Recommended Audit-F8 Pocket Notes.pdf

Full Transcript

ACCA
Audit and assurance (AA)
Pocket Notes
Audit and assurance (AA)

The text in this material and any others
British library made available by any Kaplan Group
cataloguing-in-publication company does not amount to advice on a
data particular matter and should not be taken
as such. No reliance should be placed on
A catalogue record for this book is available the content as the basis for any investment
from the British Library. or other decision or in connection with
Published by: any advice given to third parties. Please
Kaplan Publishing UK consult your appropriate professional
Unit 2 The Business Centre adviser as necessary. Kaplan Publishing
Molly Millars Lane Limited, all other Kaplan group companies,
Wokingham the International Accounting Standards
Berkshire Board, and the IFRS Foundation expressly
RG41 2QZ disclaim all liability to any person in respect
of any losses or other claims, whether
ISBN: 978-1-78740-124-2 direct, indirect, incidental, consequential or
otherwise arising in relation to the use of
© Kaplan Financial Limited, 2018
such materials. Printed and bound in Great
Printed and bound in Great Britain. Britain.
P.2 KAPLAN PUBLISHING
 Audit and assurance (AA)

Acknowledgements
This Product includes propriety content of the
Trade Marks
International Accounting Standards Board
which is overseen by the IFRS Foundation, The IFRS Foundation logo, the IASB logo,
and is used with the express permission the IFRS for SMEs logo, the “Hexagon
of the IFRS Foundation under licence. All Device”, “IFRS Foundation”, “eIFRS”, “IAS”,
rights reserved. No part of this publication “IASB”, “IFRS for SMEs”, “NIIF” IASs”
may be reproduced, stored in a retrieval “IFRS”, “IFRSs”, “International Accounting
system, or transmitted in any form or by any Standards”, “International Financial
means, electronic, mechanical, photocopying, Reporting Standards”, “IFRIC”, “SIC” and
recording, or otherwise, without prior written “IFRS Taxonomy”.
permission of Kaplan Publishing and the IFRS
Foundation. Further details of the Trade Marks including
details of countries where the Trade Marks
are registered or applied for are available
from the Foundation on request.
The IFRS Foundation logo, the IASB logo, the
IFRS for SMEs logo, the “Hexagon Device”, This product contains material that is
“IFRS Foundation”, “eIFRS”, “IAS”, “IASB”, ©Financial Reporting Council Ltd (FRC).
“IFRS for SMEs”, “IFRS”, “IASs”, “IFRSs”, Adapted and reproduced with the kind
“International Accounting Standards” and permission of the Financial Reporting
“International Financial Reporting Standards”, Council. All rights reserved. For further
“IFRIC” and “IFRS Taxonomy” are Trade information, please visit www.frc.org.uk or
Marks of the IFRS Foundation. call +44 (0)20 7492 2300.

KAPLAN PUBLISHING P.3
Audit and assurance (AA)

Contents
Chapter 1: Introduction to assurance...............................................................................................1
Chapter 2: Rules and regulation....................................................................................................... 7
Chapter 3: Corporate governance.................................................................................................. 13
Chapter 4: Ethics and acceptance.................................................................................................19
Chapter 5: Risk...............................................................................................................................31
Chapter 6: Planning........................................................................................................................41
Chapter 7: Evidence.......................................................................................................................51
Chapter 8: Systems and controls................................................................................................... 63
Chapter 9: Internal audit................................................................................................................. 77
Chapter 10: Procedures...................................................................................................................83
Chapter 11: Completion and review.................................................................................................95
Chapter 12: Reporting....................................................................................................................105
References.................................................................................................................................... R.1
Index......................................................................................................................................I.1

This document references IFRS® Standards and IAS® Standards, which are authored by the International
Accounting Standards Board (the Board), and published in the 2017 IFRS Standards Red Book.

P.4 KAPLAN PUBLISHING
 Audit and assurance (AA)

Exam format
Number of marks
Section A: 3 x 10 mark objective test case study questions 30
Section B: 1 x 30 mark question 30
2 x 20 mark questions 40
––––––
100
––––––

Computer-based examination
3 hours and 20 minutes - 110 marks of exam content: 100 marks + 10 marks of seeded questions.
Seeded questions are included in the exam for quality assurance and security purposes.

Paper-based examination
3 hours and 15 minutes - 100 marks of exam content.
Paper exams do not have any of the time saving efficiencies which can be incorporated in a
computer exam, therefore students are allocated more time for the same 100 marks.

KAPLAN PUBLISHING P.5
Audit and assurance (AA)

Aim of the paper The keys to success in
To develop knowledge and understanding Paper F8
of the process of carrying out the assurance Answer the question
engagement and its application in the context
of the professional regulatory framework. Read the question extremely carefully,
paying attention to the verbs telling you what
to do, and to the mark allocation. You must
make (at least) one point in your answer for
every mark available.

P.6 KAPLAN PUBLISHING
 Audit and assurance (AA)

Don’t overrun your time allocation Think before you start writing
You must be absolutely strict with yourself Take time to understand what the question
with your time allocation for each question. is really asking. Certain words read in
In the exam room, write down the times isolation may lead you to misinterpret the
for each question, and force yourself to requirement.
finish your attempt within the time available.
You also need to make sure that you identify
Such discipline may not be fun, but it is the
the whole requirement. Some questions are
approach that will earn you most marks in
actually more than one requirement. For
the exam.
example:
“Identify and explain the control deficiencies
in the question and recommend solutions to
overcome them.”

