Advanced Audit and Assurance

Section:01
Total marks:40 marks
Last Date of Submission:05/06/2020
Student Name: Mamunur Rashid Student ID:2019110004037

QUESTION NO.:1

Internal control is the collection of policies and procedures that are followed by the organizations while
performing the activities required to attain their goals. It facilitates the organizations to stay in the right
path and to mitigate the risks they face on a day to day basis. A good internal control system enhances the
efficiency and effectiveness of the organizations as well. It provides signals about the deviations of
operations and thus organizations can take appropriate measures to overcome those situations.

A. What is the difference between policies and procedures?

Answer: Policies and procedures are the foundations of any company. Even if they’re not
written down, policies and procedures define organization and ensure that things are running
smoothly. For best results, however, both policies and procedures should be written down and
codified to avoid misunderstandings or inefficiencies. In practice, what are the differences
between policy vs procedures and the differences are discussed below:

Defining Policies
Policies are the big, overarching tenets of any organization. They set direction, guide and influence
decision-making. Policies guide the day-to-day actions and strategies, but allow for flexibility –
the big keyword for policies is “guiding”. They establish a framework of management
philosophies, aims and objectives. Policy can be driven by business philosophy, competition,
marketplace pressure, law or regulation and in many cases all of these.

Company policies tend to have topics such as social media use, sick time and paid leave, acceptable
work behavior and codes of conduct, employee onboarding and termination, workplace
discrimination and proper certifications and licensing among a plethora of other topics, some
specific to business.
Defining Procedures
Procedures have a narrow focus; they describe, step by step, what actions to take in specific
instances. Procedures have a beginning and an end and should be strictly followed to achieve the
desired outcome. The cyclical nature and uniformity of a procedure are vitally important for
training new employees, compliance, process improvement and auditing.

Examples of procedural topics include emergency procedures, material ordering, equipment

operation or how to inventory supplies and goods.

Policy Vs Procedures: Some Key Differences

When it comes to creating, updating and implementing your policies and procedures,
there are some key differences.

Policies:

 Change infrequently
 State who,what when or why
 Are broad and general
Procedures:
 Continuously change and improve
 State what, how, when or who
 Offer a detailed description of activities

When it comes to creating policies and procedures, it’s important to understand what
each pertains to and what the goal of each is. Company’s policy on meetings should not
contain a specific script to follow, just as procedure for inventory shouldn’t only contain
“count the objects”. It’s also important to understand how often each should be
updated, since policy and procedure software should be able to handle the continuously
updated procedures your organization is putting out and the evergreen policies at the
same time.
B. Define the term control activities. Briefly discuss the types of control activities that are introduced
by the organizations in designing a good internal control system.

Answer: Control activities are the policies and procedures which help to ensure that necessary
actions are taken to reduce risks in the achievement of the entity's objectives. They are the most
tangible controls that help to prevent and detect frauds and errors. Control activities may be
manual or system based where processes are computerized.

There are many control activities that are introduced by the organizations in designing a good
internal control system. Without instituting adequate control activities, organizations are exposed
to huge risks. Indeed, Control activities mitigate or eliminate certain risks or threats. Whatever
the control activities organization follow they generally fall under the following types of specific
control activities:

 Authorization: The essence of this controls is that all transactions and activities must be
properly authorized to make the system satisfactory. This is very much fundamental to
prevent unwanted and unauthorized transactions. Authorization may be either general or
specific based on the nature of transactions.
 Segregation of duties: This implies that a number of people should be engaged to perform
the different parts of a process. Involvement of several people, makes fraudulent
transactions difficult. It also reduces efforts as more people implies more checking.
 Physical control over assets and liabilities: To ensure robust internal control, physical or
logical security needs to be established and maintained over assets and records. Physical
control is very much essential to protect assets and documents.
 Performance review: Performance review includes reconciliation between two sets of
data, comparing internal data with external information, variance analysis, trend analysis
etc. Through performance review organization can create visibility of its activities and
pay attention to those areas where it requires.
 Independent check: It implies the careful and continuous review of the above four types
of control activities. This helps to verify and review the execution of all other control
activities by raising flags.
 QUESTION NO.:2

BSA 530 “Audit Sampling” states that 'when designing audit procedures, the auditor should
determine appropriate means for selecting items for testing so as to gather sufficient appropriate
audit evidence to meet the objectives of the audit procedures'.

