation and making inquiries as necessary, for evidence
of non-compliance with relevant ethical requirements by members of the engagement team.
๏ Acceptance and continuance of client relationships and audit engagements. The firm must
ensure that appropriate procedures regarding the acceptance and continuance of client
relationships and audit engagements have been followed, and shall determine that conclusions
reached in this regard are appropriate.
๏ Human resources. The firm shall establish policies and procedures designed to provide
reasonable assurance that it has sufficient personnel with the competence, capabilities and
commitment to ethical principles to properly perform the audit to enable an appropriate
auditor’s report to be issued. Responsibility for each engagement is assigned to an engagement
partner and policies and procedures must be in place to assign appropriate personnel to each
engagement.
๏ Engagement performance. Direction, supervision, reviews, consultation and performance
should be of a standard to enable an appropriate auditor’s report to be issued
๏ Monitoring. To ensure that the quality control procedures adequate, relevant and are operating
properly.
๏ Note that many of the requirements of a quality control system can be remembered by the
acronym SACRED (or SCARED!):
‣ Supervision
‣ Assignment
‣ Competence
‣ Review
‣ Ethics
‣ Direction
3. Public interest audits

Public interest audits, such as the audit of listed companies, should undergo an Engagement Quality
Control Review. Here, an independent reviewer (normally another partner) will be appointed to
perform an objective evaluation of the significant judgments made by the engagement team, and the
conclusions reached in formulating the auditor’s report.
This evaluation shall involve:
(1) Discussion of significant matters with the engagement partner;
(2) Review of the financial statements and the proposed auditor’s report;
(3) Review of selected audit documentation relating to the significant judgments the engagement
team made and the conclusions it reached; and
(4) Evaluation of the conclusions reached in formulating the auditor’s report and consideration of
whether the proposed auditor’s report is appropriate.
For audits of listed entities, the engagement quality control reviewer shall also consider the following:
(1) The engagement team’s evaluation of the firm’s independence in relation to the audit
engagement;
(2) Whether appropriate consultation has taken place on matters involving differences of opinion
or other difficult or contentious matters, and the conclusions arising from those consultations;
and
(3) Whether audit documentation selected for review reflects the work performed in relation to the
significant judgments and supports the conclusions reached.
Reviews carried out before the audit report is signed are known as hot reviews. As explained above,
these are required for listed companies.
Reviews carried out after the audit report is signed are known as cold reviews. They will not help the
audit for the year being reviewed, but they will help to keep quality standards up in the future.
4. Audit documentation
It is impossible to plan, supervise, control and review an audit and audit evidence without proper
audit documentation.
Audit documentation is necessary to:

๏ Demonstrate that audit planning has been carried out
๏ Show that the detailed audit work has been carried out properly. An audit really means
collecting sufficient appropriate evidence that will support the auditor’s opinion on the financial
statements. It is essential that this evidence is recorded so that, if need be, the auditor can
demonstrate that a proper audit was performed
๏ Enable senior staff to review the work of junior staff. The review process is essential in carrying
out a competent audit: the work of junior staff is reviewed by their supervisor, the supervisor’s
work is reviewed by the manager, and finally the partner, who will sign the audit report, will
review everyone else’s work. Review is not possible without recording the work carried out and
evidence obtained.
๏ Enable Engagement Quality Control Reviews to be carried out.
๏ Help the audit team in future years. An immensely useful planning exercise at the start of the
audit is to examine last year’s file. Were there problems? Were there any errors? How did last
year’s audit team go about gathering evidence?
๏ Encourage a methodical, high-quality approach. The audit documentation contains information
documenting the client’s accounting system, the tests that have to be performed (eg select 20
invoices at random and ensure that they are authorised). As each part of the audit is completed
the audit program is signed off by the person who carried it out. Outstanding matters are easy
to see.
AUDIT PLANNING AND RISK ASSESSMENT
Chapter 10
AUDIT PLANNING
1. Overview
Appointment
Plan the audit
Understand entity
Assess risk of material misstatement
Respond to risk
Expect effective controls Expect ineffective controls
Unsatisfactory Report significant deficiencies

Tests of controls to those charged with
governance to management
and all weaknesses to
Satisfactory management
Restricted substantive Full substantive

tests tests
Overall review of F/S

Report to management
Auditor’s report
All audits start by:

๏ Planning
๏ Understanding.
After these stages auditor can assess the risk of material misstatement and respond to that risk. We
will see later how the risk of material misstatement can be broken down into several causes, but if you
are dealing with a relatively new company with inexperienced staff, and which has high value,
portable inventory and many cash transactions, you will probably see that the risk of material
misstatement is relatively high. If the auditors conclude that is the case then they have to plan for
their audit work to reduce the risk of material misstatement finding its way into the financial
statements.
2. Audit planning
Audit planning is very important and the auditors state in the audit report that the they state they
planned and performed their audit. Planning must be documented.
2.1. The reasons why planning is important:

๏ If you don’t plan it you won’t carry out the audit effectively. You would not know something as
obvious as when the year-end is, or how many branches or factories a company has, or how
many staff members you may need to conduct the audit, or whether the company has a lot of
valuable inventory.
๏ You have to think both of a general strategy and a detailed approach. For example, in some very
large companies auditors do not visit all the branches every year. They may visit only a quarter
of the branches one year, another quarter the next year and so on. They have to decide whether
or not to attend a stock take. They may have to decide whether or not opinions from other
experts are required. For example, on the adequacy of the company’s pension scheme.
2.2. The planning objectives are:
๏ To give appropriate attention to important areas. Is there a high inventory? Is there a high
volume of cash transactions? Are debtors particularly significant? Important areas will certainly
be material areas, and materiality is discussed below.
๏ To identify potential problems. For example, if the company has recently changed its
computerised accounting system there may well have been problems at the switch-over time,
and staff may still be inexperienced.
๏ To carry out the work expeditiously. That really means reasonably quickly and efficiently.
๏ To ensure that the right numbers of staff are in the audit team with the right skills. They have to
be timetabled so that the work for this client and other clients can be accommodated.
๏ To coordinate, if necessary, with other parties. For example, the internal audit department of the
company.
๏ To facilitate review. The work performed in an audit is subjected to many reviews. The audit staff
member in-charge of the audit first of all reviews the working papers, then the audit manager
will review them, and finally the partner in-charge will review them. All of this has to be
timetabled and time must also be left to clear the review points, for example, if additional work
is required.
3. Understanding the entity

Pretty much inseparable from the planning process is the process of gaining an understanding of the
entity.
This includes:
๏ Nature of the entity. We have to understand the nature of the entity. For example, we simply
have to understand what it does: is it in a financial sector, the retail sector, the manufacturing
sector? This may seen trivial but it may help you to think of a new audit client. You can often tell
very little from the name of the client. You have to go and find out about the entity itself.
๏ Particular regulations. Banks, insurance companies, and many other operations in the financial
sector are subject to regulation and sometimes the auditor has to ensure that these regulations
have been adhered to.
๏ Accounting policies. We need to understand what the entity’s accounting policies are; different
entities have different ways of valuing inventories perhaps. If you are a building company you
will have specific accounting policies with regard to taking profits from construction contracts.
๏ Objectives and strategies. The auditors must gain an understanding of the entity’s, objectives,
and strategies. The entity’s management defines objectives, and strategies are devised to try
and achieve those objectives.
๏ Nature of business risks. Business risks can arise from circumstances which mean that the
company’s objectives and strategies may not be achieved. Business risk is broader than the risk
of material misstatement of the financial statements. Most business risks will eventually have
financial consequences and therefore an effect on the financial statements. It is important for
the auditors, therefore, to understand what the risks are.
๏ Internal controls. The auditor has to gain an understanding of the entity’s internal controls.
Whether they exist and to what extent they are expected to operate.
๏ The control environment. This refers to the context in which the internal controls operate. The
management of some companies have a very high regard for careful control, for careful
recording, and for attention to detail. Other management teams may have less regard for this.
For example, they may be far more interested in making a sale, which is of course important, but
are not so interested in recording that sale correctly. They will see some aspects of internal
control as being nuisance.
๏ How does management identify business risks? It is important for management to identify
business risks. Management has a real expertise of the business sector and if they can’t identify
business risks it can be relatively difficult for the auditor to ensure that all business risks have
been covered.
๏ Financial performance. Finally, the auditor should obtain an understanding of the
measurement and review of the entity’s financial performance. Performance measures and the
review indicate to the auditor aspects of the entity’s performance that management and others
considered be important. Obtaining an understanding of the entity’s performance measures
assists the auditor in considering whether such pressures result in management actions that
may have increased the risks of material misstatements.
4. Materiality
One of the key areas of planning is to assess materiality. An audit gives only a reasonable assurance
that the financial statements are free from material misstatement, so it is essential to know what is
meant by ‘material’.
๏ A matter is material if it omission or misstatement would reasonably influence the economic

decisions by a user of the audit report.
๏ It is affected by the size and nature of the misstatement.
The auditor’s judgment flows all the way through the audit process, from planning and deciding the
amount of work that should be done, to deciding what action should be taken should errors be found
in the accounts. When judging materiality, the audit partner has to make a judgement as to whether
the misstatement would be likely to alter decisions made by an user of the audit report. For example,
if a misstatement would cause an investor to keep those shares rather than selling those shares, then
has been a real effect on that investor and the misstatement would be material.
If misstatements are so small that they don’t really spark any reaction in the members, then they are
rather superficial. That’s not to say that auditors don’t want to get things right, but errors only really
matter when they trigger incorrect action.
Materiality has to be decided for the financial statements as a whole and it is the audit partner’s
judgements about whether or not a statement is material.
5. Guidance on materiality
It’s all very well saying that a matter is material if it would reasonably influence decisions upon a user
of the audit report, but that gives very little guidance to the audit team (or to you when you are doing
a question).
Therefore, some rules of thumb have been developed. These are only guidelines, but if something is
wrong to the extent of:
๏ 0.5% to 1% of revenue,
๏ 1% to 2% of total assets or
๏ 5% to 10% of profit
then you should assume that the matter is material. These percentages should take into account the
auditor’s knowledge of which items users will focus on, the nature of the entity (life cycle/
environment), its ownership, structure and financing and the volatility of the benchmark.
IT IS VERY COMMON FOR AAA EXAM QUESTIONS TO PROVIDE TURNOVER, ASSET AND PROFIT
FIGURES. YOU MUST USE THESE FIGURES TO WORK OUT ESTIMATES OF MATERIALITY.
In a real audit a running total of errors is kept so that there net effect can be calculated. However,
when designing and carrying out audit tests and when noting down errors, smaller amounts should
be set for materiality to reduce the risk that misstatements in aggregate exceed financial statement
materiality. This is known as performance materiality: the materiality that is important in the
performance of the audit work.
Errors which are less than the suggested guidelines could still be regarded as being material. An error
which turns a small loss into a small profit could cause unfounded optimism in some situations,
perhaps a feeling that the company has turned a corner. So, although in absolute terms, the size of an
error is relatively small, the way in which the accounts are then interpreted could lead to
unreasonable decisions being made. Therefore, you can talk about both quantitative and qualitative
materiality.
Finally, there are some amounts in the financial statements where no errors are tolerable. For
example, there is often a statutory duty to disclose directors’ remuneration and that has to be stated
with absolute accuracy.
All misstatements identified should be communicated to management who should be asked to

correct them or to explain why not. The auditors must assess the materiality of uncorrected
statements and obtain written representations from management that they believe uncorrected
misstatements to be not material.
If management refuse to correct an error that the auditor thinks is material then the auditor will issue
a modified (critical) audit report.
Chapter 11
RISK
1. The sources of risk

ISA 315, states that the auditor should:
“…obtain an understanding of the entity and its environment sufficient to identify and assess the risk
of a material misstatement in the financial statements”.
The total risk of material misstatement can be split into two:
๏ Business risks
๏ Audit risks.
Business risks result from significant conditions, events, circumstances, actions or inactions that could
adversely affect the entities ability to achieve its objectives and execute its strategies. The business
risks can itself be split into:
๏ Strategic risk
๏ Operational risk
๏ Financial risk
๏ Compliance risk
Financial risks could arise because of high borrowings and a rise in interest rates. This will put to
business under severe pressure and could increase the risk of material misstatement, perhaps with
regards to going concern problems. Operational risks arise from operational errors. For example, if the
products are made incorrectly then there might be warranty claims and a loss of reputation.
Compliance risks arise from a failure to comply with regulations. This can mean that the business has
large penalties or fines to pay or it may result in the business been prevented from continuing to
trade. Reporting risks arise from not reporting on time or sufficiently accurately.
The auditor does not have a responsibility to identify or assess all business risks, but an understanding
of business risks increases a likelihood of identifying risks of material misstatement. At the AA level,
business risk was not considered, but it is very relevant to AAA.
2. Business risk
It is, of course, not the auditor’s duty to manage a business and its risks or even to warn audit clients
about business risks. It is the directors’ and management’s responsibility to run the business for the
benefit of shareholders. Auditors cannot be expected to have expertise in the huge variety of business
risks that are suffered by their many clients. Provided the financial statements properly report on what
has happened in the business (for example, that stocks of a poorly selling product has been written
down appropriately) the audit report is not affected: the FS are showing a true and fair view.
So why is business risk important to auditors? Well, it is important because business risk will often
cause audit risk ie that business risk causes a material misstatement in the financial statements that is
not detected by the auditors who then issue an inappropriate opinion.
For example:
Business risk Possible audit risk

Strategic: out-of date products Stock might not sell at above cost and should be
written down
Strategic: operations in a country where the Perhaps the directors want to divest and the
economy has become poor subsidiary has to be valued appropriately.
Perhaps the fair values of the non-current assets
are almost worthless and must be written down.
Operational: a batch of products has been poorly Sales returned, goods scrapped, compensation
manufactured. to be paid.
Operational: computer virus in the accounting What are the receivables (and other balances)?
system that deletes records.
Financial risk: rise in interest rates Could cause going concern doubts
Financial risk: changes in exchange rates Could cause contacts to become unprofitable or
products to be non-competitive with
consequent valuation issues.
Compliance risk: improper recruitment of staff Possible fines, hence contingent liabilities.
that contravenes equality legislation.
Compliance risk: failure to comply with health Possible fines, damages, loss of licence to
and safety legislation operate. Hence liability and going concern issues
3. Audit risk
Audit risk is the risk that the financial statements contain a material misstatement that the auditors
have not discovered so that the auditors give an inappropriate opinion on the published financial
statements. (Strictly, it could also refer to the auditors modifying their report when the financial
statements are fine - but that’s rare, if it has happened at all.)
Audit risk depends on three factors, and the relationship is described as:
Risk of material misstatement
AR = IR x CR x DR
Audit Risk
Control risk
Inherent Risk Detection Risk
Sampling Risk Non-sampling Risk
๏ Inherent risk = the risk of an error occurring in the first place, without any controls being
present.
๏ Control risk = the risk that the organisation’s control procedures do not prevent, detect and
correct the error.
๏ Detection risk = the risk that the auditor does not discover the error.
Inherent risk is increased by factors such as:
๏ Time pressure on staff

๏ Inexperienced staff
๏ Lack of training
๏ Complicated transactions
๏ Complicated reporting requirements eg complex ISAs
๏ Pressure to perform
๏ New procedures or new systems
๏ New areas of business
If there are no controls any errors will find their way onto the draft financial statements.
However, good control systems can prevent or detect errors. For example:
๏ Good management will ensure that only appropriately qualified or experienced people will
process certain transactions.
๏ Segregation of duties ensures that each transaction is dealt with by more than one person so
that there is an element of checking and supervision.
๏ Reconciliations check the accuracy of numerical data.
๏ Authorisation and approval lends reliability to transactions.
๏ Physical measures safeguard assets.
๏ Inspection of assets can detect damaged assets or deliveries not properly made. Don’t look
upon this too mathematically. What it is saying is that auditors will want the audit risk to be low:
they don’t want to make an error in their audit opinion.
If they want the audit risk to be low then the terms on the right hand side of the equation, or at least
some of them, have to be low.
If an error is made in the first place (inherent risk) AND is not identified and corrected by the controls
(control risk) then the error will be incorporated into the draft financial statements. There is then only
one line of defence before the error is distributed to members in their annual financial statements: the
audit.
The material
error reaches
The client’s procedures the
The error The auditors must
and staff must not have published
has to have failed to detect it
picked that up and financial
occurred
corrected it statementsA
udit risk
If the auditors believe that the inherent risks together with the control risks are unacceptably high,
then they must increase the amount of audit work they perform. This reduces the detection risk (the
risk that the error is not discovered by the auditors). Risks of undetected material misstatements must
be reduced to levels which provide reasonable assurance that material errors are detected.
Neither inherent risk nor control risk can be influenced by auditors in the short term. Inherent risk
might be completely impervious to change (for example, a complicated transaction will always be
complicated). Control risks might be reduced in the medium term if the audit client takes note of
auditors’ letters which set out control weaknesses. However, when it comes time to perform the audit
on the draft financial statements, the only risk that the auditors can control is the detection risk. They
must do sufficient audit work to manage the overall audit risk.
4. Causes of material misstatements

Material misstatements can occur in two ways:
(1) The amount is wrong
(2) An accounting or reporting standard has not been properly applied.
Auditors must find evidence that neither of these has occurred, so auditors need to collect audit
evidence about the amount and also about the treatment of the amount in the financial statements.
Remember, audit evidence is needed about all the relevant assertions. So for a non-current asset,
evidence is needed about existence, ownership (rights and obligations), accuracy valuation and
allocation, completeness, classification, presentation. Transactions and events require evidence about
occurrence, completeness, accuracy, cut-off classification and presentation. Accounting standards
often stipulate how amounts should be classified and presented. The can also determine cut-off (eg in
revenue recognition) and valuation (inventory cannot be valued on a LIFO basis).
5. Detection risk
The detection risk itself depends on two components:
๏ Sampling risk This arises because, in most audits, auditors only
look at a very small proportion of transactions and
documents. There is always a risk that they happen
to look at all the documents and transactions
which are correct and don’t find any which are
incorrect. That can just be bad luck in sampling and
could lead the auditor to do too little work.
Sampling risk can be reduced by examining larger
samples.
๏ Non-sampling This risk arises from reasons other than sampling.
For example, if the audit staff were inappropriately
qualified then there is a high risk they wouldn’t
properly understand what was going on or detect
the regularities in the financial statements. Non-
sampling risk can be reduced by better planning of
the audit, and ensuring that audit staff are better
trained, have appropriate skills and are that their
work is well-supervised and reviewed
Good quality control procedures should reduce the
non-sampling risk: proper planning, proper
assignment of sufficiently skilled staff, proper
direction, supervision and review of staff’s work,
proper education and training of audit team
members.
6. Where audit risk can be found