KAPLAN PUBLISHING P.7
Audit and assurance (AA)

Quality and accuracy are of the utmost
importance to us so if you spot an error in
any of our products, please send an email
to [email protected] with full
details, or follow the link to the feedback
form in MyKaplan.
Our Quality Co-ordinator will work with our
technical team to verify the error and take
action to ensure it is corrected in future
editions.

P.8 KAPLAN PUBLISHING
chapter

1 Introduction to assurance
In this chapter
Assurance services.
Accountability, stewardship and agency.

1
Introduction to assurance

Assurance services
Purpose of assurance is to increase the confidence of the user in the subject matter being relied upon.

Practitioner e.g. auditor (performs an independent
examination of the subject matter against the suitable
criteria and provides a written assurance report)
3 Party Involvement Intended user e.g. shareholders (user of the subject matter)
Responsible party e.g. directors (preparer of the subject
matter)

Subject Matter The information being examined e.g. financial statements

Suitable Criteria Subject matter is judged against the criteria e.g. IFRS

Evidence Sufficient and appropriate to provide a basis for the conclusion

Written Assurance Report Expressing a conclusion or opinion

2 KAPLAN PUBLISHING KA
 Chapter 1

The Framework permits only two types of assurance engagement to be performed:

Reasonable assurance engagements Limited assurance engagement
The practitioner: The practitioner:
Gathers sufficient appropriate evidence Gathers sufficient appropriate evidence to
 Does enough work to be able to be satisfied that the subject matter is
draw reasonable, but not absolute, plausible in the circumstances
conclusions Gives a report in the form of a negative
 Concludes that the subject matter statement of conclusion (“nothing has
conforms in all material respects with come to our attention”)
identified suitable criteria
 Gives a report in the form of a positive
statement of opinion

EXAMPLES
Review of financial statements
(International Standard on Review
Engagements 2400).
EXAMPLE Risk assessment reports.
 Statutory audit. Performance measurement reports.
Systems reliability reports.
Reports on social and environmental issues
reviews of internal control.

G KAPLAN PUBLISHING 3
Introduction to assurance

Accountability, stewardship and agency

Accountability Stewardship
People in positions of power can be The responsibility to take good care of resources.
held to account for their actions Known as a ‘fiduciary relationship’
Directors are accountable to the Directors are the stewards of the company
shareholders for the decisions they Directors are required to produce financial
make in relation to the company statements giving an account of their stewardship

Agency
When one party, the principal, employs another party, the
agent, to perform a task of their behalf
Directors are the agents of the shareholders
External auditors are the agents of the shareholders

Company management are required to produce financial statements giving an account of
their stewardship of the company at regular intervals, but there was a need for some kind of
independent validation of the financial statements – the independent audit.

4 KAPLAN PUBLISHING KA
 Chapter 1

Benefits of audit Expectations Gap
Helps improve quality of information. Auditor tests everything.
Independent scrutiny. Auditor detects all fraud and error.
Reduces risk of management bias, fraud Auditor confirms the company is a going
and error. concern.
Enhances credibility of FS. Auditor prepares the FS.
Deficiencies in internal controls
highlighted.
Exam focus
Limitations of audit
FS include subjective estimates and To practise the basics use the following test
judgments. your understandings (TYUs) Study Text:
Inherent limitations of internal controls. Chapter 1, TYU 1
Representations from management not Chapter 1, TYU 2
reliable. Chapter 1, TYU 3
Evidence is persuasive not conclusive.
Do not test all transactions, only a
sample.

G KAPLAN PUBLISHING 5
Introduction to assurance

6 KAPLAN PUBLISHING KA
chapter

2 Rules and regulation
In this chapter
International and UK standard setting and regulation.
Why have an audit.
Who may or may not act as an auditor.
How are auditors appointed and removed.
Auditor’s rights and duties.

7
Rules and regulation

International and UK
standard setting and
regulation
IFAC
International Federation of
Accountants
A grouping of accountancy bodies ISAs are adopted, and modified if
(including ACCA)
necessary, by individual countries or they
No legal standing in member's can set their own standards.
countries
Any modifications reflect the legislation
relating to companies in the country
IAASB that the client is based, which may be
International Audit and Assurance different from that in other jurisdictions.
Standards Board Local law overrides ISAs.
A subsidiary of IFAC
Sets international standards on auditing
(ISAs)
In the EU all audits must be carried out
in accordance with ISAs for accounting
periods beginning on or after 1 January
2005

8 KAPLAN PUBLISHING KA
 Chapter 2

Why have an audit
Legal framework
Businesses needed
Distinction between
can be operated owners and the business. To protect owners from Regular accounts
through unscrupulous managers to be produced.
companies Businesses run by Accounts require
managers not owners To protect the world independent check –
Incorporation at large from owners an audit
Limited liability status
taking advantage of
limited liability

Therefore in most countries companies require an audit.
In many countries there is an exemption for small businesses.

G KAPLAN PUBLISHING 9
Rules and regulation

Who may or may not act
as an auditor MAY NOT ACT   
MAY ACT    
EXCLUDED BY LAW
In Britain
INDIVIDUALS An officer (Director or secretary) of the
A member of a Recognised Supervisory company
Body (RSB) e.g. ACCA
and – an employee of the company
Allowed by the rules of that body to be – a business partner or employee of the above.
an auditor
EXCLUDED BY ETHICS
or
Due to lack of objectivity or independence, for
Someone directly authorised by the state. example, due to:
FIRMS – close business relationships
Controlled by members of a suitably – personal relationships
authorised supervisory body
– long association with the client
Or
– fee dependency
A firm directly authorised by the state.
– non audit services provided.