In this context what do you understand by “Audit Sampling”? Some testing procedures do not
involve sampling. Explain?

Answer: Audit sampling involves the application of audit procedures to less than 100% of the
items within an account balance or class of transactions such that all sampling units have a
chance of selection. This will enable the auditor to obtain and evaluate audit evidence about
some characteristic of the items selected in order to form or assist in forming a conclusion
concerning the population from which the sample is drawn.

Some testing procedures do not involve sampling. Such as:

 Testing l00% of items in a population is obvious.

 Certain characteristic, as selection is not representative:
Assurance providers are unlikely to test 100% of items when carrying out tests of control,
but 100% testing may be appropriate for certain substantive procedures. For example, if
the population is made up of a small number of high value items and there is a high risk of
material misstatement then 100% examination may be appropriate.
 QUESTION NO.:3

Kowloon Ltd works on contracts to design and manufacture large items of medical equipment
such as radiotherapy and X-ray machines. The company specialises in the design, production and
installation of bespoke machines under contract with individual customers, which are senior has
left the following note for your attention:
„One of Kowloon Ltd‟s major customers is the Bay Medical Centre (BMC), a private hospital. In
June 2015 a contract was entered into, under the terms of which Kowloon Ltd would design a new
radiotherapy machine for BMC. The machine is based on a new innovation, and is being
developed for the specific requirements of BMC. It was estimated that the design and production
of the machine would take 18 months with estimated installation in December 2016. As at 31
December 2015, Kowloon Ltd had invested heavily in the contract, and design costs totaling
$350,000 have been recognized as work in progress in the draft statement of financial position.
Deferred income of $200,000 is also recognized as a current liability, representing a payment made
by BMC to finance part of the design costs. No other accounting entries have been made in respect
of the contract with BMC.

As part of our subsequent events review, inspection of correspondence between Kowloon Ltd and
BMC indicates that the contract has been cancelled by BMC as it is unable to pay for its
completion. It appears that BMC lost a significant amount of funding towards the end of 2015,
impacting significantly on the financial position of the company. The manager responsible for the
BMC contract confirms that BMC contacted him about the company‟s financial difficulties in
December 2015.
The matter has been discussed with Kowloon Ltd.‟s finance director, who has stated that he is
satisfied with the current accounting treatment and is not proposing to make any adjustments in
light of the cancellation of the contract by BMC. The finance director also advised that the loss of
BMC as a customer will not be mentioned in the company‟s integrated report, as the finance
director does not consider it significant enough to warrant discussion.
Kowloon Ltd is currently working on six contracts for customers other than BMC. Our audit
evidence concludes that Kowloon Ltd does not face a threat to its going concern status.‟ Your
review of the audit work performed on going concern supports this conclusion.
Requirements:
i) Comment on the matters to be considered, and recommend the actions to be taken by the
auditor?
Answer: The Matters to consider is given below:

BMC was suffering from financial problems during the year ending 31 December 2015 which was
notified to Kowloon Ltd before the year end. Therefore the cancellation of the contract appears
to meet the definition of an adjusting event under IAS 10 Events after the Reporting Period
because it confirms conditions which existed at the year end.

The cancellation of the contract indicates that the costs of the work in progress are not
recoverable from BMC, in which case the balance should be written off. Management is not
planning to amend the balances recognized at the year end, and the audit team should investigate
the reasons for this. Possibly management is asserting that the machine design costs could be
utilized for a different contract, despite the fact that the machine was developed specifically for
BMC. Audit work should focus on the contractual arrangements between Kowloon Ltd and BMC,
particularly in relation to the ownership of the rights to the design work which has taken place. If
the design work has been based on an innovation by BMC, then it needs to be determined if this
information can still be used.