Audit risk has to be reduced to an acceptable amount at both the
๏ Financial statement level

๏ Assertion levels.
Dealing first with the assertion level, essentially any single figure which appears in the financial
statements is making assertions. For example, it is saying something about its size, its accuracy, its
valuation, completeness and occurrence. There are some figures, for example, director’s emoluments
which in the overall scheme of things may not be terribly large, but which by law are required to be
disclosed accurately and a relatively small misstatement would mean that the financial statements are
not showing a true and fair view.
Dealing with the financial statement level, all the figures appearing in the financial statements could
be true, but overall the financial statements could still not show a true and fair view. For example,
liquidity issues could be concealed so that the overall effect of the accounts is to be misleading.
To get a higher assurance at the assertion levels audit procedures must be designed and performed in
line with the assessed risks of material misstatement. For example, if you are worried about
receivables valuation you have to do a lot more work verifying the receivables are recoverable.
Perhaps you could try to wait for several months after year end to see which customers actually pay.
At a financial statement level just to doing more work as such is probably insufficient. You need more
experienced and better staff. Misstatements at the financial statement level are potentially more
subtle and require a higher level of skill to detect.
Chapter 12
QUESTION PRACTICE ON RISK
1. Events, discoveries and accounting issues and implications

for the audit
A common format of a question on business or audit risk is to present you with notes from a recent
planning meeting with a client, or an email from a partner raising certain issues affecting the client.
You then have to identify the audit risks arising and have to say how you would respond or describe
how you would gather sufficient appropriate audit evidence. The information is given as a number of
paragraphs each usually dealing with one piece of information. Generally, each paragraphs will have
at least one implication for the audit of the financial statements. It is rare to be provided with
information that is of little importance.
A similar question can ask about business risk rather than audit risk. There you do not have to talk
about evidence as we are not yet at the stage of carrying out an audit. Remember, auditors are
interested in business risks because these frequently lead to audit risks.
Below is a selection of the type of issues that might be presented to you in exam questions. For each,
identify the issue(s) raised and what the implications are for the audit.
Suggested answers are provided at the end of this chapter, but you might find it easier to listen to the
lecture as each item is talked about there.
(1) During an inventory count at a company which makes jam and marmalade, a box containing 12
jars was dropped and the jars were broken. It was immediately noticed that the contents had a
bad small and had obviously gone off or had been contaminated.
(2) On the final review of an audit file, the partner in charge discovered that a junior audit assistant
had marked as ‘Correctly accounted for’ the purchases of a car where the VAT element had been
posted by the client to Input VAT. [Note: VAT on cars is not recoverable.]
(3) Non-current asset schedule:
Freehold land and

$000 Motor vehicles Computers
buildings
Cost b/f 260 10,000 2,000
Additions 50 – 600
Disposals 70 – 400
Cost c/f 240 10,000 2,200
Depreciation b/f 180 600 1,400

Charge for year 60 200 220
c/f 160 800 1,520
Depreciation rates (all straight line): cars 25%, land and buildings 2%, computers 10%. Cars are 5
years old when sold.
(4) A television company has built a small village to be used in the filming of a popular and long-
running TV program. The village has been build in an area of natural beauty and permission to
build was granted on the condition that the village is demolished and the site landscaped on
the earlier of filming ceasing and 20 years.
(5) The first audit of a new client is in progress. The holding company imports small decorative
items from abroad. Its subsidiary trades through 12 take-away pizza shops which are very
profitable. Dividends are regularly paid by the subsidiary to the holding company.
During the audit, an inventory count showed that the holding company had imported some
modern items which appear to be made of ivory, which is a banned import. Invoices for these
items traced through goods received notes described them as being made from a synthetic
material.
(6) A large printing machine originally cost $5 million and its accumulated depreciation amounts to
$3 million.The sale value of the machine to an overseas buyer in the country of Burunda, net of
selling costs, is believed to be 10 million Burundan pounds. The exchange rate at year end was 4
Burundan pounds to $1. The value in use, using cash flow projections and a discount rate of 5%,
is $1.5 million.
(7) You are the auditor of a group of companies and one of the subsidiaries has had very poor cash
flow and it seems that the bank is unlikely to renew its borrowing facility.
The finance director of the holding company has told you that it will make the required loan to
the subsidiary to keep it solvent.
(8) A company has changed the way in which it values inventory from the FIFO to the average stock
basis and has also changed its depreciation rate on machinery from 20% to 15%.
2. Business risk
As mentioned above, business risks occur when something either has gone wrong or might go wrong
in the business. In the examples below, identify the business risk and suggest how this might lead to
misstatements in the financial statements.
Suggested answers are provided at the end of this chapter, but you might find it easier to listen to the
lecture as each item is talked about there.
(1) A company has started selling goods on the Internet.
(2) A company has started to export goods.
(3) The finance director has recently left and at period end, has not been replaced.
(4) A company has failed to file its tax return on time.
(5) An employee was badly injured carrying out his duties.
(6) A computer virus disrupted the IT system for two days. All seems fine now.
(7) The company changed over from its old to its new IT system part-way through the year. The
change-over seemed to go smoothy.
3. Suggested answers
3.1. Audit risk
(1) During an inventory count at a company which makes jam and marmalade, a box containing 12
jars was dropped and the jars were broken. It was immediately noticed that the contents had a
bad small and had obviously gone off or had been contaminated.
‣ Obviously that packet will be written off,
‣ The auditor should investigate other inventory to see if this is an isolated incident of
contaminated food. First choose jars from the same batch, then choose some others at
random and perhaps extend to different products.
‣ An explanation should be sought from management as to how the contamination might
have occurred.
‣ Examine records showing previous production problems.
‣ If other inventory items cannot be shown to be safe with confidence, they will have to be
written down too.
‣ A recall scheme might be urgently needed to get customers to return the affected products.
‣ If some products have already been sold to consumers, newspaper ads and social media
should warn them too and ask them to return goods for a refund.
‣ Try to discover if any end-consumers have had health issues after consumption of the
product.
‣ Assess liabilities for damages and the value of sales to be reversed etc.
‣ Examine the company’s insurance policies to see if they have any policies that could help eg
public liability insurance.
‣ Consider whether the company would survive any adverse publicity (going concern issues).
‣ If the issue concerns a specific brand which is recognised in the SOFP, consider impairment/
write-downs.
(2) On the final review of an audit file, the partner in charge discovered that a junior audit assistant
had marked as ‘Correctly accounted for’ the purchases of a car where the VAT element had been
posted by the client to Input VAT. [Note: VAT on cars is not recoverable.]
‣ Make an appropriate journal adjustment for that vehicle.
‣ Investigate the treatments of other vehicles acquired as this might not be an isolated
mistake. Make adjustments as needed.
‣ Look at the treatment of other amounts where expenditure is not allowable for VAT (such as
entertainment expenditure).
‣ Encourage the company to come clean with the VAT authorities and assess payments due
together with any penalties.
‣ Review the performance and skill level of the audit team members. Consider additional
training.
‣ The error should have been picked up at earlier reviews ie before getting to partner level.
Look at the review processes and skills of other staff members.
(3) Non-current asset schedule:
Freehold land and

$000 Motor vehicles Computers
buildings
Cost b/f 260 10,000 2,000
Additions 50 – 600
Cost c/f 240 10,000 2,200
Depreciation b/f 180 600 1,400

Charge for year 60 200 220
c/f 160 800 1,520
Depreciation rates (all straight line): cars 25%, land and buildings 2%, computers 10%. Cars are 5
years old when sold.
‣ Assess depreciation rates. Are these usual for the classes of assets. 10% for computers looks
low.
‣ Following up that point, the cost of computers disposed off is 400, but the accumulated
depreciation is only 100. This implies under-depreciation
‣ Freehold land and buildings presumably contain freehold items so these should not be
depreciated. Depreciation of 2% has been applied to the total amount.
(4) A television company has built a small village to be used in the filming of a popular and long-
running TV program. The village has been build in an area of natural beauty and permission to
build was granted on the condition that the village is demolished and the site landscaped on
the earlier of filming ceasing and 20 years.
‣ Examine the legal agreement with respect to planning permission and the requirement to
demolish.
‣ The demolition costs must be capitalised as part of the construction costs and a long-term
provision set up (FRS15). A difficult estimate
‣ However, this amount needs to be the estimated demolition cost discounted for 20 years at
the company’s cost of capital. Cost of capital will have to be estimated.
‣ The discounting on the provision and the amount capitalised have to be ‘unwound’ over the
life of the asset.
‣ A depreciation rate of 5% is probably appropriate.
‣ Investigate any borrowing costs incurred during construction as these have to be capitalised
also (from commencement of construction to when the asset is first brought into use.)
(5) The first audit of a new client is in progress. The holding company imports small decorative
items from abroad. Its subsidiary trades through 12 take-away pizza shops which are very
profitable. Dividends are regularly paid by the subsidiary to the holding company.
During the audit, an inventory count showed that the holding company had imported some
modern items which appear to be made of ivory, which is a banned import. Invoices for these
items traced through goods received notes described them as being made from a synthetic
material.
‣ Note: the first audit of a new client always causes more audit risk, simply because the client,
business and systems are all unfamiliar. Generally, a more skilled audit team than normal
should be assigned for the first audit to reduce detection risk.
‣ Pizza shops are largely cash based. They are reported as being very profitable. Consider the
risk of money laundering.
‣ Money is going abroad through the import business.
‣ The client might have dealt with illegal items (ivory). We need to establish the material used.
‣ If the imports are illegal, the client should be encouraged to tell the authorities and any
penalties should be estimated and suitable provisions set up.
‣ If the material is ivory, or the client will not allow it to be tested, the auditor should withdraw
because the integrity of management is in doubt.
(6) A large printing machine originally cost $5 million and its accumulated depreciation amounts to
$3million. The sale value of the machine to an overseas buyer in the country of Burunda, net of
selling costs, is believed to be 10 million Burundan pounds. The exchange rate at year end was 4
Burundan pounds to $1. The value in use, using cash flow projections and a discount rate of 5%,
is $1.5 million.
‣ The fair value of the asset needs to be considered. Current carrying value is $2m. NRV = 10/4
= $2.5m. Value in use is $1.5m. If the exchange rate is steady, the carrying value should be
held at $2m. However, the exchange rate only needs to fall to 5 Burundian pounds to the S1
before the NRV falls to the current NV. Any further fall implies that an impairment adjustment
is needed.
‣ However, is the asset being held for sale under IFRS5. If so, the asset should not be
depreciated and appropriate disclosures need to be made.
(7) You are the auditor of a group of companies and one of the subsidiaries has had very poor cash
flow and it seems that the bank is unlikely to renew its borrowing facility.
The finance director of the holding company has told you that it will make the required loan to
the subsidiary to keep it solvent.
‣ The auditors need to see a ‘letter of comfort’
‣ Board minutes should be examined to see if financial support has been approved.
‣ The auditors need to assess if the holding company can provide any support needed.
‣ If support seems unlikely or impossible, the subsidiary FS will have to be drawn up on a
break-up basis.
‣ Costs of liquidation need to be estimated.
‣ Loan agreements must be looked at to see if the subsidiaries failure will precipitate the
breaching a borrowing covenant.
(8) A company has changed the way in which it values inventory from the FIFO to the average
stock basis and has also changed its depreciation rate on machinery from 20% to 15%.
‣ Inventory: a change in accounting policy, so a retrospective treatment of the change is
needed. Last year’s comparatives and opening inventory values need to be brought up to
date with respect to the new approach. A note to the FS is required.
‣ Depreciation: a change of accounting estimate, so a prospective change. The current NBV will
be depreciated over the remaining useful life of the asset. A note to the FS should be
included if the change is material.
3.2. Business risk
(1) A company has started selling goods on the Internet.

‣ A risk that the web site, sales processing, goods despatch etc do not work properly.
‣ Not clear if new receivables will be created or if payment is taken before despatch, so a bad-
debt risk.
‣ Potential data security problems.
(2) A company has started to export goods

‣ Loss of goods in transit
‣ Bad debts
‣ Will good be popular abroad?
(3) The finance director has recently left and at period end, has not been replaced.
‣ Lack of supervision and control in the finance department.
‣ Can the FS and other management accounting information be prepared properly and on
time.
(4) A company has failed to file its tax return on time.

‣ Fines, penalties and perhaps a tax investigation started.
(5) An employee was badly injured carrying on his duties

‣ Fines, damages
‣ Health and safety investigation
‣ Potential industrial action
‣ Loss of reputation/bad publicity
(6) A computer virus disrupted the IT system for two days. All seems fine now.
‣ Loss of business during that period.
‣ Loss of accounting information.
‣ Has the accounting system really recommenced without loss or corruption of data?
(7) The company changed over from its old to its new IT system part-way through the year. The
change-over seemed to go smoothy.
‣ Disruption at the time of changeover and for some time afterwards as employees get used to
the new system.
‣ There are two accounting systems to be considered. One before the change and one after
the change [not really a business risk, but the auditors will probably have to almost perform
two audits and also look carefully at the transfer of balances between the old and new
systems.]
AUDIT EVIDENCE
Chapter 13
AUDIT EVIDENCE
1. For what is audit evidence needed?

1.1. Amounts and compliance with accounting standards
Auditors aim to say, with reasonable assurance that the financial statements do not contain material
misstatements. If you remember, we have already emphasised that this means that the financial
statements must show figures which are substantially true (think sufficiently accurate) and be
presented fairly. To avoid misstatements:
๏ the calculation of the amounts

๏ their presentation and
๏ disclosure
must comply with the relevant accounting standard(s). A simple example of a misstatement through
incorrect treatment is that of a bank loan repayable in 9 months but which is classified as a long term
liability. If a 5 year loan is repayable by instalments, the liability has to be split into current and non-
current parts .
If the auditor is willing to give an assurance about the financial statements then the auditor needs
evidence that supports both the amount and its proper treatment under the accounting standards.
Evidence should be NEAT! Auditors:
1.2. Need Evidence for Amount and Treatment

The requirement to know what the accounting standards stipulate and how evidence about their
application can be collected is a big change from AA to AAA.
Many of the ways of collection evidence that you will mention in AAA answers will be identical to
those in AA (for example, tracing transactions to original documentation, inspecting assets). However,
because AAA tends to deal with more difficult audit challenges, often where matters are not clear-cut
and judgement is required. The following sources of evidence tend to become more important than
they were in AA questions:
๏ Inspect board minutes: you would expect material and difficult matters to be discussed at board
meetings.
๏ Ensure that the matter is included in the letter or representation.
๏ Ask to see impairment reviews that have been prepared by management and examine these
critically.
๏ Raise enquiries with management.

๏ Inspect correspondence with third parties, such as lawyers.
๏ Examine post period end events: trading levels, prices, use of assets, resolution of disputes etc.
2. The assertions
Even if we just consider the auditing of the amounts items in the financial statements figure it is
important to understand what an amount is asserting (saying or proclaiming). Every figure on the
statement of financial position or on the statement of profit or loss (or other documents making up
the financial statements) asserts (or says) a number of things. For example, a figure of $4m for
machinery in non-current assets implies that:
๏ The amount is accurate

๏ It does relate to machinery
๏ The assets exist
๏ The machinery is owned
๏ The assets are fairly valued
๏ All amounts have been included
The single figure is asserting all of this and evidence is needed for each assertion each figure makes.
2.1. The assertion classifications

ISA315 states the following:
“…management…makes assertions regarding the recognition, measurement, presentation and

disclosure of the various elements of financial statements and related disclosures. Assertions used by
the auditor to consider the different types of potential misstatements that may occur fall into the
following two categories and may take the following forms:
Assertions about classes of transactions and events for the period under audit:
๏ Occurrence – transactions and events that have been recorded

have occurred and pertain to the entity.
๏ Completeness – all transactions and events that should have been
recorded have been recorded.
๏ Accuracy – amounts and other data relating to recorded
transactions and events have been recorded
appropriately.
๏ Cut-off – transactions and events have been recorded in the
correct accounting period.
๏ Classification – transactions and events have been recorded in the
proper accounts.
๏ Presentation – that information is presented correctly. For
example, required disclosures are made in the
notes to the financial statements.
2.2. Assertions about account balances at the period end

๏ Existence – assets, liabilities, and equity interests exist.
๏ Rights and obligations – the entity holds or controls the rights to assets, and
liabilities are the obligations of the entity.
๏ Completeness – all assets, liabilities and equity interests that should
have been recorded have been recorded.
๏ Accuracy, valuation and allocation – assets, liabilities, and equity interests are included
in the financial statements at appropriate amounts
and any resulting valuation or allocation
adjustments are appropriately recorded.
๏ Classification – transactions and events have been recorded in the
proper accounts.
๏ Presentation – that information is presented correctly. For
example, required disclosures are made in the
notes to the financial statements.
Note that these assertions imply that the treatment (eg calculation and classification and disclosure)
of the figures is correct and complies with relevant accounting standards.
3. Gathering audit evidence

The procedures for obtaining audit evidence are:
๏ Analytical procedures (ratios, changes and comparatives)

๏ Enquiry and confirmation. For example, asking the directors if they intend to sell or close down
any part of the business.
๏ Inspection. For example, the physical condition of inventories or non-current assets.
๏ Observation. For example, watch what staff do in the warehouse as deliveries are received.
๏ RecalcUlation and re-performance. For example, recalculate the profits recognised in a
construction contract to ensure that they have been correctly carried out.
You might remember that these five procedures can be remembered by the vowels, A, E, I, O and U.
There are no other methods of gathering evidence whatsoever.
4. Analytical procedures
Analytical procedures consist of looking at amounts in the financial statements, calculating ratios and
then comparing the amounts and ratios to:
๏ Last year’s results