10 KAPLAN PUBLISHING KA
 Chapter 2

How are auditors appointed
and removed REMOVAL
 imple majority at a general
S
meeting of the company.
APPOINTMENT
In most jurisdictions The law requires special notice
to be given.
The members (shareholders) of the
company. Resignation (auditors may
Directors can appoint first auditor have to submit to members a
and fill a ‘casual vacancy’, but needs statement of the circumstances
members’ approval at next AGM. surrounding their resignation).
Appointment runs from end of AGM
until the end of the next AGM.
Where no AGM – automatic annual
reappointment unless a shareholder
objects.

G KAPLAN PUBLISHING 11
Rules and regulation

Auditor’s rights and duties Exam focus
Rights To practise the basics use the following
Access at all times to all books and test your understandings (TYUs) from the
records Study Text:
 eceive information and explanations
R TYU 1
from the officers of the company TYU 2
 eceive notice of and attend company
R
meetings
Speak at such meetings
 eceive copies of any written resolutions
R
of the company
Requisition an Extraordinary General
Meeting (EGM) on resignation
Require notice of circumstances relating
to resignation to be circulated.
Duties
Report to the members on whether the
financial statements give a true and fair
view and have been properly prepared.

12 KAPLAN PUBLISHING KA
 3
chapter

Corporate governance
In this chapter
Corporate governance.
Audit committees.
Nomination committee.
Remuneration committee.
Risk management.

13
Corporate governance

Corporate governance Aligning key executive and board
remuneration
Corporate governance is about ensuring that
Monitoring and managing potential
companies are run well in the interests of
conflicts of interest of management,
their shareholders and the wider community.
board members and shareholders
Need arose due to high profile collapses of
companies. Ensuring the integrity of the corporation’s
accounting and financial reporting
Good corporate governance is particularly systems, overseeing the process of
important for publicly traded companies. disclosure and communications.
Maintaining satisfactory standards of Note the term “Board” primarily to mean
corporate governance is the responsibility of the Supervisory board in a 2 tier board
those operating a company. arrangement or the non-executive directors
The board and relevant sub committees in a unitary
board structure.
The key responsibilities of the board are:
Composition of the board
Reviewing and guiding corporate strategy
Equal numbers of executive and non-
Monitoring the effectiveness of the
executive directors.
company’s governance practices and
making changes as needed Segregation of the roles of CEO and
chairman.
Selecting, compensating, monitoring
and, when necessary, replacing key Directors subject to re-election by
executives shareholders at least every 3 years.

14 KAPLAN PUBLISHING KA
 Chapter 3

Corporate governance in action

Segregation of roles Main aspects of Internal audit
(chairman and CEO) corporate governance

Audit Committees

Risk Nomination Remuneration

G KAPLAN PUBLISHING 15
Corporate governance

Audit committees Reviewing and monitoring the external
auditor’s independence and objectivity
Composition and the effectiveness of the audit
3 non executives. process.
At least 1 with financial expertise. Developing and implementing policy on
the engagement of the external auditor
Objectives to supply non-audit services.
Public confidence in the credibility Reviewing arrangements for confidential
and objectivity of published financial reporting by employees and investigation
information. of possible improprieties – whistle
Assisting directors in meeting their blowing.
responsibilities in respect of financial
reporting. The audit committee and internal audit
Liaison with external auditors. The audit committee should:
Function Ensure internal auditor has direct access
to the board chairman and to the audit
Monitoring integrity of the financial committee
statements.
Review and assess the annual internal
Reviewing internal financial controls. audit work plan
Monitoring and reviewing internal audit Receive reports on the results of internal
function. audit work
Making recommendations re If no IA function in place, review need for
appointment, removal and remuneration one annually.
of the external auditor.
16 KAPLAN PUBLISHING KA
 Chapter 3

Nomination committee Risk management
Responsible for appointing executive All companies face risks of many kinds.
directors.
Companies must address the risk issues
Comprised majority non-executive
and:
directors.
Identify the risks faced (e.g. operational,
Appoint the best person for the job i.e.
financial, legal)
appropriate experiences, qualifications
and skills. May maintain a risk register
Assess the relative importance of each
Remuneration committee risk
Responsible for deciding on the Sometimes accept the risk as an
remuneration of executive directors. inevitable part of its operations.
Comprised non-executive directors.
Ensures no director is involved in setting
their own pay.
Should ensure the pay is linked with long
term performance of the company.
Should be enough to attract, motivate
and retain good directors but should not
be excessive.

G KAPLAN PUBLISHING 17
Corporate governance

Exam focus

Exam kit questions in this area:
Section A – Objective case questions:
Sistar
Cameron
Section B – Constructed response questions:
Saxophone Enterprises

18 KAPLAN PUBLISHING KA
4
chapter

Ethics and acceptance
In this chapter
Ethical principles.
Independence and objectivity.
Fundamental principles, threats and safeguards.
ACCA code of ethics and conduct.
Threats and safeguards.
Confidentiality.
Acceptance of engagements.
New work and the engagement letter.

19
Ethics and acceptance

Ethical principles
SOURCES
The user needs to believe that
ACCA Code of Ethics and
assurance practitioners act in Professional Conduct
accordance with a code of ethics, and
IFAC Code of Ethics
The practitioner needs a code of ethics
to make sure that he or she is worthy of
that level of trust.