In exercising professional judgment about which risks are significant risks, the auditor should
consider at least:

The auditor should investigate and consider the prospective client's standing in the business
community, financial stability, management's integrity, and relations with its bankers, attorneys,
and previous CPA firm. The auditor should also determine whether he or she possesses the required
competence and independence to do the audit.

 Areas of higher assessed risk of material misstatement, or significant risks identified in

accordance with Identifying and Assessing the Risks of Material Misstatement through
Understanding the Entity and Its Environment;
  Significant auditor judgments relating to areas in the financial statements that involved
significant management judgment, including accounting estimates that have been
identified as having high estimation uncertainty;
 The effect on the audit of significant events or transactions that occurred during the period.
 Why the matter was considered to be one of most significance in the audit and, therefore,
determined to be a key audit matter;
 How the matter was addressed in the audit.
 Whether the risk is a risk of fraud;
 Whether the risk is related to recent significant economic, accounting, or other
developments and, therefore, requires specific attention;
 The complexity of transactions;
 Whether the risk involves significant transactions with related parties;
 The degree of subjectivity in the measurement of financial information related to the risk,
especially those measurements involving a wide range of measurement uncertainty; and
 Whether the risk involves significant transactions that are outside the normal course of
business for the entity or that otherwise appear to be unusual.

ii) Explain the audit evidence you would expect to find in your review of the audit working
papers?

Answer: Explain the audit evidence to find in my review of the audit working papers is given
below: Managing audit working paper properly is part of the quality control to make sure that
auditors themselves are compliant with the applicable law and regulation. Auditors might also
subject to be reviewed by the local authority, and peer firm to access the quality of audit work.
Keeping audit working properly help the auditor to deal with this problem as well as help them to
assess whether they themselves perform at the acceptable quality.

Auditor required, as per standard, to make sure that all are sufficient and appropriate audit
documents are obtained and they could prove this to the relevant parties by documenting,
recording, and keeping audit working papers.
The auditor might prepare their own workings papers for their recordings, testing, and reporting.
Also, the auditor might also obtain the papers that prepare by audit clients as well as from the third
party.

The reliability of these papers is different. Normally, the evidence that prepares by the auditor is
more reliable than the one that obtains from the third party and the one that prepares by the client
is less reliable than others.

 Written representation from the project manager confirming that BMC contacted him
regarding their financial difficulties in December 2015.
 Notes of a discussion with the project manager to confirm if the work in progress could be
used for a different contractor or the feasibility of the design work leading to a new type
of product which could be produced by Kowloon Ltd.
 Correspondence with legal department regarding the ownership of the machine and
whether there are any legal implications following the contract cancellation and potential
proposal to sell the machine to a different customer.
 Review of post year-end orders/board minutes to assess if any conclusion regarding
completion of the machine has been made and if an alternative customer has been
identified.
Audit working paper is very important for audit conclusion, therefore, the auditor needs to make
sure the good quality of audit working papers. This requires proper review and supervision from
the person who has better experiences and knowledge.

For the best practice, audit working paper should review by experience level. It is part of the audit
work to prove that auditor obtains the audit evidence to support their opinion in the audit report.

iii) Discuss why understanding the entity and its environment is highly critical for a
successful audit?

Answer: It is important to understand the client’s business

 In order to assess risk

 In order to comply with auditing standards

It is really impossible to be sure how risky a client may be if we do not understand

 Who they are

 What they do

 How they do it

 The integrity and competence of their staff

If we understand a client’s business properly we shall

 Be able to assess what controls have been put in place by the client which may reduce the
level of control risk
 Be able to assess any significant risks which need special attention

 Be able to perform analytical procedures

iv) Discuss why understanding the entity and its environment is highly critical for a
successful audit?