๏ Budgets
๏ Industry standards
Also the trends and changes in the company’s financial statements over time will be examined.
Analytical procedures are a powerful source of evidence and is used in three places:
๏ Planning. – If last year’s inventory amounted to 34 days’ of
supply and this year amounted to 97, then you
have identified an area that will need attention
during the audit. Why has inventory increased so
much? Was this planned? Is there an error? Will it
sell? What value should it have?
๏ Substantive tests. – If last year’s collection period was 32 days and this
years is 31.5, then this gives some confidence that
the figures this year are correct. Similarly if sales are
very close to budget, this implied some support for
the figures being correct
๏ Final review. – Here, just before the audit report is signed, the
partner stands back and looks at the financial
statements as a whole. Do the figure seem to make
sense?
Analytical procedures allow the auditor to assess whether or not the financial statements are
consistent with their understanding of the entity. If they believed that the entity was substantially
dealing in cash transactions yet it had a large receivables balance they might wonder why.
If the receivables balance changes dramatically from one year to the next, but sales hadn’t really
changed, the auditors might begin to question the recoverability of those balances. If the days of
inventory held by the organisation rapidly increased they might begin to worry about the valuation of
inventory and whether or not it could all be sold at above cost.
Auditors can also look at how expenses change from year to year. If a business keeps about the same
level of activity you wouldn’t expect the expenses such as telephone, post, heating, and lighting to
increase much more than the rate of inflation.
If, however, the telephone costs had increased markedly the auditors need to find out why. It might
be because the company had gained an important overseas customer and there are now many high
cost overseas telephone calls. If the increase can’t be explained in a reasonable manner then an error
may have been made and wrong amounts may have been posted to the telephone account.
5. Sufficient, appropriate audit evidence

So now we know the various sources of audit evidence (analytical procedures, enquiry and
confirmation, inspection, observation, and recalculation and re-performance), but how much audit
evidence is needed?.
ISA 500 states that there should be:

๏ Sufficient
๏ Appropriate
audit evidence, to be able to draw reasonable conclusions on which to base an audit opinion.
Sufficient is to do with the quantity of audit evidence.
Appropriate is to do with how relevant and reliable it is. With respect to the relevance and reliability
of audit evidence we can say that:
๏ External evidence is better than the entities records. For example, looking at a bank statement
or a bank certificate is very good evidence about how much cash was in the bank account at a
particular date.
๏ Evidence obtained directly by the auditor is better than evidence passed on by the clients. The
problem is that if the evidence is passed on by the client you don’t know if it’s complete. The
client could be suppressing information they don’t want you to see.
๏ Audit evidence is better if there is a good internal control system. A good internal control
system should mean that the checking performed by the client reduces a likelihood of errors
been made.
๏ Written evidence is much better than oral. Someone once said oral evidence isn’t worth the
paper it is written on. If evidence is oral what evidence can you, the auditor, show to prove you
actually received it.
๏ Originals are better than photocopies. Nowadays with scanners and graphics programs it’s very
easy to alter documents and these alterations are very difficult to spot. Therefore original
contracts and documents of title should be sighted. The auditors may take a photocopy to keep
on their audit file, but they should be taken from the original documents.
Chapter 14
A SUMMARY OF IMPORTANT
ACCOUNTING STANDARDS
1. Introduction
Remember, the financial statements will not show a true and fair view if amounts have not been
calculated, displayed or disclosed in line with the accounting standards.
Auditors must also collect evidence the confirm that the accounting standards have been complied
with.
The information set out below is very much in summary form. If you need to go back to P2 material
(available on the OpenTuition site). But, actually, the best way to relearn these and see how they are
examined in AAA is do do lots of past ACCA questions. Note that if an IAS or IFRS has been updated
since the AAA paper was set, (for example on revenue recognition) the ACCA answers are not
changed and will be out of date.
2. The summary (alphabetically)

2.1. Accounting policies, estimates and errors (IAS 8)
Change to an accounting policy: retrospective effect, so restate opening figures and comparatives.
Disclose in notes.
Change to an accounting estimate (eg depreciation rate): prospective effect. If material disclose.
Correction of prior period errors: restate opening and comparatives as though error had not occurred.
If material, disclose.
2.2. Assets (non-current) held for sale and discontinued operations (IFRS 5)
Classified as this is:
๏ Management is committed to a plan to sell

๏ Sale is probable (< 1yr away)
๏ Asset immediately available for sale
๏ Being actively marketed at a realistic price
๏ Plan to sell unlikely to be abandoned
Measure at the lower of carrying value and fair value less costs of sale (fair value = the buying/selling
price between knowledgeable and willing parties in an arms length transaction).
No depreciation, even if still in use.
For discontinued operations show the post tax profit of the discontinued operation and the post tax
gain or loss (measured to fair value) less costs to sell.
2.3. Borrowing costs (IAS 23)
Finance costs capitalised when assets are being constructed. The period of costs to be capitalised is
from the commencement of the construction to when the asset is ready for use.
2.4. Construction contracts (IAS 11)
If, say 75% complete, recognise 75% of profit. Tale expected losses immediately. Progress measured
by costs, surveys, physical progress. SOFP amount is:
Costs incurred X
add: recognised profit X

less: recognised losses (X)
less: progress billings (X)
= gross amount due to/from customers X
2.5. Contingent liabilities, asset and provisions (IAS 37)

A contingent liability is a possible liability arising from past events but the existence of that liability
will only be confirmed by future events.
๏ If the present obligation probably requires the outflow of resources then a provision is
recognised and disclosures are required.
๏ If it is a possible obligation that will probably not require the outflow resources, no provision is
required but disclosure should be made by way of notes.
๏ If the outflow of resources is remote no provision and no disclosure is required.
A contingent asset is a possible asset arising from past events but whose existence will only be
confirmed by future events.
๏ If an inflow of economic benefits is virtually certain then the asset is not contingent: it’s a real
asset and should be showed in the statement of financial position.
๏ If the inflow of economic benefits is merely probable, not virtually certain, then it would be
imprudent to recognise that asset in the balance sheet but disclosures by way of a note will be
useful and therefore should be made.
2.6. Events after the reporting date (IAS 10)
Occur between SOFP and date of approval of the FS.
Adjusting: more evidence of conditions that existed at date of SOFP; adjust FS
Non-adjusting: events that occurred after the end of the reporting period. If material disclose by way
of note.
2.7. Financial instruments (IFRS 9)
Essentially, accounting for financial instruments deals with investment in shares, bonds, receivables,
how the business accounts for financial liabilities, equity instruments and derivatives.
Commonest treatment of financial liabilities is to deal with these at amortised cost. Each period the
liability increases by the finance cost charged and decreases by the cash repaid.
Financial assets can be equity or debt instruments. The commonest treatment of equity instruments is
to value them at fair value plus transactions costs. Value movements go through other
comprehensive income.
Debt instruments can be valued at
(1) Fair value through profit or loss: initial measurement and subsequent measures at fair value and
differences recognised as income; or
(2) Amortised cost if the business model and cash flow tests are passed.
Business model test: entity must be holding the financial asset to collect the contractual cash flows
from the asset they are entitled to.
Cash flow test: the cash flows collected must be only of interest and capital (thus ruling out
convertible bonds form this treatment
2.8. Foreign exchange (IAS 21)
When a transaction occurs translate it into the at the rate at the date of the transaction or at the
average rate over the period. For example, the purchase of a machine from a foreign supplier.
For the SOFP, translate monetary items at the closing rate (eg the amount owing to the machine
supplier). Non-monetary items are not retranslated and remain at amount they were first translated at
(historical rate). The cost of the machine bought is not retranslated.
Exchange rate differences are recognised in the SPL.
With respect to subsidiaries, the whole SOFP is translated at the closing rate . Income and expenses
are translated at the average rate for the period.
Exchange adjustments on consolidation are taken to reserves until disposal of the component when
they are transferred to the SPL.
2.9. Government grants (IAS 20)
Recognise only if reasonable assurance the conditions attached to the grant will be met and the grant
will be received.
Income grants: recognise in statement of profit or loss and match against future related costs if any
otherwise recognise immediately.
Capital grants: credit against cost of the asset (thereby reducing depreciation) or treat as a deferred
credit of the SOFP and release to the SPL over the life of the asset.
2.10. Impairment of assets (IAS 36)
Compare carrying value to recoverable amount. If CV>RA, write down. RA is the higher of NRV and
value in use.
Indicators of impairment include:
๏ Damage
๏ Obsolescence (or fall in the income arising form the use of the asset)
๏ Change in use
๏ Fall in market value
๏ Competitor actions
๏ Operating losses in the business where the asset is used.
Record in the statement of profit or loss as an expense, but if previously revalued first set against the
revaluation reserve.
2.11. Intangible assets - research and development (IAS 38)
Charge research costs against profits as incurred. Development costs can be capitalised provided:
๏ Project is feasible
๏ Asset will generate future economic benefits
๏ Entry has adequate technical, financial and other resources (eg personnel) to complete the
project
๏ Expenditure can be reliably measured
๏ Asset will be completed then used or sold by the entity.
2.12. Intangible assets (IAS 38)
Capitalise at cost if identifiable, controlled, generation of future economic benefits probable and the
cost can be measured reliably.
Purchased intangibles with a finite life (such as brands and licences) should be amortised over their
useful economic lives.
Purchased intangibles with indefinite life (such as goodwill) should be subjected to an annual
impairment review.
Note that training costs can never be capitalised: they might bring economic benefits, but the
company cannot control the costs: employees can leave.
2.13. Inventory (IAS 2)
Lower of cost and NRV
2.14. Investment property (IAS 40)
Held for rental income or capital gains. Choose either the cost (depreciate) or fair value method
(possible impairment) of valuation. Gains and losses on revaluation using the fair value model are
recognised in the SPL.
2.15. Leases (IFRS 16)
Other than low-value assets or short-term leases (less than12 months), all leased assets are recognised
in the SOFP as right-of-use assets.
At the start of the lease the lessee should recognise the present value of future lease payments as a
liability. The leased asset is also recognised in the SOFP, often as just the matching double entry but
professional fees and future dismantling costs would need to be added if present (as with normal
property, plant and equipment assets).
The asset can subsequently be measured on either the cost or revaluation model. Depreciation should
be straight line over the period of the lease.
Each year the liability is increased by the interest charged and reduced by the lease payments. The
liability must be split between its current and non-current parts.
2.16. Operating segments (IFRS 8)
Disclose information about each operating segment. An OS engages in business activities, its results
are regularly reviewed by entity’s chief decision maker and has discrete financial information. For
separate reporting:
Sales at least 10% (includes sales to other segments) of entity’s total revenue; or
Profit at least 10% of total profit of all segments making a profit
Loss at least 10% of total loss of all segments making a loss
Assets at least 10% of entity’s total asset.
2.17. Pensions/employee benefits (IAS 19)
Defined contribution: employer (and employee) pay contributions but there is no obligation to pay
additional sums after retirement even if the pensions are disappointing. Accounting is easy:
contributions are simply a period expense.
Defined benefit: employer (and employee) pay contributions but there is an obligation to pay
additional sums after retirement if necessary to increase the pension to the defined benefit amount.
Accounting is more difficult as deficits might have to be made good.
Compare: Plan assets and Plan liabilities at present value amounts (actuarial report needed). Show
the net asset or liability on the SOFP.
SPL amounts arise from:
๏ Current service costs (employees have worked another year and contributions will have been
made for that year).
๏ Past service costs (change to the present value of a defined benefit obligation arising from past
periods’ service and caused by an amendment in the pension terms).
๏ Curtailment component = reduction in pension liabilities because of a reduction in employees
covered.
๏ Settlement component = when a pension obligation is eliminated (eg an employee moves to
another employer and a transfer of pension fund value is made to the new employer’s pension
scheme).
๏ Net interest component = is the change in measurement of both the obligations and the fund
assets because of the passage of time.
๏ Measurement component = changes arising from actuarial alterations.
2.18. Property, plant and equipment (IAS 16)
Items of property, plant, and equipment should be recognised as assets when:
๏ it is probable that the future economic benefits associated with the asset will flow to the entity, and
๏ the cost of the asset can be measured reliably.
IAS 16 permits two accounting models:
๏ Cost model. The asset is carried at cost less accumulated depreciation and impairment.
๏ Revaluation model. The asset is carried at a revalued amount, being its fair value at the date of
revaluation less subsequent depreciation and impairment, provided that fair value can be
measured reliably.
Under the revaluation model, revaluations should be carried out regularly, so that the carrying
amount of an asset does not differ materially from its fair value at the balance sheet date.
If an item is revalued, the entire class of assets to which that asset belongs should be revalued.
Revalued assets are depreciated in the same way as under the cost model.
2.19. Revenue recognition (IFRS 15)
Five-step model framework:
(1) Identify the contract(s) with a customer
(2) Identify the performance obligations in the contract
(3) Determine the transaction price
(4) Allocate the transaction price to the performance obligations in the contract
(5) Recognise revenue when (or as) the entity satisfies a performance obligation.
Revenue is recognised as control is passed, either at a point in time or over time.
Point in time
Revenue is recognised when control is passed at a certain point in time. Factors that may indicate the
point in time at which control passes include, but are not limited to:
๏ the entity has a present right to payment for the asset;

๏ the customer has legal title to the asset;
๏ the entity has transferred physical possession of the asset;
๏ the customer has the significant risks and rewards related to the ownership of the asset; and
๏ the customer has accepted the asset.
Over time
An entity recognises revenue over time if one of the following criteria is met:
๏ the customer simultaneously receives and consumes all of the benefits provided by the entity as
the entity performs;
๏ the entity’s performance creates or enhances an asset that the customer controls as the asset is
created; or
๏ the entity’s performance does not create an asset with an alternative use to the entity and the
entity has an enforceable right to payment for performance completed to date.
Chapter 15
AUDIT EVIDENCE: COMPUTER ASSISTED
AUDIT TECHNIQUES
1. Technique types
These are three types of computer assisted audit techniques, or CAAT:
๏ Audit programs
๏ Test data
๏ Embedded test facilities
The techniques can add greatly to audit efficiency and effectiveness. For example, audit programs can
very quickly read thousands of records, examining each according to the criteria set by the auditor.
Test data can be used to investigate the operation of accounting programs that could not be easily
tested in any other way.
1.1. Audit programs

Audit programs are used to examine and interrogate clients’ accounting data. The auditor will have a
program which can read the clients’ files. That program can be used for the following:
๏ To select a sample of transactions to investigate.

๏ The samples could be automatically stratified.
๏ The program might be set to identify odd transactions or balances. For example, credit balances
on a receivables ledger, or inventory which hasn’t moved for some time.
๏ It could also re-perform calculations. For example it is important to check that the sum of the
receivables accounts add up to the balance shown in the nominal ledger and hence in the
financial statements.
Note that by using audit programs to scan clients’ data every transaction can be examined relatively
easily. This can be particularly effective in the investigation of fraud where often major amounts are
misappropriated by making many small thefts that evade clients’ normal internal controls. For
example, every payment could be examined to see if any had gone to a particular bank account.
1.2. Test data
Test data is used to investigate the operation of clients’ programs. The auditor designs and submits
data that is then processed by the client’s programs. This enables the auditor to check whether or not
the clients’ programs are operating correctly and as expected, and whether or not the various controls
which were supposed to be present are actually operating. For example, what happens if a dispatch
entered for a zero quantity, or for a non-existing product, or for a non-existing customer, or a dispatch
which would raise the balance on the debtor’s account to above the credit limit. Test data would be
designed to check that the controls are present. There would be some normal items, some unusual
items and some extreme or unexpected items.
The auditor should predict what the client’s program should do and then compare those predictions
with what the client’s program actually produces. A problem with test data is that the auditor is
processing artificial false transactions into the client’s system and many clients dislike that. Therefore
it is usual for test data to be what’s known as ‘dead test data’. This means that it is not actually used on
the client’s file but is used on the copy of the client’s file but using the client’s programs.
Examine client
Audit programs data
Tests client
Test data
programs
1.3. Embedded audit facilities

Integrated Test Facilities or a System Control and Review File are permanent audit modules within the
accounting system. During the accounting period certain transactions are also recorded in these files
for later examination by the auditor. For example, large journal entries, large returns and so on. It can
be difficult to discover these at the end of the period in a normal accounting system because they will
be buried amongst perfectly normal transactions and might have been cleared from the files.
The review files should be encrypted and locked so that only the auditor can access the information
on them.
Chapter 16
AUDIT EVIDENCE PROVIDED BY THIRD
PARTIES
1. Introduction
Sometimes auditors have use evidence which is provided by third parties:
For example:
๏ Using experts in areas where the auditor has little expertise, such as:
‣ Actuaries to evaluate the adequacy of pension scheme funds
‣ Estate agents to value property
‣ Lawyers to estimate a legal liability
‣ Gemologists to value diamonds
‣ Geologists to estimate mineral deposits
๏ Internal audit can be used to perform audit work on parts of a business.
๏ Other auditors might be responsible for auditing one of the group’s companies.
In none of these cases can the audit firm escape its responsibility for providing its own opinion about
the financial statements. The auditor must still obtain sufficient appropriate audit evidence that any
third party’s work does itself provide sufficient appropriate audit evidence: auditors cannot shift
blame to an expert if a material misstatement appears in the published financial statements. Indeed,
reliance on a third party should not normally be disclosed in the audit report as this suggests an
attempt to ‘blame-shift’.
2. Classes of expert
๏ An auditor’s expert: possess expertise used to assist the auditor. Can be either an internal expert
(a partner or member of staff) such as an actuary employed by the auditing firm, or an external
expert who is subcontracted to perform the work
๏ Management’s expert: possess the expertise to assist management of the company to prepare
the financial statements. Can also be internal or external.
The fact that a management’s expert has prepared figures does not stop the auditor using an
auditor’s expert. For example, is management’s expert is an employee of the client there are obvious
risks that the expert has been influenced by management. It can be difficult for an employee to be
independent from their employer.
3. What the auditor has to do initially

The auditor must be satisfied that the third party:
๏ Has appropriate qualifications.