Exam focus Similar
conceptual
frameworks
Learn the principles in the various Codes
of Ethics, but do not be afraid to use your
common sense in deciding whether a
proposed action is ethically acceptable for an
auditor. CONTENTS
Fundamental principles of
ethical behaviour
Potential threats to ethical
behaviour
Possible safeguards which
can be implemented to
counter the threats

20 KAPLAN PUBLISHING KA
 Chapter 4

Remember: Independence and
The Codes of Ethics provide guidance objectivity
that the auditor must follow.
Independence is freedom from any
In some cases the only viable external control or influence in making
safeguard is not to accept an assurance decisions.
engagement, or to resign from it.
Objectivity is the state of mind which has
The ACCA reserves the right to discipline regard to all considerations relevant to
members who infringe the rules through the task in hand but no other.
a process of disciplinary hearings.

G KAPLAN PUBLISHING 21
Ethics and acceptance

Fundamental principles, threats and safeguards
SAFEGUARDS
FUNDAMENTAL General
PRINCIPLES THREATS Created by the profession
Integrity Self-interest Created in the work
Objectivity Self-review environment
Professional competence Advocacy Specific
and due care Segregation of duties
Familiarity
Review
Confidentiality Intimidation Rotation
Professional behaviour Ceasing to act
Separate teams
Independent partner review

22 KAPLAN PUBLISHING KA
 Chapter 4

ACCA Code of ethics and professional standards when providing
conduct professional services.
Confidentiality: Members should
Fundamental principles respect the confidentiality of information
The code identifies five fundamental acquired as a result of professional
principles in professional conduct. and business relationships and should
not disclose any such information to
Integrity: Members should be
third parties without proper and specific
straightforward and honest in all
authority or unless there is a legal or
professional and business relationships.
professional right or duty to disclose.
Objectivity: Members should not
 rofessional behaviour: Members
P
allow bias, conflicts of interest or
should comply with relevant laws and
undue influence of others to override
regulations and should avoid any action
professional or business judgements.
that discredits the profession.
Professional competence and due
care: Members have a continuing duty
to maintain professional knowledge
and skill to ensure that clients receive
competent professional service
based on current developments in
practice, legislation and techniques.
Members should act diligently and in
accordance with applicable technical and

G KAPLAN PUBLISHING 23
Ethics and acceptance

Threats and safeguards
Members are required to apply the conceptual framework to identify threats to compliance with
the fundamental principles, to evaluate their significance and, if such threats are other than clearly
insignificant, to apply safeguards to eliminate them or reduce them to an acceptable level such that
compliance with the fundamental principles is not compromised.

Eliminate
the threat
e.g. decline
Either enagement

Apply safeguards
Identify threats Assess threats
if necessary

Or Reduce the
threat to an
acceptable level
e.g. second
partner reviews

24 KAPLAN PUBLISHING KA
 Chapter 4

Example Threat Possible safeguard
Auditor owns shares in the client (Self-interest ) Sell the shares as soon as possible.
Auditor is unduly dependent on client for fees Fees from listed clients should not exceed 15% of the total
(Self-interest ) practice income for 2 consecutive years.
Significant outstanding fees due from the client Don’t commence audit work until outstanding fees are paid.
(Self-interest )
Client requests contingent fee (Self-interest) Refuse. Contingent fees are not acceptable for assurance
engagements.
Gifts or hospitality from the client (Self-interest Do not accept unless clearly trivial. Audit partner must
and familiarity) authorise acceptance.
Audit partner has been in post for many years Partner rotation after 7 years for listed clients. May be
(Familiarity) extended for 1 year if audit committee approves.
Ex-auditor now works for audit client (Familiarity) If ex-auditor was the audit partner, firm should not audit client
for 2 years.
If ex-auditor was team member, review composition of audit
team.
Close relationships between auditor and client Remove that person from the audit team.
staff (Familiarity)
Auditor provides other services (Self-review) Separate teams for each service provided.
Don’t provide other services to audit clients where significant
reliance will be placed on the non-audit work.
Auditor is ex employee of the client (Self-review) Don’t assign that person to the audit team.
Client asks auditor to represent them in court Decline. No sufficient safeguard exists.
(Advocacy)

G KAPLAN PUBLISHING 25
Ethics and acceptance

Confidentiality The firm must notify all affected clients of the
conflict and obtain their consent to act. The
Information confidential to a client or following additional safeguards should be
employer acquired in the course of considered:
professional work should not be disclosed to
a third party, except where: Advise the clients to seek independent
advice
Consent has been obtained from the
client or employer, or Separate engagement teams (with
different engagement partners and team
There is a public duty to disclose, or members)
There is a legal or professional right or Procedures to prevent access to
duty to disclose. information, e.g. physical separation
Conflicts of Interest: of the team members and confidential/
secure data filing
Where conflicts of interest exist, the firm’s
work should be arranged to avoid the Signed confidentiality agreements
interests of one being adversely affected by Regular review of the application of
those of another and to prevent a breach of safeguards by an independent person of
confidentiality. appropriate seniority.
If adequate safeguards cannot be
implemented, the firm must decline, or resign
from one or more conflicting engagements.

26 KAPLAN PUBLISHING KA
 Chapter 4

Acceptance of engagements

Independence &
Professional clearance Management integrity
objectivity

Preconditions for an Money laundering
audit (client due diligence)
Issues to consider
prior to accepting an
engagement

Reputation of the client Resources

Professional
Fees Risks
competence

G KAPLAN PUBLISHING 27
Ethics and acceptance

New work and the engagement letter

Obtain work by:

Recommendation Tender
Has risks.
Needs thorough
research and The engagement letter
preparation. includes
Responsibilities
Objective and scope of audit
Reference to legislation and
standards
Reference to inherent
If offered assignment limitations of the audit
What communications will
Communicate with outgoing auditors.
take place
Assess independence.
Specific planning issues, e.g.:
Assess commercial desirability of
–– use of internal audit
assignment.
–– deadlines
Engagement letter.
–– use of experts etc
Basis for fees

28 KAPLAN PUBLISHING KA
 Chapter 4

A new letter may be sent every year to
Exam focus
emphasise its importance to clients.
A new letter must be sent if there have Exam kit questions in this area:
been changes, such as changes to: Section A – Objective case questions:
–– Statutory duties Bark & Co
–– Professional duties Miranda & Co
–– Other services. Tigger & Co
Preconditions for an audit Section B – Constructed response questions:
Acceptable financial reporting framework Cinnamon
in place.
Orange Financials
Management understands its
responsibility for the financial LV Fones
statements.
Management understands its
responsibility for internal controls.
Management will provide the auditor with
access to all information required for the
audit.