Answer: The auditor should obtain an understanding of the entity's objectives and strategies, and
the related business risks that may result in material misstatement of the financial statements.
The entity conducts its business in the context of industry, regulatory, and other internal and
external factors. To respond to these factors, the entity's management or those charged with
governance define objectives, which are the overall plans for the entity. Strategies are the
operational approaches by which management intends to achieve its objectives. Business risks
result from significant conditions, events, circumstances, actions, or inactions that could
adversely affect the entity's ability to achieve its objectives and execute its strategies, or through
the setting of inappropriate objectives and strategies. Just as the external environment changes,
the conduct of the entity's business is also dynamic and the entity's strategies and objectives
change over time.
Understanding of the client's business can be obtained from

 External sources of information (such as industry surveys/publications)

• Credit reference agencies

• Industry surveys

• Industry publications such as trade journals

• Registrar of joint stock Companies and firms

 The firm (permanent files including previous year’s audited financial statements,
correspondence files, personnel associated with the engagement in previous years)
• The firm should not take any client if it is not competent enough or it may use industry
expert for efficient completion of the audit
• Last year’s file

• Permanent file
And should talk to other external parties Such as,

• The partner, manager, tax person, last year’s senior, firm’s industry specialist The
client
• Talk to the people responsible for the area under audit
• Read internal correspondence and minutes of board/committee meetings
• Read internal audit reports
The auditor's understanding of the entity and its environment consists of an understanding
of the following aspects:

 Industry, regulatory, and other external factors

 Nature of the entity
 Objectives and strategies and the related business risks that may result in a material
misstatement of the financial statements
 Measurement and review of the entity's financial performance
 Internal control, which includes the selection and application of accounting policies.
The auditor should obtain an understanding of the following:

a. Relevant industry, regulatory, and other external factors, including the applicable financial
reporting framework.

b. The nature of the entity, including

 Its operations;
 Its ownership and governance structures;
 The types of investments that the entity is making and plans to make, including investments
in entities formed to accomplish specific objectives; and
 The way that the entity is structured and how it is financed, to enable the auditor to
understand the classes of transactions, account balances, and disclosures to be expected in
the financial statements.
c. The entity's selection and application of accounting policies, including the reasons for changes
thereto. The auditor should evaluate whether the entity's accounting policies are appropriate for its
business and consistent with the applicable financial reporting framework and accounting
policies used in the relevant industry.

d. The entity's objectives and strategies and those related business risks that may result in risks
of material misstatement.

e. The measurement and review of the entity's financial performance.

v) Explain how you will utilize your understanding about the entity and its
environment in your audit planning and audit conclusion?

Answer: Explain my understanding about the entity and its environment in my audit
planning is given below:
The whole auditing process can generally be divided into three different phases. The audit
planning phase includes procedures such as gaining an understanding of the client and its
business, making risk and materiality assessments, determining an audit strategy, and determining
the type of evidence to collect, based on the risk levels.
Performing the audit refers to the process of collecting evidence. Finally, the reporting
phase deals with making conclusions, reporting any necessary adjustments to management, and
issuing the independent auditor’s report.

Audit planning is important because auditors should plan the audit so as to reduce audit risk to an
acceptably low level that is consistent with the objective of the process. The auditor should plan
the nature, timing, the extent of direction and supervision of the engagement team members, and
review of the work. The four main reasons for audit planning include:

 To identify areas of risk of material misstatements

 To design audit procedures to address those risks and to obtain sufficient appropriate
evidence
 To help keep audit costs reasonable
 To avoid misunderstandings with the client
Example Audit Planning Scenarios – What to Consider?

James, a new employee who replaced Terry who was terminated, receives 10,000 stock options at
an exercise price of $5.00.
• Accounting for stock options involves a high inherent risk because there is a lot of
judgment involved due to the volatility in the fair value of a stock option.
• Severance issues are also an accounting issue that deserves attention.

Explain my understanding about the entity and its environment in my audit conclusion is
given below:
Audit conclusions: Such analyses help the auditor to draw conclusions regarding various aspects
of the line items of the financial statements. These conclusions should be independent and factual,
and not based on assumptions. A set of such conclusions leads to forming an opinion.