๏ Has the proper experience. Qualification does not necessarily mean that the expert has the
specific expertise needed. A surveyor could be qualified, but specialise in domestic property and
that would be no good for the valuation of commercial property.
๏ Is independent of the client (otherwise the client could pressurise the third party).
๏ Is professional.
You will appreciate that forming an opinion on the competence of a third party can be difficult and
the auditor should make enquiries from others who have used the expert, discover whether they have
used that expert before with satisfactory results and generally try to assess the third party’s
reputation.
The work to be performed by the third party has to be closely defined:
๏ Its nature, scope and objectives

๏ The respective responsibilities of the auditor and the third party have to be defined.
๏ The nature, scope and timing of communications must be set out.
๏ The expert should be required to observe confidentiality. For example, valuable information
about a company’s worth can be found by looking at the value of its property portfolio. A
pension deficit implies bad news for the company.
4. What the auditor has to do after receiving the report from

the third party
The auditor cannot verify all the technical calculations or repeat all the work done by the expert
(otherwise the auditor would have had no need for the expert). However, the auditor must examine
the expert’s work with respect to:
๏ Consistency with other evidence. For example, if a property valuer reported a decrease in the
value of a client’s property portfolio, yet the newspapers were full of news about a property
boom, the auditor should challenge the valuer’s results.
๏ Assumptions made. For example about the rate of inflation or rate of returns that might be
earned on pension funds.
๏ Use and accuracy of source data. To value property the valuer must start with an up-to-date list
of the properties the company owns. If the right properties are not listed, the valuation will
certainly be incorrect.
๏ When the work was carried out to assess if it is still current or whether it has gone out-of-date.
Chapter 17
AUDIT EVIDENCE PROVIDED BY
INTERNAL AUDIT
1. Introduction
The previous chapter looked at the use of third parties as providers of audit evidence. One class of
third party is internal audit and this chapter looks in a little more detail at how internal auditors can
assist the external auditors.
2. The internal audit function

Corporate governance rules (at least the UK version) do not insist that companies have and internal
audit department, but they must keep the need for internal audit under review. More and more
companies now have internal audit departments. These departments carry out work such as:
๏ Assessment of the design and operation of the internal control system.

๏ Helping with stock-takes.
๏ Verifying the physical existence of non-current assets.
๏ Assessing value for money of various activities.
๏ Carrying out special investigations, such as investigating a fraud.
๏ Assessing the security and operation of the IT system.
Internal auditors can be company employees but the function can also be outsourced.
Obviously the internal auditors’ work can be of assistance to external auditors, particularly in their
assessment of the internal control system, attending stock-takes and verifying the existence and
condition of assets. Internal auditors will often examine these matters in much more detail, and
perhaps with more insight, than the external auditors.
However, it is important to note that ISA 610 states that internal audit can be involved in substantive
reporting only in areas where only limited judgement is required. All areas involving substantial
judgement or estimates must be handled by the external auditors.
3. Making use of internal audit work

As was mentioned earlier, external auditors cannot shift or evade their responsibilities for providing
by trying to blame poor internal audit work for any problem that arises. External auditors are solely
responsible for the audit report and they have to obtain sufficient appropriate evidence that the
internal audit work is reliable and of the right standard.
If internal audit work is going to be relied upon, the external auditor must:
๏ Assess the organisational status of the internal audit department. Are the internal auditors
objective? To whom do they report? (Should normally be the audit committee but they should
also have access to senior directors). The size of the internal audit department can be relevant. A
single internal auditor in a company can have a lonely existence, unsupported by colleagues.
However, a team of 10 internal auditors can provide mutual strength. (Note that if the internal
audit function is outsourced, it might be more independent and objective than when the
internal auditors are employees).
๏ Assess the competence of the internal audit department: are the employees members of a
professionals body? Are they qualified? Do they undergo regular training and updates? Do they
have time and resources to carry out their work adequately?
๏ Assess if the internal auditors carry out their work in a disciplined and systematic way. Are there
quality controls? Is there standard documentation? Is the work planned and reviewed?
The external auditor should assess if:
๏ The internal audit work was properly planned, executed, supervised, reviewed and documented.
๏ Sufficient appropriate evidence had been obtained to enable the internal auditors to draw
reasonable conclusions.
๏ The conclusions reached aww appropriate and the reports produced are consistent with the
results of the work performed.
The assessment will involve the external auditors reviewing the working papers of the internal audit
function.
4. Direct assistance
Some national jurisdiction (not the UK or Ireland) allow the internal auditors to provide direct
assistance to the external auditors. This means that the internal auditors perform audit procedures
under the direction, supervision and review of the external auditor.
If internal auditors are being used to give direct assistance, the external auditor must assess the
existence of significant threats to objectivity ie can the internal auditors be regarded as being
independent? The external auditors must also assess and the level of competence of internal auditors.
Chapter 18
OUTSOURCED ACCOUNTING FUNCTIONS
1. Introduction
Outsourcing can be defined as:
Hiring a party outside the organisation to perform services and to create goods that would otherwise
be performed internally by the organisation’s own employees.
Outsourcing is often accompanied by off-shoring where the outsourced function is provided by a

supplier based overseas.
Examples of outsourcing functions include:
๏ Logistics (eg delivery of products to customers)

๏ Marketing
๏ Recruitment
๏ Legal services
๏ Production/assembly
๏ Information technology (facilities management)
๏ Receivables ledger management (factoring)
๏ Tax planning and calculations
๏ Payroll
๏ Accounting
๏ Internal audit
This chapter deals particularly with the last six functions on this list.
2. Potential advantages and disadvantages of outsourcing

Advantages
๏ Access to specialist expertise

๏ Reduction in cost with efficiency gains
๏ Flexibility in responding to uneven demand
๏ Greater cost certainty through fixed-fee arrangements
๏ Transfer of risk
๏ Unburdens management from having to closely manage the out-sourced function (though the
process of out-sourcing does itself have to be managed).
๏ For internal audit, greater independence.
Disadvantages
๏ Loss of control
๏ Damage to reputation if the outsource company does not perform well
๏ Difficult to reverse (and hence, prices can be steep because the outsource company knows this)
๏ Lack of responsiveness to new requirements
๏ Different aims of the outsourcer and the outsource company leading to a lack of goal
congruence
๏ Confidentiality. Company and client data are held by another party.
3. Impact on the audit

Often, the outsource company (the service company) simply becomes a supplier. For example,
outsourcing delivery of products to a logistics company will have little effect on audit work. However,
if IT and finance functions are outsourced that means that the financial information, records and
processing are the province of a third party and this will impact on the audit. The auditor simply
cannot ignore what’s is going on with client data at the service company. For example, when
assessing the valuation of receivables, the auditor would typically examine the client’s aged
receivables analysis and ensure that it was properly prepared so that it could be used reliably. If a
service provider, such as a factor, produces that analysis instead, the auditor simply cannot assume
that it has been prepared correctly and base the receivable valuation on that.
The auditor needs an understanding of the processing and maintenance of client data by the service
organisation to be able to draw conclusions about the risk of material misstatement. There are two
situations:
(1) The service company simply processes client’s transactions. Here, the client should be able to
implement its own controls eg compare input to output, ensure all transactions processed.
(2) The service company additionally executes and takes responsibility for the client’s transactions.
Then the client company will have to rely on the controls and procedures within the service
company.
The auditor can obtain the required understanding through:
๏ User manuals.
๏ System overviews.
๏ Technical manuals.
๏ Reports by the service organisation (eg internal audit reports).
๏ Reports by the service auditor (such as letters highlighting internal control weaknesses).
๏ Knowledge derived from previous dealing with the service organisation (eg was it reliable in the
past).
๏ Comparing data submitted to the service company to information and data received back (for
example, are salary changes properly processed?).
๏ Obtain and assess a Type 1 or Type 2 Report (see below).
๏ Ask the service organisation for information.
๏ Visit (with permission) the service organisation and carry out audit procedures there.
๏ Use (with permission) another auditor to cary out audit procedures at the service organisation.
ISA 402, Audit Considerations Relating to an entity using a service organisation, refers to two types of
report:
๏ Type 1 Report:
A report which comprises:
A description, prepared by the management of the service organisation about the service
company’s control objectives and related controls that have been implemented.
A report prepared by the service auditor giving reasonable assurance on the suitability of the
service company’s systems and control objectives.
The service auditor is an auditor who at the request of the service company provides an
assurance report on the controls of the service organisation.
๏ Type 2 Report:
A report which comprises:
A description, prepared by the management of the service organisation about the service
company’s control objectives and related controls that have been implemented and sometimes
a description of their operating effectiveness.
A report prepared by the service auditor giving reasonable assurance on the suitability of the
service company’s systems and control objectives, the effectiveness of the controls and a
description of the service auditor’s tests of the controls and the results of those tests
So the Type 2 Report is more rigorous and useful to external auditors than Type 1 Reports.
The auditor can also ask management about problems and irregularities in the service company’s
work.
If the auditor cannot obtain sufficient appropriate evidence about the quality and reliability of the
processing being carried on by the service organisation, then the audit opinion will have to be
modified.
Chapter 19
WRITTEN REPRESENTATIONS
1. Introduction
ISA 580 requires auditors to obtain written representation from management and those charged with
governance. Written representations are necessary information that the auditor requires and written
representations are part of audit evidence. However, although they are necessary audit evidence they
are not sufficient audit evidence on their own on any of the matters with which they deal. Nor do
written representations affect the nature and extend of other audit evidence that the auditor needs to
obtain.
2. Purpose
The objectives of the auditor are to obtain written representations that:
๏ Management and those charged with governance have properly prepared and presented the
financial statements and have provided complete information to the auditor.
๏ All transactions have been recorded.
๏ Support other audit evidence.
The written representations should be dated as near as possible to, but not after, the date of the audit
report.
In particular, letters of representation are important where it could be difficult for the auditors to
make sure that certain problems do not exist, or that management does not have certain intentions or
plans. If you don’t know about a liability it can be difficult to discover. It can also be difficult to
discover management plans if they have now been discussed at board meetings and recorded in the
board minutes.
Management representations cannot substitute for other audit evidence except where knowledge
has confined to management and where the auditor is relying on the management’s judgment and
opinion, for example on the future sale or closure of part of their operation.
Otherwise, when a letter of representation is received, the auditors should look for corroboration from
other sources to support what management has said, and to evaluate whether the representations
made by management appear to be reasonable and consistent with other audit evidence that has
been obtained by the auditors.
If the letter of representation is not provided then the auditor must re-evaluate the integrity of
management and assess their proposed audit report. In general if there is no letter of representation,
important audit evidence is missing and the audit report will be modified and a disclaimer of opinion
given.
3. Typical contents of a letter of representation

Here are some examples of content of a typical letter of representation:
๏ No material irregularities. In other words the directors are not aware of any material frauds that
have taken place during the period.
๏ The company has complied with all laws and regulations.
๏ That they have disclosed all liabilities and these are reflected in the financial statements.
๏ That management is not aware of any pending legal actions.
๏ That there have been no subsequent events (events occurring after the balance sheet date)
which may require the financial statements to be adjusted or if not requiring it to be adjusted, at
least requiring some disclosure.
๏ That the directors have no plans to shut down any parts of the operations of the organisation. If
there were plans to shut down part of the organisation that would probably affect the valuation
of certain assets.
๏ That inventory is valued at the lower of cost of net realisable value.
๏ That the directors do not believe that there is a going concern problem.
๏ That all charges and assets have been disclosed, that is any assets which have been pledged for
security of a loan for example, that would affect the rights and obligation assertion of those
assets.
Chapter 20
RELATED PARTIES
1. Introduction
Related parties can pose real difficulties for auditors because it can be very difficult to detect the
relationship and related party transactions. Certainly the letter of representation sent by directors to
the auditors at the end of the audit would make reference to the fact that either there were no related
party transactions or that all have been disclosed.
For example, one person owns two companies and each company has different auditors. If Company
A sells goods to Company B at inflated prices, Company B will make artificial losses and Company A
artificial profits. Perhaps the owner intends to put Company B into liquidation to escape its creditors,
but the cash has been safely transferred to Company A. It would probably be difficult for the auditors
to detect what was going on.
2. What is a related party and why are they difficult for

auditors?
Related parties are defined in IAS 24.
The objective of IAS 24 is to ensure that an entity’s financial statements contain the disclosures
necessary to draw attention to the possibility that its financial position and profit or loss may have
been affected by the existence of related parties and by transactions and outstanding balances,
including commitments, with such parties.
A related party is a person or an entity that is related to the reporting entity:
๏ A person or a close member of that person’s family is related to a reporting entity if that person
has control, joint control, or significant influence over the entity or is a member of its key
management personnel.
๏ An entity is related to a reporting entity if, among other circumstances, it is a parent, subsidiary,
fellow subsidiary, associate, or joint venture of the reporting entity, or it is controlled, jointly
controlled, or significantly influenced or managed by a person who is a related party.
Note that subsidiaries, associated companies, joint venture partners and the entity’s pension scheme
are related parties. You might thing it is easy, for example, to identify when a company is an associate,
and this would be expected when producing the group financial accounts. But if you were auditing
the associate, how would you detect it was an associate of the ‘holding company’ and was trading
with another company that was also an associate of that ‘holding company’ and therefore under the
influence of the investing entity?
Detecting ownership by family members is also very difficult: they might not all have the same family
name.
Particular problems can arise if:
๏ Transactions between the parties take place without charge. For example, simply moving
inventory from one party to the other without any accounting entries will distort profits.
๏ Related party transactions are ‘buried’ amongst normal transactions.
๏ There are parties that the auditor is unaware of.
๏ Complex group structures can make identifying related parties very difficult.
๏ Management might try to conceal the relationships.
๏ Management simply might not know that certain transactions fall within related party rules.
There is nothing illegal about a company trading with a related party: this happens all the time in
groups. However, as described above, the existence of related party transaction increases the chance
that transactions are false, not at arms length, have been entered into to defraud other parties or to
evade tax.
3. Responsibilities
It is management’s responsibility to identify and disclose related party transactions. However, of
course, this does not absolve the auditors from exercising professional scepticism or from trying to
obtain evidence about the existence of related party transactions.
If related party transactions are not identified by management or the auditors there is an increased
risk of:
๏ Fraud
๏ Unfair presentation
๏ Non-compliance with the law (eg tax legislation)
Audit procedures:
These include:
๏ Enquire from management about related party transactions. Auditors would have to explain the
concepts and give examples to help management.
๏ Review last year’s working papers.
๏ Review the board minutes.
๏ Review the accounting records for unusual transactions. CAAT techniques could help here by
looking at every significant transaction over the period.
๏ Review bank certificates (one company might have given guarantees on behalf of another).
๏ Review principal shareholders of companies with whom the client trades.
๏ Ask the directors about their other directors and share ownership
๏ Review correspondence with lawyers.
๏ Review investment activities eg the purchase of shares that might indicate that significant
control has been acquired.
๏ Enquire into the names of pension trustees.
๏ Obtain written representation from management
4. Disclosures required in the financial statements

๏ Relationships between parents and subsidiaries irrespective of whether there have been
transactions between the parties.
๏ The amount of the transactions
๏ The amount of outstanding balances and their terms
๏ Allowances for doubtful debts relating to the outstanding balances
๏ The expense recognised in the period in respect of irrecoverable or doubtful debts due from
related parties.
THE AUDIT OF GROUP FINANCIAL STATEMENTS
Chapter 21
GROUP AUDITS
1. Introduction
Generally, each separate company in the group will have been audited as normal, as though it were a
stand-alone company. This chapter deals with auditing the group financial statements, for example
the consolidated financial statements. The audit of group financial statements requires some
additional steps and considerations not seen in the audit of individual companies.
The task is simpler if the auditor of the group financial statements also audits all components of the
group. Otherwise, the group auditor is having to place reliance on the work of third party auditors.
2. The additional work in summary

Broadly the additional work is:
๏ What is the proper way to deal with a company’s investments in other companies?
‣ A simple investment
‣ An associated company
‣ A company that must be fully consolidated
๏ The general name for a part of a group is a component company
๏ What happens if the auditor of the group is not the auditor of all companies in the group?
๏ Care is needed with inter-company balances, stock-in-transit and cash in transit.
๏ Unrealised profits in inventory (and perhaps on the transfer of non-current assets) must be
eliminated.
๏ The process of consolidation has to be carefully checked ie that the amounts in each category
are added up properly to give the groups totals.
๏ The goodwill figure(s) have to be verified and checked that impairment of goodwill is not
appropriate.
๏ If a company has been acquired part-way through the year then the profits will have to be
apportioned: profits prior to acquisition are bought; profits after acquisition are earned.
๏ Accounting policies must be uniform through out the group if consolidated.
๏ The financial statements of group companies must have the same reporting date if
consolidated.
3. The proper accounting treatment of investments

Type of investment Test Appropriate treatment
Subsidiary Control: the power to govern the Full consolidation
financial and operating policies of an
entity. The investor has the right to
variable returns and these are affected
by the exercise of power by the
investor. Generally presumed to exist
if at least 50% of the equity is owned.
However, owning less than 50% can
sometimes be enough to give control
(eg if there is a right to appoint board
members).
Associate One company has significant influence Equity accounting. The investment is
over another. Usually the shareholding initially recognised at cost and the
is 20 to 50% carrying amount is then increased or
decreased to recognise the
investor’s share of the retained profit
or loss of the investee after the date
of acquisition (ie the post-acquisition
change in the investor’s share of the
investee’s net assets.)
Joint venture A contractual arrangement in which Equity accounting
two or more parties undertake an
economic activity that is the subject of
joint control.
4. Responsibility for the group audit report

The group auditor has the sole responsibility for expressing an audit opinion on the group financial
statements. This is so even if the group auditor is not the auditor of all the group components.
The group engagement partner is responsible for all aspects of the group audit: planning, setting
materiality levels, review, seeking more information where necessary and for forming an opinion on
the group financial statements. Indeed, the group auditor is not allowed to even comment that some
components of the group were audited by another firm.
5. Materiality
An important part of the group engagement partner’s responsibility is to consider materiality. A
matter is material with reference to the group financial statements - not the financial statements of a
component. Usually this will mean that the materiality limits are higher for group financial statements
than for component financial statements (simply because the figures in the group financial
statements are usually the sum of the figures in the components). However, it is possible to construct
a scenario where materiality levels are smaller in the group financial statements. For example:
$m Group Holding Subsidiary Subsidiary

company A B
Profit/(loss) 15 5 20 (10)
Materiality level 10% for each component 1.5 0.5 2.0 1.0
So, the auditor of Subsidiary A will be working to a materiality level of $2m (possible ignoring
misstatements up to that amount) but the group materiality level is only $1.5m. In addition, a
subsidiary might not be a public interest company but the group might be and, generally, the audit of
public interest entities is carried out more strictly and this could again give rises to conflicts in
materiality levels.
Therefore, usually the materiality levels for each component will be set substantially lower than the
group materiality limit. This has to be at a level determined by the group auditor as only that auditor
has the necessary overview of the group results.
6. Other information required for the group audit

The group auditor will also require some information from component companies which is of no
relevance to the components. For example:
Subsidiary A has sold goods at a mark-up to Subsidiary B and these are in closing stock. Unrealised
profits are a group issue, but not an issue in the financial statements or audit of the individual
subsidiaries. The component auditor will have to supply this information to the group auditor.
Similarly, if non-current assets had been transferred.
Differences in payables/receivables accounts in the separate subsidiaries are not an issue, but on
consolidation current accounts will have to be reconciled.
If the acquisition took place part way through the year, then the results of the acquired company will
have to be split into pre- and post- acquisition. This is usually done on a time basis, but significant
differences in trading before and after acquisition (eg trading is seasonal) could mean that another
approach is preferred.
Goods in transit or cash in transit between components will have to be sorted out upon
consolidation.
๏ Events after the reporting date.