G KAPLAN PUBLISHING 29
Ethics and acceptance

30 KAPLAN PUBLISHING KA
5
chapter

Risk
In this chapter
Audit risk.
Materiality.
Significance of the risk approach.
Understanding the entity and its environment.
Risk assessment procedures.
Analytical procedures.

31
Risk

Audit risk
Audit risk (AR)

Definition
The risk of issuing an inappropriate audit opinion.

Inherent risk (IR) Control risk (CR) Detection risk (DR)

The susceptibility of a balance The risk that the client’s The risk that the auditor fails to
to misstatement before controls fail to prevent and detect material misstatement.
consideration of controls. detect misstatement.

Example Example Example
Higher risk: Higher risk: Higher risk:
Old or ineffective accounting
A client in a volatile industry. software. Using inappropriate
Rapidly changing procedures.
Lack of segregation of
technology. accounting duties; Misinterpreting results.
Complex accounting Lack of authorisation
treatment. procedures.

32 KAPLAN PUBLISHING
 Chapter 5

Materiality

Significance
Financial statements which are materially
misstated will not give a true and fair view.
Auditors must test all material balances

Materiality Performance materiality
Information is material An amount set at less than
if its omission or MATERIALITY materiality for the financial
misstatement could, statements as a whole,
either individually to reduce the risk that
or in aggregate, the aggregate of smaller
influence the misstatements in individual
economic decisions Determining materiality account balances or classes
of users taken on the of transactions could exceed
basis of the financial Size materiality for the financial
statements. Nature statements as a whole.

KAPLAN PUBLISHING 33
Risk

Assessing materiality is a matter of Misstatement: A difference between a
professional judgement and is not a reported financial statement item and the
mechanical exercise. amount, classification, presentation, or
Each company must be considered with disclosure that is required for the item to be
reference to its unique circumstances in accordance with the applicable financial
and the informational needs of the users reporting framework. Misstatements can
of the financial statements. arise from error or fraud.
Common measures for initial assessment
of materiality:
–– ½ – 1% of revenue
–– 5 – 10% of profit before tax
–– 1 – 2% of assets
Materiality should be reassessed
during the audit in response to further
information or risk arising.

34 KAPLAN PUBLISHING
 Chapter 5

Definition Significance of the risk
approach
Sampling risk arises from the possibility that Inherent risk and control risk cannot be
the auditor’s conclusion, based on a sample directly influenced by the auditor.
may be different from the conclusion reached
if the entire population were subjected to the The auditor can, however, manipulate
same audit procedure. detection risk. If they assess that
inherent and control risk are high (i.e.
ISA 530 increased risk of material misstatement)
they can lower detection risk through the
Non-sampling risk is the risk the auditor
following means:
reaches an inappropriate opinion despite a
representative sample being chosen. –– Increasing substantive testing;
–– Increasing sample sizes;
–– Using more experienced staff;
–– Increasing levels of supervision;
–– Increasing review procedures.
By performing a more thorough audit
there is less risk that the auditor fails to
detect material misstatement.

KAPLAN PUBLISHING 35
Risk

Understanding the entity and The measurement and review of the
its environment entity’s financial performance.
The internal controls relevant to the
Auditors are required to obtain an audit.
understanding of their client, including their
internal controls. This is often referred to as (ISA 315 Identifying and Assessing the Risks
Knowledge of the Business, or “KOB.” This of Material Misstatement.)
generally includes.
The purpose of acquiring this knowledge
Relevant industry, regulatory and other is to identify the risks that the business is
external factors; exposed to and, ultimately, how could these
The nature of the entity, including: lead to a risk of material misstatement in the
–– its operations; financial statements.

–– its ownership and governance
structures;
–– the types of investment it makes; and
–– the way it is structured and financed.
The entity’s selection and application of
accounting policies.
The entity’s objectives, strategies and
related business risks.

36 KAPLAN PUBLISHING
 Chapter 5

Risk assessment procedures Involve calculating ratios, computing
trends, proving figures in total, and
ISA 315 requires auditors to perform the making comparisons.
following procedures to understand the entity
May disclose anomalies; these must be
and its environment.
investigated.
Enquiries with management and others
Used to corroborate answers to
within the entity.
enquiries.
Analytical procedures.
Involves comparisons – an individual
Observation (e.g. of control procedures) ratio, for example, is meaningless unless
and inspection (e.g. of key strategic compared to (e.g.) previous years,
documents and procedural manuals). another similar company, actual v budget
etc.
Analytical procedures
When making comparisons make sure
The basics calculations use comparable numbers
Compulsory for planning and risk (e.g. numbers with similar components
assessment (ISA 315). from one year to the next).

Can be an efficient and effective source
of substantive evidence.
Compulsory in the final review to make
sure the numbers make sense (ISA 520).