Compliance with code of conduct: Professional ethics of the ICAI hold an auditor guilty of
professional misconduct for negligence if he doesn't gather enough evidence to justify his opinion.
He would be liable if the evidence in his possession is contradictory to the opinion expressed by
him. This makes drawing a conclusion a critical aspect of an audit.
Expression of Opinion
The auditor discusses his observations with those charged with governance, such as the audit
committee of the company, before finalizing the report. The auditor should be firm in his opinion,
and exercise his independence at this level. This part of the audit is critical, and calls for resilience
on the part of the auditor.

An audit report, being a public document, should be drafted skillfully. The code of conduct
prohibits an auditor from divulging any information received by him in the course of his
professional assignment, unless legally required so to do. Therefore, the auditor shouldn't hesitate
to take the help of a legal expert on whether to include certain comments in his report.

QUESTION NO.:4

AK Group is one of the leading conglomerates of Bangladesh and started its journey as a tobacco
marketing company back in 1953. With headquarters based in the commercial capital Chittagong,
the group flourished into a multi-business portfolio of fast moving consumer goods, steel, cement,
ceramics, marble, shipping and trading business.
The group opened a separate company under the banner of AK Consumer Goods Limited
(AKCGL) in 1994 to spearhead fast moving consumer products business. With its flagship brands
of Starship and later Marks milk powders, the company gradually became the major player in the
market. Over the years, both the brands have successfully acquired an iconic stature through
providing superior quality as well as making significant social contributions.
AKCGL has grown during the year ending 31December 2017 and its profit before tax for the year
will be around Tk. 700 cores.
The financial statements for the year ended 31 December 2016 showed inventories of Tk.
250 cores. Inventories at cost were Tk. 500 cores. A review of obsolescence was not performed but,
on the recommendation of the company's accountants, the cost was written down by 50% on the
grounds of prudence. The directors admit that obsolete inventories rarely exceed 10%. But there
are no satisfactory audit procedures that could be adopted to confirm the true figure at that date.
Requirements
In respect of the issue over inventory, reach a conclusion on whether you would modify your audit
report on AKCGL for the year ending 31 December 2017, on the basis that no other matters arise
which affect the opinion. You should give Reasons for your conclusion and describe any additional
statements which would need to be made in the audit report.

Answer: A limitation on scope has arisen because the auditors were unable to perform
procedures which would quantify the true figure. The matter is material, but not pervasive.
Hence the audit report should be qualified “except for “over inventory control.

In an inventory audit, the auditor uses several analytical procedures to check the company’s
inventory methods and confirm that the financial records and actual physical count of goods
match. An inventory audit is considered a generally accepted auditing procedure.

Some reasons for over inventory in conclusion. Such as,

 Inadequate forecasting methods

 Ignoring seasonality
 A lack of market understanding
 Product lifecycle
 Aiming for high service levels
 Poor purchasing decisions
 Brexit
 Complex supply chains

Describe additional statements which would need to be made in the audit report is given
below:

Auditor recommended that the Director, AK, establish and implement:

(1) a comprehensive inventory reduction program;

(2) ordering and reordering procedures based on sales history data;
(3) controls to prevent out-of-stock conditions;
(4) statistical methods for ensuring accurate inventory counts; and
 (5) Valuation procedures in accordance with the Statement of Federal Financial Accounting
Standard No. 3, "Accounting for Inventory and Related Property."
During our audit, we worked with AK to evaluate the current inventory management system and
to develop solutions for correcting deficiencies identified. As a result of these cooperative efforts,
the Geological Survey has taken prompt action to improve the system. Subsequent to the
completion of our review, an Inventory Management Improvement Team was established, which
developed an action plan to correct the deficiencies identified. The plan includes provisions for
establishing:

(1) Statistical sampling procedures for verifying the inventory records;

(2) Policies for stock levels and print run sizes;

(3) A method to identify excess stock;

(4) The use of print-on-demand capabilities; and

(5) Procedures for inventory reduction and product abandonment, which should significantly
reduce the map inventory and make it more manageable.

The Improvement Team has also developed a reasonable approach for valuing the map inventory.
Based on our review of this plan and discussions with National Mapping Division officials, we
believe that timely implementation of the plan should result in an effective inventory management
system and ensure the reliability of the inventory and accounting records.