๏ Significant control weaknesses.
๏ Any known related party transactions.
๏ Suspicions of management bias.
๏ Adjustments might also be necessary to bring a components FS into line with the accounting
policies to be used by the group.
7. The component auditor

It is clear from the above that the group’s auditor expects a lot of cooperation and expertise from the
component auditor. There is presumably relatively little problem if the group auditor and the
component auditors are part of the same firm using the same documentation and techniques and, of
course, it is in their mutual interest to cooperate. However, what if the auditors are different? Not only
that, but what if they are from different legal and regulatory jurisdictions where, perhaps, the
component auditors are not part of a respected professional body or do follow International
Standards on Auditing or accepted ethical codes (for example governing objectivity and
independence)? How can the group auditor judge the competence of the component auditor? Do
they have robust quality control systems in place. In summary, how can the group auditor place any
reliance on work done by the component auditors?
These matters should be assessed before the group auditor accepts the engagement to be the group
auditor, and if the group auditor is not confident about the work that will be done by others, the
engagement should be rejected. Nor should the group auditor accept the assignment if the holding
company does not promise the full cooperation of its subsidiaries for the group audit.
8. Significant components
Irrespective of the status of the component auditor, remember that the group auditor has overall
responsibility for the group audit opinion so therefore cannot simply accept a component auditor’s
opinion without some investigation. The amount of investigation depends on whether the
component is judged to be a significant component of the group.
ISA600, The Audit of Group Financial Statements, defines a significant component as:
“one that is likely to include significant risks of material misstatement of the group financial
statements”
Then the group auditor, or another auditor at the request of the group auditor, shall perform on of the
following:
๏ An audit performed using either the materiality level determined by the group auditor; or a
lower materiality level determined by the other auditor…
๏ An audit of specified account balances relating to the identified specific risks.
๏ Specified audit procedures relating to the identified specific risks.
ISA600 mentions, as an example only, that if a component contributes more than 15% to a group
balance then that component might be regarded as significant.
If a component is not significant then only an analytical review needs to be carried out on it at group
level.
To assess the work performed by component auditors the group auditor could issue a questionnaire,
or have a meeting with component auditor(s) asking about:
๏ Planning
๏ Work done
๏ Assessment of internal controls
๏ Misstatements discovered and uncorrected.
9. The consolidation process

Nowadays, much of this will involve transcribing component financial statements onto a spreadsheet
then adding like balances to like balances throughout the group. Of course, some groups will have a
financial accounting package which will automatically perform most of the consolidation process.
However, you will understand that simply the amount of data that has to be dealt with correctly on a
consolidation will introduce a high risk that errors are made: transcribing a figure incorrectly or onto
the wrong row or having an error within the spreadsheet formulae.
Therefore, an important part of the group auditor’s work is to check that the correct amounts from
each component company have been identified and included in the consolidation schedules and that
these are arithmetically accurate.
The group auditor then has to check that the appropriate consolidation adjustments have been
made. The principal adjustments are:
๏ Goodwill and pre-acquisition reserves.

๏ Eliminate unrealised inter-company profits.
๏ Reconcile control accounts.
๏ Adjustments needed to bring the components FS into line for the purposes of consolidation
๏ Fair values to be used where appropriate
For any acquisition that happened in the year, any goodwill arising will have to be audited.
The calculation should be checked:
Consolidated good will = Consideration paid + fair value of the non-controlling interest - fair value of
the subsidiary’s net identifiable assets
Often this becomes:
Consolidated goodwill = Consideration paid - Acquirer’s share of the net identifiable assets.
Audit evidence will involve checking the bank account to see that the acquisition amounts have been
paid and inspecting the FS of the new subsidiary as at the date of acquisition and substituting in the
fair value of assets and liabilities. The proportion of shares bought also needs to be checked and
ownership of the acquired shares must be verified.
Subsequently, the goodwill figure will have to be tested for impairment. For example, if a
component had begun to make a series of losses it would be difficult to sustain the idea that the
goodwill on its acquisition was still intact.
Costs of acquisition must be treated as an expense and not capitalised (IFRS 3).
10. Deferred and contingent consideration

Both in practice, and in exam questions, deferred and contingent consideration is often part of an
acquisition deal. For example:
Deferred: $20m paid now and another $10m to be paid in 3 years
Contingent: $20 paid now and another $10m to be paid in 3 years IF profits achieve a certain target.
Obviously, the group’s auditor must inspect the acquisition agreements so that the acquisition terms
are fully understood. The appropriate accounting treatment of these type of consideration is:
๏ Deferred: the deferred amount must be discounted to its present value and included as part of
the acquisition cost eg for the calculation of goodwill. Auditing this figure will mean that, as well
as inspecting the acquisition agreement, the auditor will have to verify that the discount rate
used is appropriate. Each year, as the date of payment of the deferred consideration
approaches, the goodwill figure and provision for the deferred payment have to be altered as
the amount will be discounted by one less year.
๏ Contingent: IFRS 3 requires that contingent consideration is includes as part of the
consideration for acquisition measured at its fair value as at the acquisition date. An exam
question will either tell you what this fair value is or how it should be calculated.
11. Letter of support (‘comfort letters’)

If a subsidiary has a going concern issue and is not confident of support from outside lenders, then its
parent company might offer support (ie make a loan to the subsidiary) to enable it to continue trading
for the foreseeable future. This would allow the subsidiary to eliminate its going concern problem.
In these circumstances, the group board must provide the group auditor with a ‘letter of comfort’ or ‘
support letter’ in which they set out their intentions. But, of course, this letter is a relatively weak form
of evidence and the group auditor should look for other evidence that the support for the subsidiary
is real. For example:
๏ Ensure that the group has the cash resources available to support to subsidiary.
๏ Inspect board minutes for evidence that support has been agreed.
๏ Inspect correspondence between the parent and the subsidiary or the parent and the relevant
bankers.
๏ Inspect cash flow budgets to see if the transfer of funds has been incorporated.
12. Joint audits and transnational audits

12.1. Joint audits
A joint audit is when two firms of auditors are both appointed and are both responsible for the audit
opinion. It is a relatively unusual arrangement and has probably come about through the merger of
two companies with different auditors as there can then be benefits in the joint approach:
๏ Auditor knowledge about each part of the group is retained

๏ A larger pool of resources available to carry out the audit. This might allow the audit to be
carried out more quickly.
๏ Geographical considerations might make a joint audit more efficient (eg the USA part of the
group audited by a US-based firm and the European part audited by a European firm).
However, there are certain disadvantages:
๏ Both firms of auditors will require a fee and these will probably total to more than the fee of only
one firm doing the whole audit.
๏ Different approaches, methods and documentation can cause difficulties
๏ They might clash over the audit opinion
๏ Coordination over the arts of the audit that each carries out might be poor eg there could be a
gap in coverage.
Obviously, before agreeing to be a member of a joint audit arrangement, any auditor should be happy
about their fellow-auditor: competence, ethics, experience, reputation.
Almost certainly, each one of the joint auditors will hope to oust the other auditors and end up as the
sole auditor. Auditing firms should beware of ethical risks to their objectivity and integrity arising from
their attempts to be the client’s favourite auditor.
12.2. Transnational audits
Transnational audits are NOT the same as international audits. International audits simply refer to the
audit of a company or group that has operations in more than one country so that auditing has to
take place in more than one country.
A transnational audit is the audit of financial statements where those financial statements will be
relied upon outside the audited entity’s home jurisdiction for the purposes of significant lending,
investment or regulatory decisions.
For example, there could be a large company whose operations were entirely within the UK, but
whose shares are listed both in London and New York.
The international use of the financial statements causes some potential problems:
๏ Different (and unexpected) auditing standards might be used.

๏ Different (and unexpected) accounting standards might be accepted.
๏ Different ethical and quality standards might have been applied.
๏ Different corporate governance standards
In short, there is a danger that the financial statement are misunderstood when looked at by
someone from a different country.
The Forum of Firms (FoF) is an independent association of international firms of accountants who
carry out transnational audits. The aim is to promote consistent and high quality standards of financial
reporting and auditing practices. The IFAC Transnational Auditors’ Committee (TAC) is the official link
between IFAC and the FoF. It can promote the FoF’s objectives and operations and also it encourages
members of the FoF to conduct high quality audits.
THE FINAL STAGES OF AN AUDIT
Chapter 22
EVENTS OCCURRING AFTER THE
REPORTING PERIOD/SUBSEQUENT
EVENTS
1. Event Types
Now we are going to look at the effect of events which occur after the end of the reporting period but
before the financial statements have been approved. These events fall into two types.
๏ An adjusting event as its name might suggest, means that the accounts have to be adjusted in
the light of what’s happened. The rule is that adjustments are only put through the accounts if
the event produces evidence of conditions that existed at the date of the statement of
financial position, in other words at the balance sheet date.
An example would be a major customer going into liquidation, let’s say at the end of January,
the year end being the end of December. That event tells us that the receivable at the end of
December was probably bad and should have been written off or fully provided against then.
It’s very unlikely that the customer’s financial position worsened so remarkably during January.
What the liquidation tells us is that the customer was in the bad situation at the end of
December and if only we had known that then the receivable would have been provided
against.
๏ A non-adjusting event relates to conditions which arose after the date of the statement of
financial position.
A good example is the company’s factory burning down, let’s say in mid January. At the end of
December the company’s factory was perfectly healthy, it was standing, it was operating, it was
a non-current then. It was only after the end of the year that it was destroyed. If the statement of
financial position is telling us the position at the year end, then the factory would have to
appear in non-current assets. It would be, of course, important to disclose in the notes that the
factory was no more. This will be a good example of an emphasis of matter paragraph in the
audit report.
2. Active and passive duty

Until the audit report is signed auditors have an active duty to look out for events that might tell
them more about the financial statements.
For example, examining cash receipts from year-end debtors, examine sales in the new year to see if
inventory was properly valued, examining board minutes. The letter of representation would also
allude to events after the period end.
After signing the audit report, the auditors have a passive duty only. Occasionally events will occur
after the accounts have been signed and issued and these come to the auditor’s attention.
Exceptionally it may be important for the auditors to alert the addressees of the audit report that
something is wrong in the accounts and they will try to persuade the directors to re-issue corrected
Chapter 23
THE AUDIT REPORT 1: OVERALL
STRUCTURE
1. Introduction
Now we begin to look at the audit report. For many people, this is the only purpose of an audit and it’s
one of the few parts of the financial statements they really look at.
The audit report is a clear expression of opinion on the financial statements as a whole.
The two important phrases are:

๏ ‘Opinion’: there is nothing absolute here. Different firms of auditors could quite legitimately
come to different opinions.
๏ ‘Financial statements as a whole’. We are not just looking at the statement of financial
position in isolation from the statement of profit or loss or the notes. What’s important is the
impression given by the financial statements as a whole.
The audit report has to be based on evidence obtained in the course of the audit. Indeed if you had to
sum up the audit process in just a couple of words it the phrase would be ‘evidence gathering’.
Auditors need to collect evidence that will support their opinion on the financial statements.
2. Financial statements
The audit report report refers to financial statements and you need to know what these are. They
consist of the following:
๏ The statement of financial position (or balance sheet).

๏ The statement of profit or loss.
๏ The statement of changes in equity.
๏ The cash flow statement.
๏ The notes to the financial statements.
and any other material identified is being part of the financial statements.
Note in particular that the Director’s report and Chairman’s report are not part of the financial
statements. They are referred to in the audit report only if they are inconsistent with, and contradict
anything which is in the financial statements
3. The parts of an audit report

Now we are going to look at some of the key parts of an audit report.
3.1. The title and addressees: Independent Auditor’s Report
First of all, it is clearly titled “Independent Auditor’s Report.” That should mean that no one has any
doubt about what this document is. It next states to whom the audit report is addressed and that’s
members of the company. We will see shortly that audit reports go to some lengths to point out that
only the members should rely on the audit report.
3.2. The audit opinion and identification of what’s been audited

The opinion paragraph and comes right at the top of the audit report.
An unmodified opinion will state that the financial statements give a true and fair view (or present
fairly, in all material respects), and have been prepared in accordance with International Financial
Reporting Standards (IFRSs). (The example of the report shown later in this chapter shows an
unmodified audit report. We will have to see later the various sorts of modification that are seen in
audit reports if the auditors are unable to say without reservation that the financial statements give a
true and fair view.)
As appropriate, depending on the type of opinion given, this paragraph can be named:
๏ Opinion
๏ Qualified opinion
๏ Adverse opinion
๏ Disclaimer of opinion
The title is modified to alert users about problems.
The opinion paragraph must:
๏ Identify the entity whose financial statements have been audited.

๏ State that the financial statements have been audited.
๏ Identify the title of each element of the financial statements and the period audited, ie:
‣ The statement of financial position
‣ The statement of comprehensive income
‣ The statement of changes in equity
‣ The statement of cash flows for the year
‣ Notes to the financial statements, including a summary of significant accounting policies.
3.3. The Basis for Opinion
This will refer to compliance with the ISAs (complying with ISAs is key to the basis of opinion) and will
refer to the auditor’s responsibilities section of the audit report. It must include an assertion of the
auditor’s independence and that other ethical matters have been complied with.
If the audit opinion has been modified, the explanation would be here too.
As appropriate, this paragraph would be called:
๏ Basis of audit opinion

๏ Basis of qualified audit opinion
๏ Basis of adverse audit opinion
๏ Basis of disclaimer of audit opinion
3.4. Material uncertainty related to going concern (if one)
A separate paragraph is required if there is a material uncertainty related to the going concern of the
company. The need for such a paragraph is covered more fully in the following chapter.
This paragraph is not a modification of the audit opinion – provided the uncertainty has been
disclosed by the directors in the notes to the financial statements.
3.5. Key audit matters
Key audit matters are those matters that were of most significance during the audit.
There is then a full description of these matters in accordance with ISA 701. This is covered in more
detail below.
3.6. Emphasis of matter paragraph (if one)
This paragraph is used to draw users’ attention to a matter already properly disclosed in the financial
statements. For example, a note stating that there had been a fire at the company’s premises after the
date of the statement of financial position.
An emphasis of matter paragraph is not a modification of the audit opinion and It will state that the
audit opinion is not modified in this respect.
3.7. Other matters paragraph (if one)
For example, an audit covers the financial statements but does not cover the directors’ report. So
what if the directors’ report contains something that conflicts with the financial statements? The audit
opinion cannot be modified because it does not cover the directors’ report, but it might be better if
shareholders were alerted. This can be done in the other matter paragraph.
This is not a modification of the audit opinion.
Note that the interactions between the going concern paragraph, key audit matters paragraph and
emphasis of matter/other matters paragraph are covered in detail in the following chapter.
3.8. Responsibilities of management and those charged with governance for the
financial statements
This section is very important and points out that it is management’s responsibility to prepare the
financial statements in accordance with the International Financial Reporting Standards or
International Accounting Standards where appropriate, to maintain the system of internal control and
to consider the going concern position of the company.
3.9. Auditor’s responsibilities for the audit of the financial statements
The auditors’ responsibilities are to obtain reasonable assurance about whether the financial
statements as a whole are free from material misstatement, whether due to fraud or error, and to issue
an auditor’s report that includes their opinion.
Reasonable assurance is a high level of assurance, but is not a guarantee that an audit conducted in
accordance with ISAs will always detect a material misstatement when it exists. Misstatements can
arise from fraud or error and are considered material if, individually or in the aggregate, they could
reasonably be expected to influence the economic decisions of users taken on the basis of these
The following matters in respect of auditors’ responsibilities can be included as an appendix to the
audit report. They state that the auditors:
๏ Exercise professional judgment and maintain professional skepticism throughout the audit.
๏ Identify and assess the risks of material misstatement of the financial statements, design and
perform audit procedures responsive to those risks, and obtain audit evidence that is sufficient
and appropriate to provide a basis for their opinion.
๏ State that the risk of not detecting a material misstatement resulting from fraud is higher than
for one resulting from error, as fraud may involve collusion, forgery, intentional omissions,
misrepresentations, or the override of internal control.
๏ Obtain an understanding of internal control relevant to the audit in order to design audit
procedures that are appropriate in the circumstances, but not for the purpose of expressing an
opinion on the effectiveness of the Company’s internal control.
๏ Evaluate the appropriateness of accounting policies used and the reasonableness of accounting
estimates and related disclosures made by management.
๏ Conclude on the appropriateness of management’s use of the going concern basis of
accounting and, based on the audit evidence obtained, whether a material uncertainty exists
related to events or conditions that may cast significant doubt on the Company’s ability to
continue as a going concern.
๏ If a material going concern uncertainty exists, draw attention in the audit report to the related
disclosures in the financial statements or, if such disclosures are inadequate, to modify their
opinion.
๏ Evaluate the overall presentation, structure and content of the financial statements, including
the disclosures, and whether the financial statements represent the underlying transactions and
events in a manner that achieves fair presentation.
๏ Communicate with those charged with governance regarding, among other matters, the
planned scope and timing of the audit and significant audit findings, including any significant
deficiencies in internal control that were identified during our audit. From the matters
communicated with those charged with governance, the auditors determine those matters that
were of most significance in the audit of the financial statements of the current period and are
therefore the key audit matters.
๏ Describe these matters in the auditor’s report unless law or regulation precludes public
disclosure about the matter or when, in extremely rare circumstances, we determine that a
matter should not be communicated in our report because the adverse consequences of doing
so would reasonably be expected to outweigh the public interest benefits of such
communication.
3.10. Name of the engagement partner, address of the auditing firm, date the
audit report was signed and the auditor’s signature
Finally, the auditors must sign the audit report and must give their address and the date on which it is
signed. The date of the audit report is very important because before that date the auditor has an
active duty: the audit is not yet over. The auditor should still be investigating whether receivables are
being paid and inventory is selling at above cost etc. After that date the auditor has a passive duty
only. This means that the auditor is not ‘on the lookout’ for events affecting the truth and fairness of
the financial statements, but if any are brought to his attention he might have to act.
4. ISA 701 Key audit matters to be communicated in the audit

report
The auditor shall determine, from the matters communicated with those charged with governance,
those matters that required significant auditor attention in performing the audit. In making this
determination, the auditor shall take into account the following:
(1) Areas of higher assessed risk of material misstatement or significant risks.
(2) Significant auditor judgments relating to areas in the financial statements that involved
significant management judgment, including accounting estimates that have been identified as
having high estimation uncertainty.
(3) The effect on the audit of significant events or transactions that occurred during the period.
The auditor must determine which of these matters were of most significance in the audit of the
financial statements of the current period and therefore are the key audit matters.
Note that the standard does not want auditors to list every audit matter as that would mean this
paragraph would lose impact. The auditor must use judgement to explain the key matters only.
Key audit matters are therefore identified by:
๏ Starting with all matters communicated with those charged with governance
๏ Determining the matters that required significant auditor attention in performing the audit.
๏ The most significant of these are the “key audit matters”.
Note that it is possible to exclude reference to “sensitive matters”, but that is expected to be very rare.
5. Illustrative example of an audit report (from ISA 700