KAPLAN PUBLISHING 37
Risk

The main ratios
Area Ratio Calculation
Profitability Gross profit % (Gross profit x 100) / Sales
Net profit % (Profit before tax x 100) / Sales
Efficiency Receivables days (Receivables x 365) / Sales
Inventory turn (Inventory x 365) / Cost of sales or Cost of Sales /
Inventory
Payables days (Payables x 365) / Purchases
Liquidity Current ratio Current assets / Current liabilities
Quick ratio Current assets – Inventory / Current liabilities
Gearing Share capital + Reserves : Borrowings
Return ROCE (Return On (Profit before interest and tax) / Share capital + Reserves
Capital Employed) + Borrowings

38 KAPLAN PUBLISHING
 Chapter 5

Sycamore
Exam focus
Recorder Communications
For a question on audit risk you must ensure
Kangaroo Construction
that your answer is based on the scenario
facts and not just provide a standard answer. Sunflower Stores
Abrahams
You must give audit risks, not business risks.
Redsmith
Audit risk will either be risk of material
misstatement or detection risks.
Exam kit questions in this area:
Section A – Objective case questions:
Flute
Epica
Section B – Constructed response questions:
Prancer Construction
Hurling
Sitia Sparkle
Aquamarine
Venus

KAPLAN PUBLISHING 39
Risk

40 KAPLAN PUBLISHING
chapter

6 Planning
In this chapter
Planning process.
Audit strategy and the plan.
Impact of fraud.
Fraud risk assessment procedures.
Laws and regulations.
Quality control.
Documentation.
Benefits of documentation.
Working papers.

41
Planning

Meet AUDIT Use their
deadlines PLANNING time
properly

Set Identify
timetable problem The right
areas people

Build in Knowledge
review process Assess and of the business
address risk Analytical review

Assess Efficiency
materiality and
effectiveness

How much Design Potential
evidence needs appropriate impact of
to be gathered procedures fraud

42 KAPLAN PUBLISHING KA
 Chapter 6

Planning process
Adequate planning helps to ensure that:
 ttention is paid to the important areas
A
of the audit
 otential problems are identified and
P
resolved on a timely basis
 he audit engagement is organised and
T
managed in order to be performed in an
efficient and effective manner
 ork is properly assigned to the
W
individual team members
Reduces risk of giving the wrong opinion.

G KAPLAN PUBLISHING 43
Planning

Audit strategy and the plan
Planning involves establishing the overall audit strategy for the engagement and developing an
audit plan.

Scope:
Establish – engagement characteristics;
overall audit – reporting objectives;
strategy – significant engagement factors;
– preliminary activity results; and
– the resources needed.
Timing of when to deploy resources;
Management, direction and supervision of resources (including meetings, debriefs,
reviews etc)

Develop an
audit Nature, timing and extent of risk assessment procedures.
plan Nature, timing and extent of further audit procedures, including:
– what audit procedures;
– who should do them;
Start to carry – how much should be done; and
out audit – when the work should be done.
procedures Other necessary procedures.

The audit strategy and audit plan should be updated and revised as necessary during the course of
the audit.
44 KAPLAN PUBLISHING KA
 Chapter 6

Interim v Final audits The interim audit Auditors should “maintain an attitude of
will normally focus on documenting professional scepticism throughout the
systems, evaluating controls, some tests audit” – this is especially true re fraud
of details. The final audit focuses on where there is intent to deceive (as
statement of financial position areas, opposed to cases of honest error).
finalisation of the financial statements
and the audit report. RISK OF
FRAUD HIGH
Impact of fraud
ISA 240 identifies 2 types of
misstatements deriving from fraud relevant Maybe Reduce
to the auditor – fraudulent financial reduce reliance reliance on
reporting and misappropriation of assets. on management internally
It is the responsibility of management representations. generated
evidence.
to prevent and detect fraud, not the
auditors’ job.
The auditor is concerned with fraud Increase Reduce the
because fraud may lead to a material focus on materiality.
misstatement in the financial statements. externally
generated
If the auditor assesses that the risk evidence.
of fraud is high, there is an increased Increase
probability of misstatement. level of testing.

G KAPLAN PUBLISHING 45
Planning

Definition Laws and regulations
Obtain an understanding of the legal
Professional scepticism – An attitude that
and regulatory framework governing the
includes a questioning mind and a critical
client.
assessment of evidence.
Perform procedures to identify instances
of non-compliance which may affect the
Fraud risk assessment FS, e.g. unrecorded fines and provisions.
procedures Obtain written representation from
Engagement teams should discuss the management that they have informed
risk of fraud. the auditor of all instances of non
Consider the results of controls tests and compliance.
analytical procedures. If non-compliance is identified, report to
Enquire of client how they assess, and management and those charged with
respond to, fraud risk. governance.
Enquire if client is aware of actual or Consider whether non-compliance
suspected fraud. was deliberate and casts doubt over
management integrity.
Consider incentives to commit fraud e.g.
performance related bonuses.

46 KAPLAN PUBLISHING KA
 Chapter 6

Quality Control (ISA 220) Documentation
ISA 220 Quality Control for an Audit of Definition
Financial Statements
Documentation means the material (working
The firm should have a system of quality papers) prepared by, or for, or obtained and
control to ensure: retained by, the auditor in connection with
Compliance with professional standards, the performance of the audit. Such material
and may be in the form of paper or electronic
Reports issued are appropriate in the media.
circumstances. The working papers must be sufficiently
complete and detailed to provide an
The engagement partner takes overall overall understanding of the audit.
responsibility for the overall quality of the
In particular, the working papers should
engagement including the direction, supervision
record the auditor’s reasoning on all
and performance of the engagement.
significant matters which require the
An engagement quality control reviewer must exercise of judgement, and the auditor’s
be assigned for listed entities and high risk conclusions thereon.
engagements focusing on significant matters Working papers are usually split into two
and areas involving significant judgment. separate files:
The firm’s quality control processes must –– p
 ermanent file – matters of
be monitored to ensure they are relevant, continuing interest eg loan
adequate and operating effectively. agreements, title deeds, systems
documentation
G KAPLAN PUBLISHING 47
Planning

–– c urrent file – matters of this year’s Working papers
interest eg bank letter, results of
Required:
audit tests.
–– as evidence of work done
Benefits of documentation –– a
 s part of quality control, there is
Provides evidence of the auditors basis work to review.
of conclusion. They are the property of the auditor.
Provides evidence the audit was planned Must be kept secure (implications for
and performed in accordance with ISAs. safe custody of paperwork and also
Assists with direction, supervision and for work kept on computers and other
review of work. electronic storage media).

Enables the engagement team to be Audit documentation should be retained
accountable for its work. for 5 years from completion of the audit
(ISA 230).
Retains a record of matters of continuing
significance for future audits. The basics
Enable quality control to take place.
If it’s not recorded it didn’t take place (no
evidence of the audit activity).
If it cannot be understood, it might as
well not have happened (working papers
must be clear).

48 KAPLAN PUBLISHING
 Chapter 6

Exam focus
Exam kit questions in this area:
Section A – Objective case questions:
Veryan
Autumn
Section B – Constructed response questions:
Specs4You
To practise the basics use the following test
your understandings (TYUs) Study Text:
Chapter 6:
TYU 1
TYU 2
TYU 3
TYU 4

KAPLAN PUBLISHING 49
Planning

50 KAPLAN PUBLISHING KA
7
chapter

Evidence
In this chapter
Type of audit evidence.
Audit procedures.
Assertions.
Computer assisted audit techniques.
Sampling.
Relying on the work of others.

51
Evidence

Type of audit evidence Less reliable More reliable
The auditor should obtain sufficient Obtained from Obtained from
appropriate audit evidence to be able to draw inside the entity independent sources
outside the entity
reasonable conclusions on which to base the
audit opinion (ISA 500). Obtained Obtained directly by
indirectly or by the auditor
inference
Audit evidence Oral Exists in
representation documentary form
Photocopy of a Original document
document

Sufficient Appropriate
Substantive procedures: procedures
designed to detect material misstatement at
Quantity Quality an assertion level. Can be tests of detail or
analytical procedures.
Tests of controls: procedures to test the
Affected by: operating effectiveness of the internal control
Reliable system at preventing, detecting or correcting
Risk
Relevant to the material misstatements at an assertion level.
Materiality
FS assertions
Reliability

52 KAPLAN PUBLISHING KA
 Chapter 7

Audit procedures

Inspection of records or May give direct evidence of the existence of an asset, ownership,
documents that a control is operating, about cut-off.
Inspection of tangible Conclusive evidence of existence, may give evidence of valuation.
assets
Observation Involves looking at a process or procedure: may provide evidence
that a control is being operated.
Enquiry Enquiry is a major source of audit evidence but the results of
enquiries usually need to be corroborated.
Confirmation Usually consist of obtaining confirmation regarding balances or
representations made by management directly from an external
third party.
Recalculation Checking the arithmetical accuracy of the client’s calculations.
Reperformance Includes re-performing management or accounting procedures,
such as year-end reconciliations.
Analytical procedures Comparisons of sets of data to identify unusual relationships or
variances that could indicate fraud or error. Results of analytical
reviews need to be corroborated by other forms of test.

G KAPLAN PUBLISHING 53
Evidence

Assertions
Management is responsible for the preparation of financial statements which give
a true and fair view.
For each item in the financial statements, management are making assertions.

TRANSACTION ACCOUNT
& EVENTS BALANCES

1 EXISTENCE
1 OCCURRENCE 2 RIGHTS & OBLIGATIONS
2 COMPLETENESS 3 COMPLETENESS
3 ACCURACY 4 ACCURACY, VALUATION
4 CUT-OFF AND ALLOCATION
5 CLASSIFICATION 5 CLASSIFICATION
6 PRESENTATION 6 PRESENTATION

54 KAPLAN PUBLISHING KA
 Chapter 7

Analytical procedures as substantive
procedures
The suitability of this approach depends
on:
–– the assertions being tested (maybe
good for valuation, bad for existence)
–– the reliability of the data (unsuitable
if controls are weak as numbers
could be wrong)
–– the degree of precision possible
(more suited to regular transactions
than one off items)
–– the amount of variation which is
acceptable (some numbers in
financials require greater accuracy
than others).

G KAPLAN PUBLISHING 55
Evidence

Computer assisted audit Considerations affecting use
techniques Computer knowledge of the audit team.
Cost/benefit analysis.
Test data Audit software
Time available (CAATs take a long time
to set up).

Test data is Software
data generated by specially designed
the auditor which for audit purposes.
is then processed
using the client’s
computer systems.

It is used for:
Put dummy Selecting samples.
data through the Checking
system and make computations and
sure the controls calculations by
within operate as reperformance.
they should. Comparing two or
Valid data should be more different files.
accepted Performing detailed
Invalid data should analytical review.
be rejected.