(revised))
INDEPENDENT AUDITOR’S REPORT To the Shareholders of ABC
Report on the Audit of the Financial Statements
Opinion
We have audited the financial statements of ABC Company (the Company), which comprise the
statement of financial position as at December 31, 20X1, and the statement of comprehensive
income, statement of changes in equity and statement of cash flows for the year then ended, and
notes to the financial statements, including a summary of significant accounting policies.
In our opinion, the accompanying financial statements present fairly, in all material respects, (or give a
true and fair view of) the financial position of the Company as at December 31, 20X1, and (of) its
financial performance and its cash flows for the year then ended in accordance with International
Financial Reporting Standards (IFRSs).
Basis for Opinion
We conducted our audit in accordance with International Standards on Auditing (ISAs). Our
responsibilities under those standards are further described in the Auditor’s Responsibilities for the
Audit of the Financial Statements section of our report.
We are independent of the Company in accordance with the International Ethics Standards Board for
Accountants’ Code of Ethics for Professional Accountants (IESBA Code) together with the ethical
requirements that are relevant to our audit of the financial statements in [jurisdiction], and we have
fulfilled our other ethical responsibilities in accordance with these requirements and the IESBA Code.
We believe that the audit evidence we have obtained is sufficient and appropriate to provide a basis
for our opinion.
Key Audit Matters
Key audit matters are those matters that, in our professional judgment, were of most significance in
our audit of the financial statements of the current period. These matters were addressed in the
context of our audit of the financial statements as a whole, and in forming our opinion thereon, and
we do not provide a separate opinion on these matters. [Description of each key audit matter in
accordance with ISA 701.]
Responsibilities of Management and Those Charged with Governance for the Financial
Statements
Management is responsible for the preparation and fair presentation of the financial statements in
accordance with IFRSs, and for such internal control as management determines is necessary to
enable the preparation of financial statements that are free from material misstatement, whether due
to fraud or error.
In preparing the financial statements, management is responsible for assessing the Company’s ability
to continue as a going concern, disclosing, as applicable, matters related to going concern and using
the going concern basis of accounting unless management either intends to liquidate the Company
or to cease operations, or has no realistic alternative but to do so.
Those charged with governance are responsible for overseeing the Company’s financial reporting
process.
Auditor’s Responsibilities for the Audit of the Financial Statements
Our objectives are to obtain reasonable assurance about whether the financial statements as a whole
are free from material misstatement, whether due to fraud or error, and to issue an auditor’s report
that includes our opinion. Reasonable assurance is a high level of assurance, but is not a guarantee
that an audit conducted in accordance with ISAs will always detect a material misstatement when it
exists. Misstatements can arise from fraud or error and are considered material if, individually or in the
aggregate, they could reasonably be expected to influence the economic decisions of users taken on
the basis of these financial statements.
As part of an audit in accordance with ISAs, we exercise professional judgment and maintain
professional skepticism throughout the audit. We also:
• Identify and assess the risks of material misstatement of the financial statements, whether due to
fraud or error, design and perform audit procedures responsive to those risks, and obtain audit
evidence that is sufficient and appropriate to provide a basis for our opinion. The risk of not
detecting a material misstatement resulting from fraud is higher than for one resulting from error,
as fraud may involve collusion, forgery, intentional omissions, misrepresentations, or the override
of internal control.
• Obtain an understanding of internal control relevant to the audit in order to design audit
procedures that are appropriate in the circumstances, but not for the purpose of expressing an
opinion on the effectiveness of the Company’s internal control.
• Evaluate the appropriateness of accounting policies used and the reasonableness of accounting
estimates and related disclosures made by management.
• Conclude on the appropriateness of management’s use of the going concern basis of accounting
and, based on the audit evidence obtained, whether a material uncertainty exists related to events
or conditions that may cast significant doubt on the Company’s ability to continue as a going
concern. If we conclude that a material uncertainty exists, we are required to draw attention in our
auditor’s report to the related disclosures in the financial statements or, if such disclosures are
inadequate, to modify our opinion. Our conclusions are based on the audit evidence obtained up
to the date of our auditor’s report. However, future events or conditions may cause the Company
to cease to continue as a going concern.
• Evaluate the overall presentation, structure and content of the financial statements, including the
disclosures, and whether the financial statements represent the underlying transactions and events
in a manner that achieves fair presentation.
We communicate with those charged with governance regarding, among other matters, the planned
scope and timing of the audit and significant audit findings, including any significant deficiencies in
internal control that we identify during our audit.
We also provide those charged with governance with a statement that we have complied with
relevant ethical requirements regarding independence, and to communicate with them all
relationships and other matters that may reasonably be thought to bear on our independence, and
where applicable, related safeguards.
From the matters communicated with those charged with governance, we determine those matters
that were of most significance in the audit of the financial statements of the current period and are
therefore the key audit matters. We describe these matters in our auditor’s report unless law or
regulation precludes public disclosure about the matter or when, in extremely rare circumstances, we
determine that a matter should not be communicated in our report because the adverse
consequences of doing so would reasonably be expected to outweigh the public interest benefits of
such communication.
The engagement partner on the audit resulting in this independent auditor’s report is [name].
[Signature in the name of the audit firm, the personal name of the auditor, or both, as appropriate for
the particular jurisdiction]
[Auditor Address]
[Date]
6. What is meant by ‘true and fair’?

As near as probably matters, the word ‘true’ means that the information is accurate. It doesn’t mean
accurate to the last cent, but accurate enough to conform with reality.
‘Fair’ is a more difficult concept. You can have information which is accurate but which is nevertheless
presented in a way which is unfair, and which perhaps conceals or does not reflect the commercial
substance of transactions.
Let’s say, for example, that a statement of financial position shows that the net current assets of a
company amounted to 1 million. That might look good, however what it might mean is that current
assets are 20 million and current liabilities are 19 million. So the current ratio is quite close to one. In
that case the company’s health perhaps doesn’t look quite so good.
Then if you began to inquire into how the current assets were made up and discover that the 20
million of current assets was substantially all inventory, then the original net current asset figure of 1
million, which didn’t look too bad, begins to look rather worrying because it could take a very long
time for the inventory to be converted into cash. If nearly all current assets are inventory and nearly all
current liabilities have to be paid within a few weeks then the company could be in serious difficulties.
In that case, simply showing net current assets of one million would be unfair; it would certainly be
misleading.
7. Other implications of the audit report

An audit report will explicitly state whether in the auditor’s opinion the accounts show a true and fair
view. In addition, there are certain other implications of the audit report which might not be explicitly
stated and those implications are:
๏ Proper records kept.

๏ Proper returns from branches not visited.
๏ Accounts agree with the records and returns.
๏ All necessary explanations received.
๏ Details of directors’ emoluments properly disclosed.
๏ Details of directors’ loans and other transactions correct.
๏ Information in directors’ report consistent with the financial statements.
Chapter 24
THE AUDIT REPORT 2: GOING CONCERN,
KAM, EMPHASIS OF MATTER
1. Going concern
If there is a serious doubt relating to going concern this is headed up in a separate paragraph
“Material Uncertainty Related to Going Concern”
For example:
We draw attention to Note 6 in the financial statements, which indicates that the Company incurred a
net loss of ZZZ during the year ended December 31, 20X1 and, as of that date, the Company’s current
liabilities exceeded its total assets by YYY. As stated in Note 6, these events or conditions, along with
other matters as set forth in Note 6, indicate that a material uncertainty exists that may cast significant
doubt on the Company’s ability to continue as a going concern. Our opinion is not modified in respect
of this matter.
Generally if the directors or the auditors think the company might not survive into the foreseeable
future there is a going concern problem. ‘Foreseeable future’ is not defined but under IFRS is should
not be less than 12 months form the end of the accounting period. UK GAAP specifies that is should
not be less than 12 months form the date of approval of the FS.
It is for management to make an assessment of an entity’s ability to continue as a going concern. The
auditor’s responsibilities are to obtain sufficient appropriate audit evidence regarding, and conclude
on, the appropriateness of management’s use of the going concern basis of accounting in the
preparation of the financial statements, and to conclude, based on the audit evidence obtained,
whether a material uncertainty exists about the entity’s ability to continue as a going concern.
If events or conditions have been identified that cast significant doubt on the entity’s ability to
continue as a going concern, the auditor must obtain sufficient appropriate audit evidence to
determine whether or not a material uncertainty exists related to events or conditions that may cast
significant doubt on the entity’s ability to continue as a going concern.
If the notes to the financial statements disclose the going concern doubt, then the financial
statements will show a true and fair view in this respect and the “Material Uncertainty Related to
Going Concern” paragraph is not a modification of the audit opinion.
If the notes do not disclose the going concern uncertainty, the auditor will include the “Material
Uncertainty Related to Going Concern” paragraph in the audit report but will also issue a modified
opinion because omission of the going concern paragraph from the notes means that the financial
statements do not show true and fair view.
If there is no realistic possibility of the company surviving the financial statements should be drawn
up on a break-up basis and, if not, the audit opinion will have to be modified.
2. Indicators of going concern uncertainty

Signs that the company may have going concern difficulties include the following:
๏ Negative operating cash flows.

๏ An inability to pay suppliers when due (and auditors are usually rather sensitive if they
see that the payment of creditors has slowed down, so that the company is borrowing
more from its suppliers).
๏ Operating losses. These do not mean that the company is going to fail immediately;
going concern tends to be rather more concerned with cash. An operating loss can be
sustained for a number of years provided that cash doesn’t run out. In the longer term,
losses usually result in cash flow problems.
๏ If the borrowing facilities are coming to an end and the new ones haven’t been agreed,
what’s the company going to do to repay the loan, when no cash is available?
๏ The loss of key staff or key customers can mean the company is unable to trade or
unable to sell its products.
๏ Technology changes can render the company’s purpose and main product redundant.
๏ Legislative changes may mean that the company’s operations become illegal or the
company has to go through some sort of regulatory requirements before it can continue
trading and that this is going to be difficult for it.
๏ Non-compliance with regulations may mean a business loses its right or license to trade
and in such a case the company may simply have to be wound up. Non-compliance can
also result in crippling penalties and harmful damage to the organisation’s reputation.
3. Audit work on going concern uncertainty

This can consist of:
๏ Evaluating management’s plans for future actions in relation to its going concern and whether
the outcome of these plans are feasible and likely to improve the situation
๏ Where the entity has prepared a cash flow forecast:
‣ Evaluating the reliability of the underlying data generated to prepare the forecast; and
‣ Determining whether there is adequate support for the assumptions underlying the forecast.
๏ Considering whether any additional facts or information have become available since the date
on which management made its assessment.
๏ Requesting written representations from management and, where appropriate, those charged
with governance, regarding their plans for future actions and the feasibility of these plans.
4. Interaction between the key audit matters, the material

uncertainty related to going concern paragraph and
emphasis of matter paragraphs
๏ Inevitably, if there are going concern doubts then dealing with these will have been a key audit
matter for the auditor, but it is very important to realise that going concern problems do not
occur twice in the audit report. The rules are:
‣ If the auditor concludes that there is material uncertainty with regard to going concern then
the the ‘going concern’ paragraph must be included in the audit report but the matter will
NOT be referred to again in the key audit matters.
‣ If the auditor had been worried about going concern but concludes that in fact, no material
uncertainty exists then there will not be a ‘going concern’ paragraph but the difficulty will be
disclosed in the kay audit matters paragraph.
๏ If what is regarded as a key audit matter is disclosed in the notes to the financial statements, the
KAM does not need to repeat that information but must refer to the relevant note.
๏ If an item is communicated in the KAM paragraph, auditors must not also include it in an
emphasis of matter paragraph. KAM is regarded as being a superior and more complete form of
communication than an emphasis of matter paragraph.
There might still be some matters which are fundamental to users’ understanding of the
financial statements, but which are nevertheless not key audit matters in which case and
emphasis of matter paragraph is appropriate. Remember, emphasis of matter paragraphs refer
the user to an issue that is already properly disclosed in the financial statements and they do not
rank as a modification of the audit opinion.
An emphasis of matter modification is where there is a paragraph in the auditor’s report which
draws attention to some matter already properly disclosed within the financial statements. Such
a paragraph is not a modification of opinion: it is simply drawing attention to an important note
in the financial statements that shareholders ought to be aware of to properly appreciate the
Here is an example:
“Without qualifying our opinion above, we draw attention to Note 10 to the financial
statements. Five days before the directors formally approved the financial statements, the
company received notification that they are to be named as defendants in a proposed legal
action ….
At this early stage it is not possible to estimate the ultimate outcome of... this matter, and no
provision has been included within the financial statements.”
Note that the financial statements contain a note explaining this legal action. The financial statements
are therefore as comprehensive and as open as they can be. But obviously if the legal action could
end up on a large liability, to properly understand the company’s future, you need to be aware that
this action is pending.
5. Conclusion
This is easy: matters that might give rise to an entry in KAM, a material uncertainty as to going concern
or to an emphasis of matter paragraph appear once and once only in any audit report.
Chapter 25
THE AUDIT REPORT 3: TYPES OF AUDIT
REPORT
1. Audit report v audit opinion

There is often confusion between the terms “modified audit report” and “modified opinion”.
You know that the audit report is about a page of A4 including paragraphs setting out managements
responsibilities, auditors responsibilities, key audit matters etc. The opinion is only a short paragraph
within the overall report and you have to be clear what is being modified and what the effect of the
modification is.
2. Unmodified audit report

Now we are going to look at the types of audit report that exist.
First and simplest is the unmodified audit report. This is the that was illustrated in an earlier chapter.
Amongst the all the additional paragraphs, it simply states that the financial statements show a true
and fair view. There are no ‘ifs’, ‘buts’ or additional information provided. Obviously the content of the
Key Audit Matters paragraph will differ from audit to audit, but that is not regarded as a modification.
Once this starting point is departed from, the audit report becomes modified and there are two types
of modified audit report.
3. Modified audit report

The audit report can then be modified in several ways:
Modified report
Matters that do NOT affect Matters that DO affect the

the auditor’s opinion auditor’s opinion
Material uncertainty relating to FS contain a material misstatement:

about going concern, provided
also disclosed in the notes. ‣ Qualified (‘except for’)
Emphasis of matter, provided also ‣ Adverse (‘do not show a true and
disclosed in the notes. fair view’).
Other matters or
Unable to obtain sufficient appropriate

audit evidence to conclude FS are free
from material misstatement:
‣ Qualified (‘except for’)
‣ Disclaimer (‘we are unable to form

an opinion’).
As set out in the diagram above, the audit report can then be modified in several ways:
๏ Material uncertainty as to going concern.

๏ Emphasis of matter. In respect of matters that do not affect the auditor’s opinion. In other words,
the auditor will still state that the financial statements show a true and fair view. However, the
auditor wants to emphasis some matter. In other words, to make sure that some matter already
properly disclosed in the financial statements is brought to the members’ attention.
๏ Other matters. Refers to a matter not in the financial statements, but which appears to be
wrong. Typically this is used to point out that a statement by the directors in their report is
inconsistent with the financial statements. The auditors cannot issue a modified opinion
because the director’s report is not part off the financial statements. An ‘other matter’ paragraph
not a modification of the audit opinion.
๏ Other types of modification are for matters which do affect the auditor’s opinion ie where the
audit opinion is modified. This means that there is something wrong in the financial statements
and they contain a misstatement, or there is something about which the auditor has been
unable to obtain sufficient appropriate audit evidence. Here the financial statements will either
not show a true and fair view, or the auditor will be unwilling to express an opinion, or the
auditor may include a phrase pointing out there are certain aspects in the accounts about which
there is uncertainty or disagreement.
4. Modified audit opinions

With respect to modified opinions there are two potential reasons for modification:
๏ FS contain a material misstatement

๏ The auditor has been unable to obtain sufficient appropriate audit evidence.
There are two degrees of seriousness for each of these problems.
First let’s look at material misstatement. This is where the auditor disagrees with the figure in the
financial statements. It could be the figure itself or the way the figure is presented or the disclosures
which must be made to comply with accounting standards. First of all, if the misstatement is not a
material the audit opinion would not be modified, so the first hurdle is a that disagreement must be
for a material amount. In such a case the auditor would put a paragraph in the report saying except
for certain items in other respects the financial statements show a true and fair view: the opinion has
been qualified.
If, however, the misstatement is so large and so material ('pervasive') that it renders the financial
statements, useless, then the auditor would issue an adverse opinion and the auditor would say the
financial statements do not show a true and fair view.
The other reason for a modified opinion is where the auditor has been unable to obtain sufficient
appropriate audit evidence.
If the matter about which there is missing information is relatively small but material then the auditor
will qualify the accounts using an except-for paragraph. For example, except that we could not verify
the adequacy of the bad debt provision, the financial statements showed a true and fair view. If,
however, the missing information is so large (pervasive) that the auditors really have no idea whether
the financial statements showed a true and fair view, then they will issue a disclaimer of opinion
stating that they are unable to form any opinion on the accounts.
The choices can be described in a matrix. Think of ‘pervasive’ as an error or gap in evidence that
affects everything:
Material but not

Nature of circumstance Pervasive
pervasive
A qualified opinion:
FS contain a material
Adverse opinion
misstatement
Except for ...
Unable to obtain A qualified opinion:

sufficient, appropriate Disclaimer of opinion
evidence Except for ...
5. Example of insufficient appropriate audit evidence

Here is an example of a qualification because insufficient appropriate audit evidence that that makes
it difficult to say that the financial statements show a true and fair view. Here the problem is material,
but limited and the report says the auditors are unable to determine the inventory quantities and
then says in their opinion, except for the effects of such adjustments for inventory, if any, the financial
statements give a true and fair view. So this is an ‘except for’: the financial statements are showing a
true and fair view except for one particular item which is material enough to cast some doubt on
them.
…Except as discussed in the following paragraph…
We did not observe the counting of inventories at 31/12/200X…unable to determine

inventory quantities by other methods…
In our opinion, except for the effects of such adjustments to inventory, if any, had we been
able to satisfy ourselves as to physical inventory…. The financial statements give a true and
fair view.
6. Example of disclaimer of opinion

Here is a modified opinion caused by lack of sufficient appropriate audit evidence but which is
leading to disclaimer of opinion. The cause of the problem is the same ie difficulty in verifying physical
inventories, but here because of the significance of the inventories the auditors prefer to say that they
cannot express an opinion on the financial statements.
…Except as discussed in the following paragraph…
We were not able to observe all physical inventories at 31/12/200X…unable to determine

inventory quantities by other methods…
Because of the significance of the matters discussed…we do not express an opinion on the
7. Material misstatement/‘except for’
As discussed in paragraph 17, no depreciation has been provided…….not in accordance

with International Accounting Standards…
The provision for the year should have been £X….profits would be decreased by £Y.
In our opinion, except for the matter referred to above, the financial statements give a true
and fair view…
Here is an example of a qualified opinion caused by the auditors believing that there is a material
misstatement about something in the financial statements. Here the problem is that no depreciation
has been provided where they think it should have been. Note, where there is a material
misstatement auditors will normally be able to quantify its extent and the effect on the profits and is
useful to the members for them to do that. Here the amount of depreciation in dispute is material, but
not so great that it has made the financial statements not show a true and fair view.
8. Material misstatement/‘adverse opinion’

Finally, a modified opinion caused by a material misstatement but it is so large that the auditors feel
the financial statements do not give a true and fair view. Here the matter in dispute is about the
provision for a bad or irrecoverable debt and the auditors feel the amount of $10 million which is not
been provided for is of such significance that the financial statements do not show a true and fair
view.
As discussed in paragraph 15, no provision for irrecoverable debts has been established for a
major customer owing $10 million and who has gone into liquidation with little prospect of
substantial recovery of amounts owed. This provision would reduce profits and receivables
by $10 million.
In our opinion, because of the effects of the matter referred to above, the financial
statements do not give a true and fair view.
OTHER ASSIGNMENTS
Chapter 26
TYPES OF ASSIGNMENT
1. Introduction
This chapter classifies and briefly describes the various types of assignment that accountants might
be involved with. The main classifications are:
๏ Assurance engagements
๏ Non-assurance engagements
2. Assurance engagements
2.1. Historical information
๏ Reasonable assurance engagement, such as a statutory audit. Sometimes known as positive
assurance where the auditor can say that something is/is not the case.
๏ Limited assurance engagement, such as a ‘mini audit’ where the auditor says that nothing has
come to their attention indicating a material misstatement is in the FS. Faster and cheaper, but
less confidence in the figures is provided.
๏ Social and environmental audits.
2.2. Other than historical financial information
๏ Prospective financial information (eg cash flow forecasts and budgets).
๏ Due diligence reviews.
๏ Internal controls and systems.
3. Non-assurance engagements
3.1. Review engagements
Can be very similar to the mini-audit described above, but can also be applied to reviewing interim
financial information, reviewing financial information to see if it has been prepared and presented in
accordance with the applicable financial reporting framework.
3.2. Agreed upon procedures
Where the auditor and client agree on the investigations to be carried out and on the work do be
done. For example, assessing how much has been lost through an incidence of fraud or a warehouse
fire. Forensic accounting assignments are agreed upon procedures.
3.3. Compilation engagements
Where the accountant prepares and presents financial information for the client. No opinion is
expressed.
Remember that only in statutory audits is the work to be done well-specified. For example, statute
defines what is reported on (ie the parts of the financial statements); ISAs specify how much of the
auditing work is to be carried out and how the auditor should respond to findings (eg attendance at
stock-takes). If the accountant is to embark on other types of work it is vital that the work, their
approach and the outputs are well-defined at the start.
Chapter 27
REPORTING ON PROSPECTIVE
FINANCIAL INFORMATION
1. Introduction
For example, the auditor (or other firm of accountants) has been asked to report on:
๏ A capital expenditure budget

๏ A profit forecast
๏ A cash flow budget
Often, the report is requested by a potential supplier of capital, such as a bank beginning or renewing
a loan agreement, or by a venture capitalist considering the supply of equity finance.
Strictly, there is a difference between the terms ‘forecast’ and ‘projection’:
๏ Forecast: expected to happen

๏ Projection: not necessarily expected to take place; more of a what-if investigation.
2. Positive or negative assurance?

Fairly obviously a positive assurance (reasonable assurance) is not possible with reports on
prospective financial information. Reasonable assurance implies saying that to a reasonable level of
confidence there are no material errors in the financial information that is subject to the report. It
would be a foolhardy accountant would would be willing to say that about any budget or projection.
The future is simply too uncertain and the forecast subject to many assumptions.
The best that the accountant can do is to offer negative (limited) assurance. This simply states that
nothing obviously incorrect has been found in the prospective financial report. For example, it is
arithmetically accurate, that there are no technical errors (such as including depreciation as a cash
outflow in a bash flow budget). The accountant must also be satisfied that the assumptions are
reasonable and not obviously wrong or overly-optimistic.
An accountant should not accept an engagement if assumptions clearly unrealistic or results not
suitable for intended use. For example, a budget showing sales and profits doubling without any
convincing reason has probably been drawn up on the basis of making assumptions that give the
answer required. For example, the sales needed to stay within an agreed overdraft limit. Similarly, if
finance were being requested to support the opening of an additional shop, the budget for that
shop’s results might be reasonable and show a profit, but if the rest of the business were in financial
difficulties, presenting a cash flow for the only viable part of the business would not really be suitable
for a supplier of loan finance.
3. Methods
The methods available are:
๏ Analytical review.
๏ Verification of projected expenditure (eg for capital expenditure budgets).
๏ Scrutiny of assumptions (using a high degree of professional scepticism). What evidence is there
that the assumptions are reasonable and, where relevant, consistent with previous results and
relationships? Note that with many prospective financial reports, timing of events is often fluid
and therefore subject to unwarranted optimism. Will the new factory really start producing
revenue in one year, or might it more realistically not be until after 18 months? Will customers
really pay within two months, or might they often take three months?
4. Example
Clairvoy Co
It is 5/1/2019 and Clairvoy Co is applying to its bank for loan finance. The loan would amount to
$10,000,000, repayable in equal instalments over the three years 2019, 2020 and 2021. In support of
this application, the company has provided a cash flow forecast for the next three years. The forecast
is shown below:
Actual Budget Budget Budget

US$0 2018 2019 2020 2021
Sales 7,000 7,500 8,500 9,000
Cost of sales 2,500 2,700 3,000 3,500
Receipts from sales 6,900 7,400 8,400 9,400
Payments to suppliers 2,500 2,600 2,700 3,000
Other outflows:
Wages 1,000 1,050 1,100 1,100
Administration 800 850 900 920
Depreciation 100 100 110 120
Capital expenditure 200
Tax 520 560 678 772
Net cash flow 1,980 2,040 2,912 3,488
B/f cash 500 2,480 4,520 7,432
C/f cash 2,480 4,520 7,432 10,920
Clairvoy Co is not one of your clients, but the company has asked you to provide a report to the bank
verifying the cash flow forecast that has been prepared.
Required:
Identify and describe the issues that this work would raise and describe the work that you
would do to audit the prospective financial information.
5. Solution - issues to consider

The great thing to remember with all types of budgets and forecasts is that nearly everything on the
document is an assumption and therefore its reasonableness can always be questioned. Remember,
question both the amount and its timing. If an amount is not an assumption then it must be an
historical amount (such as the opening cash balance) and that must be checked too. So ALL amounts
are open to scrutiny. Usually, as here, you would also be asked to state what evidence you would seek
for each amount.
So here we would:
๏ Check the opening cash balance to the cash book balance.

๏ Check all actual 2018 amounts to the historical financial statements.
๏ Sales have increased 7%, 13% and 6% pa. This rate of growth looks impressive (though we don’t
know the industry sector) and needs to be justifies by sales budgets, marketing reports,
competitor analysis etc.
๏ Calculate relevant ratios based on the 2018 figures for use in analytical review of the projections:
๏ GP% = 4,500/7,000 = 64%. Note that the GP% has then become 4,800/7,500 = 64%, 5,500/8,500
= 64.7% and 5,500/9,000 = 61%. We need to ask (eg the sales director) why this percentage has
changed.
๏ Wages/sales = 1,000/7,000 = 14%. Note that this ratio has then become 14%, 13% and 12%.
What is causing these efficiency gains?
๏ Administration/sales = 800/7,000 = 11%. Not that this ratio has then 11%, 10.6% and 10%. Again
there are slight efficiency gains that should be investigated.
๏ In 2018, 6,900/7,000 cash from sales was received = 98.6%. This rises to 99% in 2020 then 104%
in 2021. The 2021 figure certainly looks odd and it is not clear why the cash receipts are higher
than the sales.
๏ In 2018, 100% of purchases were paid for. This falls to 2,600/2,700 = 96%, 2,700/3000 = 90% to
3,000/3,500 = 86%. More credit is being taken from suppliers and we need to investigate if this is
a reasonable assumption. For example, talk to buyers and payable ledger supervisors.
๏ The timings of receipts from debtors and payments to suppliers need to be examined in detail
as timings of receipts and payments are crucial to cash flow budgets.
๏ Depreciation shouldn’t appear on the cash flow as it is not a movement of cash.
๏ What is the capital expenditure for? Has it been authorised by the board? Is it in the correct year?
Is it complete? Is there really no capital expenditure in other periods? Look at board minutes,
expansion plans, capital expenditure budgets and authorisations.
๏ Are the tax payments calculated properly?
๏ No interest has been included on the cash budget. This is material. For example, if interest was
charged at 5% then $10,000,000 x 5% = $500,000 pa
๏ No capital repayments appear in the cash budget. The potential loan agreement should be
examined to see what the repayment schedule is.
As the budget stands there is a forecast $10,920,000 at the end of the three year period. That would
be enough to cover the loan - not accounting for interest.
It should also be mentioned that we should perhaps be a little suspicious that we have been asked to
do this work, yet we are not the company’s auditors. It would be normal to ask the auditors to carry
out these types of assurance engagement because, as they are normally required urgently, auditors
can complete the work efficiently because of their client knowledge. Of course, the auditors might
not have had time or resources to produce a report quickly, but we should be on our guard that we
have been approached because we do not have detailed knowledge about the company and that
makes it easier for the company to mislead us.
6. Before starting the work

The duties of an auditor are well-defined in both statute and auditing standards. For example, statute
gives the auditors a right to see any documents they wish and to ask for all explanations they require.
But, of course, auditors are careful to sent an engagement letters to each client, a copy of which has to
be signed and returned. The engagement letter sets out the work that will be performed by the
auditor and the responsibilities and duties of the client.
Non-audit work, however, is not well-defined. Each job is unique and it is essential that it is well-
defined. For example, in the cash flow work described above, it would be essential for the accountant
to:
๏ Tell the client that the assurance will be limited (negative) not reasonable (positive).
๏ Determine how many years or months the cash flow covers (obviously, the longer the period,
the greater the amount of work).
๏ Find out the purpose of the cash-flow and who will receive it. The wider its use or distribution
the greater the risk to the accountant.
๏ Agree with the client that the required explanations and documents will be made available.
๏ Agree a fee.
๏ Agree a deadline
๏ As noted above, before agreeing to perform the detailed work, the accountant should initially
review the cash flow to ensure that the assumptions are not unrealistic.
Chapter 28
FORENSIC AUDITS
1. Introduction
The word ‘forensic’ is found in the terms:
๏ forensic accounting
๏ forensic investigations and
๏ forensic audit.
In all cases it implies investigating a company’s or person’s financial affairs for legal purposes. The
investigation might be related to a real or suspected fraud, quantifying an insurance claim, estimating
the effects of professional negligence and discovering the assets owned by individuals (such as the
proceeds of crime hidden away by a criminal or assets owned by a party to a failed marriage).
For the rest of the chapter, we will simply refer to ‘forensic auditing’.
2. General nature of the work

Often, but not always, the work performed by the accountant in forensic audits will be used as
evidence either in a criminal or civil case. Often the accountant will appear as a witness and be
subjected to cross-examination. Prosecutions or civil claims are invariably defended and the
accountants and their work will be expertly challenged by the legal representative of the defendant.
Any shortcoming or flaws in the audit work will be picked on in an attempt to undermine the whole
case. It is therefore very important that the accountant’s work, records, findings and conduct are of
the highest quality so that their evidence is as solid as possible. It would, for example, be harmful to a
case if an accountant over-stated an opinion or an alleged finding that could not be substantiated. If
the accountant cannot justify one statement or conclusion, doubt is cast on them all.
However, although the accountant will be hired by one or other side of the dispute, the accountant
must show integrity (for example, not hiding evidence that is useful to the other side) and objectivity
(eg drawing fair and reasonable conclusions about the value of inventory lost in a fire). The
accountant is a should be seen as a servant of the court and should help the court to discover the
truth as far as possible. The accountant should beware of becoming an advocate for one side of the
dispute.
The professional conduct and due care required of the accountant carrying out forensic audits is of a
specialist nature and the accountant should not undertake the work without proper training and
experience. For example, there are considerable skills needed in questioning suspects in a fraud case.
Specialist skills are needed to trace money as it passes through various bank accounts and various
countries in a money-laundering case.
3. Planning
As with all assignments, planning is essential. In addition, because each piece of forensic work will be
unique, it is essential to agree with the client exactly what work is required.
Planning will start with a planning meeting where the following will be discussed:
๏ The nature of the investigation and why it is required (eg fraud, money laundering, loss
estimation).
๏ The type of report(s) needed (eg quantifying the fraud, finding out how it was perpetrated,
determining who was involved and for how long it went on).
๏ Agreement that the investigation team will have full access to whatever documents,
information, personnel and explanations they need.
๏ What work has been done already. For example, has the fraud mechanism been understood and
stopped? Have the police been involved?
๏ If the investigation work is likely to become evidence in a court case, the accountant will need to
ensure that it is of the highest quality.
๏ Determine who will receive the completed report.
๏ When can the investigation start? By when is the report needed?
๏ Some preliminary documents might be asked for, such as any insurance policy that might
compensate for negligence payments, losses through fraud or fire.
If the client is not an audit client, then the amount of work that has to be done will be somewhat
greater. For example, whereas auditors will have documented the accounting system and this might
give insights as to how a fraud was perpetrated, if the investigating accountants are not the auditors
they will have to start by documenting relevant parts of the system, getting to understand the nature
of the business and the reporting structures within it.
4. Main differences between a regular audit and a forensic

audit
Regular audit Forensic audit
Skills needed Ordinary audit skills Specialist eg how to question witnesses
and suspects.
Predictability Regular, planned Often unexpected and urgent, therefore
there might be problems finding the
appropriate staff resources: number of
staff and possessing the required skills
and experience
Materiality Not particularly interested Many frauds are committed by stealing
in immaterial errors small amounts frequently. For example,
if a fraudster knows that payments
under $100 are not subject to approval
by a manager, small frauds of about $90
might be used.
Computer-assisted audit Used for selecting/finding Can be used to examine 100% of
techniques samples and for testing transactions and this might be needed
internal controls. when materiality is of no importance.
For example, all payments from the
bank could be examined in the search
for a specified recipient’s account
number
Work to be performed and Broadly standard (though Open-ended, non-standard. Therefore,
for whom differs in detail from audit must be carefully agreed in advance
to audit) and specified by with the client and an engagement
the law and by auditing letter issued and agreed.
standards. Fairly standard
engagement letter. May need to comply with legal rules on
the collection and presentation of
Audit reports are for the evidence in a court of law.
shareholders. Letters
setting out control Generally carried out at the request of
weaknesses go to those management but it could be at the
charged with governance. request of an insurance company, a
legal firm or the authorities.
Interviews Client staff are routinely Client staff might additionally be
interviewed about how interviewed if they are suspected of
transactions are carrying out a fraud. This requires skill
performed, what a and care. The staff member might be
transaction is, what entitled to have legal representation
controls are present etc. and if this is not provided the interview
transcripts might not be accepted as
evidence.
Chapter 29
SOCIAL AND ENVIRONMENTAL
AUDITING
1. Introduction
Environmental and social issues are a source of risk (and opportunity) to companies:
๏ Bad publicity - for example, disparities between the salaries of male and female employees
๏ Good Publicity - for example, a reduction in carbon footprint.
๏ Fines - for example, on operating outside permitted hours causing noise that harms those living
nearby.
๏ Compensation - for example, on the release of pollution that affects fish stocks.
๏ Losing customer contracts - for example if a company is implicated in exploiting children.
๏ More supervision by the authorities - if an industry has repeatedly not improved it standards.
Social media allow much greater involvement of many stakeholders - and can also quickly permit
harm to be caused to an organisation through Twitter and review sites. Initiatives such as integrated
reporting and the triple bottom line (profits, people, planet) have meant that more and more
companies include social and environmental measures in their annual reports and on their web-sites.
2. Assurance reports
Assurance reports on social and environmental measures give greater credibility to those measures. If
no independent assessment were performed why would stakeholders believe what is published? Of
course, what company decides to publish relating to these matters is very much the company’s choice
(unlike in their financial statements) and the auditor has no power to insist on a particular set of
disclosures. However, once the company decides on its disclosures, the auditor can be asked to
provide assurance.
In general, the work that the auditor has to carry out for an assurance report is:
๏ Agree the metrics.