56 KAPLAN PUBLISHING KA
 Chapter 7

Sampling all transactions in a particular area are of
great monetary significance
Audit sampling involves the application
population is non-homogeneous.
of audit procedures to less than 100% of
the items within a class of transactions Designing the sample
or account balance such that each has a
chance of selection. The auditor must choose between statistical
and non-statistical sampling. Statistical
Audit sampling is usually preferable to sampling involves random selection of a
testing all items, because: sample and then the use of probability
it would be prohibitively expensive and theory to evaluate the sample results. Any
time-consuming to test every single item other sampling approach is non-statistical
sampling.
users of the financial statements are
looking for reasonable assurance, not Selecting the sample
100% accuracy Statistical sampling requires random
full substantive testing of the accounting selection, e.g. using random number
records will not verify that all transactions tables or a computer program to
are recorded (i.e. it does not prove generate random numbers.
completeness). Non-statistical sampling requires the
However audit sampling is not appropriate if: auditor to use judgement to select the
sample items to be representative of the
population is small
population.

G KAPLAN PUBLISHING 57
Evidence

Evaluating the sample results The auditor is still responsible for
The auditor carries out audit procedures obtaining sufficient and appropriate audit
on each item selected and documents the evidence.
results. Errors identified in the sample are Experts must be independent, objective,
then projected across the population as a competent and experienced.
whole. Unmodified audit reports do not refer to
the use of experts.
Sampling Methods:
Random Before work is performed by expert.
Haphazard Agree nature, scope and objectives.
Agree roles and responsibilities.
Monetary Unit Sampling
Agree nature, timing and extent of
Systematic
communication.
Block
Agree the need for the expert to
Relying on the work of observer confidentiality.
others Evaluating the work of an expert
Use of auditor’s experts (ISA 620) Relevance and reasonableness of
Auditors cannot delegate responsibility findings.
to experts. Relevance and reasonableness of
Examples include: surveyors, valuers, assumptions.
expert inventory counters, actuaries etc. Relevance, completeness and accuracy
of source data.
58 KAPLAN PUBLISHING KA
 Chapter 7

Using the work of internal audit (ISA 610) Using internal audit to provide direct
assistance
The external auditor may wish to rely on
the work of internal audit in order to reduce Internal audit function can provide direct
the amount of detailed testing that they (the assistance to the external auditor under
external auditor) must perform. their supervision and review.
Cannot be provided where laws and
Before any reliance is made, assess the
regulations prohibit such assistance.
internal audit function in terms of:
The competence and objectivity of the
Organisational status
internal auditor must be considered.
Scope of function
Must not do work which involves
Technical competence significant judgement, a high risk of
Due professional care. material misstatement or with which the
internal auditor has been involved.
When the external auditor intends to use
Planned work must be communicated
specific work of internal audit, they should
with those charged with governance.
perform audit procedures on that work to
confirm its adequacy for auditing purposes. Cannot make excessive use of internal
auditor.
Sufficient appropriate evidence obtained
Management must not intervene in that
Conclusion are valid
work.
Work has been properly supervised and
Internal auditors must keep the external
reviewed
auditor’s information confidential.

G KAPLAN PUBLISHING 59
Evidence

External auditor will provide direction, If controls are expected to operate
supervision and review of the internal effectively:
auditor's work. –– Obtain a Type 2 report
External auditor should remain alert to –– P
 erform tests of controls at the
the risk that the internal auditor is not service organisation
objective or competent.
–– U
 se another auditor to perform tests
Service organisations of controls.
ISA 402 Audit Considerations Relating to an Reporting
Entity Using a Service Organisation –– M
 odify the auditor’s report if
Obtain an understanding of the service sufficient appropriate evidence has
organisation (nature of services not been obtained.
provided and relationship with the client, –– T
 he use of the service organisation
materiality of transactions) to assess the or their auditor is not mentioned in
risk of material misstatement. This can the report.
be obtained through:
–– Inquiries with client
–– C
 onfirmations from the service
organisation and their auditors
–– Visits to the service organisation
–– T
 ype 1 or Type 2 report from service
organisation auditors.

60 KAPLAN PUBLISHING KA
 Chapter 7

Exam focus

Exam kit questions in this area:
Section A – Objective case questions:
Hemsworth
Delphic
Section B – Constructed response questions:
Lily Window Glass

G KAPLAN PUBLISHING 61
Evidence

62 KAPLAN PUBLISHING KA
chapter

8 Systems and controls
In this chapter
Internal control systems.
The auditor and controls.
Sales cycle.
Purchase cycle.
Payroll system.
Cash system.
Inventory.
Communications on internal controls.

63
Systems and controls

Internal control systems
Definition

Internal control is the process designed and effected by the directors and others to enable the
achievement of the entity’s objectives with regard to reliability of financial reporting, effectiveness
and efficiency of operations, and compliance with applicable laws and regulations.

More reliable The auditor The more effective
systems of must: and reliable the
control mean Understand the system the lower the
lower risk system. audit risk and the
of material Understand the greater the reliance
misstatement. controls within the auditor can seek
Reliable systems the system. to place upon the
contain stronger Test whether the system.
controls. controls work.

More reliable system = Lower audit risk = Less substantive testing

64 KAPLAN PUBLISHING
 Chapter 8

Internal control consists of the following 5 4 Control activities (APIPS)
components (ISA 315): Authorisation
1 Control environment Performance reviews
This includes the attitude and Information processing
philosophy of management with Physical controls
regard to control e.g. a commitment Segregation of duties
to integrity and ethical values, a
5 Monitoring of controls
formal organisation structure and
proper training of staff. Management must monitor controls
to be sure that they are operating
2 Entity’s risk assessment process and are effective.
A more robust risk assessment
The 5 components can be remembered with
process will reduce the risk of
the mnemonic CRIME (control activities, risk
misstatement.
assessment process, information system
Information system relevant to
3