๏ Check the client’s measurements, calculations and published figures.
๏ Report compliance.
3. Typical areas covered by companies in their environmental

and social reporting
Social:
๏ Production information relating to socially responsible, safe, reliable products

๏ Data showing progress towards equal opportunities for staff and for fair pay policies
๏ Incidence of industrial injuries
๏ Number of trainees
๏ Number of hours spent on socially useful voluntary activities
๏ Conditions for the workforces of suppliers (eg steps taken to stop suppliers using child-labour)
๏ Fair pricing for purchases
Environment:
๏ CO2 emissions/carbon footprint

๏ Release of waste products into the atmosphere or sea or rivers
๏ % of packaging that is recyclable
๏ Reductions in packaging
๏ Freight miles for both purchases and sales
๏ Overall energy consumption
๏ Percentage of energy from renewable sources
๏ Trees planted
4. Planning the assignment

Every client could use different sets of measures and different ways of taking measurements and the
first step is to find out precisely what work the auditor is expected to carry out. What key performance
indicators (KPIs) will be used? What are the comparatives? How and when are the measurements
made? What evidence does the client use and which will also be available to the auditor?
Each KPI should be assessed to see if measurement (and therefore auditing) can be reasonably
accurate or if the KPI is too ill-defined.
The auditors should consider if they have the appropriate competences to audit the KPIs. If third party
experts are needed, their independence and competence will have to be assessed.
When is the work to be done?
What type of assurance is required: positive/reasonable or negative/limited?
5. Potential problems with KPIs and their measurement

๏ Not specific-enough to be meaningful. For example, the company reports on serious industrial
accidents. However, this leaves unanswered what is meant by ‘serious’.
๏ Lack of consistency from one period to the next. So, if the definition of ‘serious’, above, were to
be altered, the safety record could be manipulated to show improvement.
๏ Comparability across industries is likely to be difficult as different firms could measure an
identically described measured differently.
๏ Record-keeping and internal control systems might not be good enough to permit the figures
to be audited. For example, how would the auditor know that escapes of waste into the local
river are completely recorded?
๏ Is the auditor competent to verify the technology used in the measurements and the
calculations that might follow?
6. Example
You are the auditor of Kipper Co, which manufactures paper from wood pulp. In its annual report the
company publishes data on some environmental and social measures. The keep performance
indicators published are:
๏ The company’s carbon footprint.

๏ Its energy efficiency
๏ Release of chemicals into the local river
๏ Incidence of industrial diseases.
Requirement:
What issues are raised by your client’s request?
7. Answer notes
7.1. Carbon footprint
๏ What is included: energy used in the factory, transport, energy used by suppliers? Is there any
offset from renewable supplies?
๏ What is the metric? For example, it could be in tonnes of CO2
๏ How does the company assess the chosen KPI?
๏ Does the company propose to use any sort of industry comparatives?
7.2. Energy efficiency
๏ How is this measured? What is meant by efficiency or do they just mean energy consumption?
๏ What is the metric and how is it assessed? Will it be possible for us do verify the figures?
๏ Is it just the paper-making process or is it the whole undertaking?
๏ Are suppliers’ energy consumption figures included so as to get total energy per tonne of paper
produced?
7.3. Release of chemicals into the local river
๏ Does this include all chemicals or just particularly harmful ones? Will the measures be split over
different chemicals?
๏ What does the company measure? Litres released is no good without knowing the
concentration of the chemicals.
๏ How does the company monitor releases?
๏ How can we verify that retrospectively?
๏ How can we verify that the company procedures work correctly?
7.4. Incidence of industrial disease
๏ How is ‘industrial disease’ defined? What diseases are covered?
๏ Is the company simply looking at current employees or are former employees investigated too?
(Some diseases might not show up for some time.)
๏ If former employees are included can they all be located and do they all cooperate?
๏ What sort of medical reports are provided?
๏ Do other, similar industries, use the same measurements?
Chapter 30
DUE DILIGENCE REPORTS
1. Introduction
These reports are typically required when one company is proposing to take over another. Essentially
due diligence is fact finding and information gathering: exactly what is being bought?
The target company’s published financial statements give some information, but not a lot, and
besides the financial statements could be over a year old. The FS are retrospective showing what has
happened, but what is being bought are the future prospects of the business and the new owner will
end up with both the assets and liabilities of the acquired business.
Type of report:
Due diligence work could be either:
๏ An assurance assignment, where the accountant gives an opinion (negative/limited) to the

effect that nothing worrying has been found.
๏ An agreed upon procedure eg a list of factual findings relating to the subject matter.
2. Procedures
Often, due diligence assignments are urgent. For example, the take-over is happening to rescue a
failing company. However, the auditor must take care to ensure that there is a comprehensive
engagement letter and that staff of the proper skills and experience can be assigned to the job.
Typically, the engagement letter will cover:
๏ Extent of the work.

๏ Type of report.
๏ Timescale.
๏ A clause saying that any takeover is the decision of the client, not the auditor or accountant.
๏ A clause stating that misstatements made by the target company might not be discovered, that
all irregularities might not be found and that the work will mainly be in the form of asking for
information and performing analytical reviews.
๏ A clause stating that the auditor is dependent on the cooperation of the target company’s
management.
๏ The fee.
3. Information to be examined
This includes:
๏ Budgets.
๏ Information about senior employees and their contracts of employment.
๏ Liabilities that have arisen since the last SOFP was published.
๏ Litigation.
๏ Prospects for the business.
๏ New products in the pipeline.
๏ Industry outlook.
๏ Non-current asset information eg age of assets and replacement plans.
๏ Lease contracts.
๏ Significant contracts, progress, renewal dates, performance.
๏ Correspondence with major customers.
๏ Proof of payment of corporation tax, employees PAYE, VAT etc.
๏ Accident book.
๏ Board minutes.
As was once said, undergoing a due diligence examination is like a firm of accountants asking you to
photocopy everything in the office and to send it to them for scrutiny!
Chapter 31
THE AUDIT OF PERFORMANCE
INFORMATION IN THE PUBLIC SECTOR
(INTERNATIONAL VARIANT ONLY)
1. Introduction
Performance information is information about the performance of an organisation against set criteria
such as a budget or benchmark. For example, information may be produced about how many units of
a product are produced or how efficient an employee is in terms of units produced per hour. In terms
of the public sector this could be number of operations performed in a hospital, or how many times
the grass is cut in a council park, or how many school children reach a target literacy level.
The audit of performance information in the public sector is examining central and local government
departments in terms of three main criteria:
๏ Effectiveness: whether the objectives of the department have been met.

๏ Efficiency: how well inputs are turned into outputs.
๏ Economy: obtaining best value for money.
For example:
A government department is responsible for repairing street-lights. The success of that department
can be determined using the 3E’s criteria.
๏ Effectiveness: Whether each light was repaired within the time limits set by the government
department.
๏ Efficiency: How many resources were used to fix each light in terms of materials, labour etc.
potentially against some standard.
๏ Economy: The financial budget for fixing lights was not exceeded during a specific period.
2. The use of performance information

In many countries, government departments produce statistical information concerning the
performance of that department. For example, a local council in the UK (a local council being
responsible for provision of services such as refuse collection, street lighting, road maintenance etc. to
an area of a few hundred square kilometres) will produce information not only on its financial
performance but also on other areas such as the amount of refuse recycled or time taken to respond
to requests to repair streetlights.
The main reasons for production of performance information include:
๏ Improvement. Targets are set and performance measured against those targets to try and
determine how management can be improved. For example, if recycling targets are not being
met then councils may use performance information to determine which categories of waste are
not being recycled and then introduce new systems to (hopefully) improve actual recycling
against target.
๏ Monitoring. Performance information is used to report on the achievement of targets. In this
sense, local government may have to report back to central government to obtain the necessary
funding for next year’s budgets. Similarly, performance information can be used as a
management tool to determine the amount of performance related pay.
๏ Reporting. Including performance information in accounts or other external reports partly as a
means of showing progress against targets but also as a means of advertising how well those
targets have been met. For example, meeting a recycling target will be reported not simply to
show that the target has been met but also to generate good publicity for the council.
Taxpayers will therefore be happy with the activities of the council and ultimately this means
that the councillors in charge of the council are re-elected(!).
From the audit perspective, this means that auditors will have to treat performance information with a
high degree of scepticism. There will be management bias to show good results not only to maintain
or increase funding but also so councillors retain their posts.
In other words, a lot of performance information may be available, but it may be produced to meet
the three objectives above, not because there is any standard (such as the IASs) which require
production in a specific format. Comparability between different information providers (that is
different councils, schools or hospitals etc.) will be difficult as the actual information produced will the
different and different standards will be used to produce that information anyway.
3. Planning the audit of performance information

To audit that performance information the auditor needs to know how that information (actual
performance and target performance) was produced. There are five stages to the production of
performance information:
(1) Defining a measurement objective
(2) Formation of relevant indicators
(3) Data collection
(4) Data analysis
(5) Reporting
These stages are explained below along with typical examination procedures that can be used by the
auditor.
Audit procedures for performance information in the public sector can include:
๏ Tests of controls on the systems used to generate performance information (eg managers
dating and signing off tasks as they are accomplished).
๏ Performing analytical review to evaluate trends and gauge the consistency of the information
(for example, compare to the previous period).
๏ Discussion with management and others responsible for the reporting process about problems
both with performance and its adequate recording.
๏ Review of minutes of meetings where performance information has been discussed. For
example, council meetings, school governors’ meetings, health authority meetings.
๏ Inspection of performance information source documentation, probably on a sample basis.
๏ Recalculation of quantitative performance information measures and their summarisation onto
performance reports, again on a sample basis.
The example of refuse collection is used to illustrate each section. In many countries, the residents of
each house are provided with a large bin on wheels into which household refuse is placed. The local
council provide a refuse collection service, so each week the bins are emptied into a refuse collection
lorry which takes that refuse to a tip. Some councils also provide a recycling service where recyclable
refuse is placed in a separate bin and taken for sorting and recycling.
Stage Explanation Examination procedures

Defining a The process or activity is identified ‣ Ensure the measurement
measurement and level of detail to be measured objective can actually be
objective confirmed. For example, the measured.
number of houses to collect refuse ‣ Review the proposed indicator
from each day may be considered to ensure it is achievable and
as an indicator although some at the correct level of detail.
allowance might be necessary for
different types of houses.
Formation of relevant Having decided what to measure, ‣ Confirm number of houses in
indicators this stage defines how to measure the council area – by reference
the process or activity. To ensure to detailed maps.
that the measure is appropriate, it ‣ Ensure 1,000 bins emptied
must be SMART: each day is achievable.
‣ Specific to the process or activity. ‣ Ensure all bins can be emptied

each week by dividing
‣ Measurable, that is quantifiable. number of properties by 5,000
‣ Achievable. (1,000 bins over 5 days) and
there are at least that number
‣ Relevant to the process or activity of refuse teams.
‣ Time bound, that is measured
over a specific period of time.
For the refuse collection the

objective can be: “Bins to be
emptied from all properties in the
council area once each week with
1,000 bins emptied each day by
each work team”.
Data collection Data is then collected on each of ‣ Review signature sheets
the SMART indicators identified. confirming that bins have
been emptied.
For refuse collection, each ‣ Access online complaints
collection team has a pre- system and determine from
determined route covering about this how many bins were not
1,000 houses and a shift supervisor emptied.
signs a document confirming ‣ If necessary, write to a number
refuse bins have been emptied. of residents in the council
Also confirm that residents can asking them to confirm their
complain (probably online) if their refuse bins were emptied.
bin is not emptied.
Stage Explanation Examination procedures

Data analysis The data collected is analysed and ‣ Re-calculate the council’s
compared to the indicators. statistics of bins being
Reasons for performance being emptied and confirm accuracy
above or below standard are of non-emptied bin %
(complaint information
identified.
already obtained above).
For refuse collection, compare
results of collections each week
(signature sheets) to confirm all
bins have been emptied – or
where bins are not emptied
calculate the % missed. Identify
any areas or streets where
collections are normally below the
performance indicator.
Reporting Finally a report is produced on the ‣ Obtain and review report.
whole process or activity, with ‣ Ensure that the
recommendations made for recommendations are
improvement or change to the congruent with the problems
activity, the indicators being used identified in the previous
or both. section.
‣ Where necessary, discuss
For refuse collection, from the
actions with the managers in
results above, determine what the council to determine
remedial action is necessary. For whether further remedial
example, this may mean changing action is necessary.
the number of refuse collection
teams or targeting specific teams
with training where their % of bins
not emptied exceed other teams.
4. Reporting on performance information

In some countries, including the UK, reports on performance information are generally included
within the report on the financial results of the government or other department. The audit may also
be carried out by a government auditor (literally auditors employed by the government in effectively
an internal audit role) using specific government reporting standards. This means that care must be
used in interpreting the reports partly due to possible bias (no truly independent report) and lack of
knowledge of the different reporting standards used. In terms of non-financial performance
information there may not be any reporting standard anyway, potentially making the report even
more subjective.
A typical report is summarised below.
Remember the format of a standard ISA700 audit report and most of the sections of a report on
performance information can at least be “guessed”.
Section of report Content Implication for auditors

Title Identifies who the auditor is
reporting to – in this case
normally the members of the
government department.
Scope of work Identifies what has been The auditor will need to
audited and the standards understand the financial
used. In many countries there reporting framework.
will be a specific financial
The auditor will also state clearly
reporting framework for
what information has been
government departments.
audited, normally be identifying
the page numbers in the report
where the performance
information is shown.
Responsibilities of the chief The report confirms that the
financial officer and the chief financial officer prepares
auditor the report and the auditor
audits the information in that
report.
Scope of the audit Confirms that the auditor has The difficulty for the auditor will
attempted to identify any be to determine the standard to
material misstatement in be applied to non-financial
financial or non-financial information: how is it measured,
information. is this valid and how “wrong”
this information has to be to
make a material misstatement.
Section of report Content Implication for auditors

Opinion This will still relate to true and Again, the auditor will need
fair view although the knowledge of the appropriate
reporting standard will be reporting standards.
different (government
reporting standards as noted
above).
Report on economy, This is a separate section of Any other objectives such as

efficiency and effectiveness the report where the 3e’s are performance information
reported on. The auditor will relating to recycling will be
normally state that the 3e’s mentioned (remember that the
have to be reported on and information reported on will be
whether or not the council has identified in the scope
fulfilled its’ responsibilities in paragraph of the report) if the
this respect (for example, information is materially
there is proper arrangements incorrect. In this case, the reason
in place for securing the for the auditor’s report
economy, efficiency and modification will be stated.
effectiveness of the council’s Reasons for the modification
resources). include that the performance
information is incorrect or there
is uncertainty about the figures
(which are the two main reasons
for modification anyway under
ISA 706).

ACCA AAA S18 Notes PDF

Încărcat de

Informații document

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

ACCA AAA S18 Notes PDF

Încărcat de

Drepturi de autor:

Formate disponibile

Se

Spread the word about OpenTuition,

How to use OpenTuition:

OpenTuition Lecture Notes can be downloaded FREE from http://opentuition.com

Advanced Audit and Assurance

REGULATION, LEGAL MATTERS AND QUALITY CONTROL 7

AUDIT PLANNING AND RISK ASSESSMENT 49

THE AUDIT OF GROUP FINANCIAL STATEMENTS 99

THE FINAL STAGES OF AN AUDIT 107

OTHER ASSIGNMENTS 129

INTRODUCTION TO ADVANCED AUDIT AND

๏ The amount is wrong.

2. The ‘maturity’ of answers required

3. Topics in AAA, not in AA

5. Approach to examining the syllabus

Case study (50%)

Four professional marks are available in Section A

Two compulsory 25 mark questions, predominately based around a short scenario.

REGULATION, LEGAL MATTERS AND QUALITY

1. Audit and assurance

๏ What standards should be applied?

The important words here are ‘independent’ and ‘opinion’.

2. Elements of an assurance engagement

The following are the five elements of an assurance engagement:

(3) Suitable criteria (for example accounting standards)

(4) Sufficient appropriate evidence.

๏ Is the amount substantially correct?

2.2. Professional scepticism

2.3. Assurance Report

1. Why corporate governance is needed

2. Principles of corporate governance

3. The UK Corporate Governance Code

Relations with shareholders

The code therefore specifies:

4. The role of the audit committee

Review of internal audit

Financial Statements Review of internal control

1. Overview of the audit process

Plan the audit

Assess risk of material misstatement

Expect effective controls Expect ineffective controls

Unsatisfactory Report significant deficiencies

Restricted substantive Full substantive

Overall review of F/S

2. Marketing professional services

3. Tendering for professional services

๏ A brief introduction to the accountancy firm.

4. Before you say ‘yes’ (and continuance decisions)

The following need to be investigated:

5. Communication with existing auditors

6. The engagement letter

๏ Define the auditor’s responsibilities

7. Typical contents of an engagement letter

๏ Ethical principles to be followed.

3. Threats to professional ethics

๏ Safeguards in the work environment,

Self-interest threats are the following:

Really, checking your own work is a waste of time.

3.3. The supply of other services

3.4. Advocacy threats

3.5. Familiarity threats

Familiarity undermines professional scepticism

3.7. Conflict of interest