CA Sri Lanka Curriculum 2020 Study Text PDF

Summary

This study text discusses the CA Sri Lanka Curriculum of 2020 and covers topics relevant to advanced audit and assurance and professional accounting.

Full Transcript

STUDY TEXT

CA SRI LANKA CURRICULUM 2020

Volume I
 First edition 2020

ISBN 9781 5097 3124 4

British Library Cataloguing-in-Publication Data
A catalogue record for this book is available from the
British Library

Published by

BPP Learning Media Ltd
BPP House, Aldine Place
142-144 Uxbridge Road
London W12 8AA

www.bpp.com/learningmedia

The copyright in this publication is owned by
BPP Learning Media Ltd.

All rights reserved. No part of this publication may be
reproduced, stored in a retrieval system or transmitted in
any form or by any means, electronic, mechanical,
photocopying, recording or otherwise, without the prior
written permission of the copyright holder.

The contents of this book are intended as a guide and not
professional advice and every effort has been made to
ensure that the contents of this book are correct at the time
of going to press by CA Sri Lanka, BPP Learning Media, the
Editor and the Author.

Every effort has been made to contact the copyright holders
of any material reproduced within this publication. If any
have been inadvertently overlooked, CA Sri Lanka and BPP
Learning Media will be pleased to make the appropriate
credits in any subsequent reprints or editions.

We are grateful to CA Sri Lanka for permission to reproduce
the Learning Outcomes and past examination questions, the
copyright of which is owned by CA Sri Lanka, and to the
Association of Chartered Certified Accountants and
Chartered Institute of Management Accountants for use of
past examination questions in which they hold the
copyright.

©
BPP Learning Media
Ltd 2020

ii
Contents

Page
Introduction iv
Chapter features vi
Learning outcomes vii
Action verbs checklist xvi

CL1 Advanced Audit and Assurance
Part A Governance Internal Control Frameworks
1 Introduction to External Audit 3
2 Introduction to Internal Control 25
3 Internal Controls Over Specific Business Areas 69

Part B Audit Planning and Risk Assessment
4 Agreeing Terms and Risk Assessment 117
5 Audit Planning 165
6 The Auditor's Responsibilities in Relation to Fraud, Laws and Regulations 195

Part C Gathering Audit Evidence
7 Audit Evidence 233
8 Auditing Non-current Assets 259
9 Auditing Inventory 281
10 Audit of Revenue and Receivables 307
11 Auditing Cash and Bank Balances 329
12 Liabilities, Capital and Expenses 345
13 Sampling and Audit Procedures 381
14 Audit Review and Finalisation 397

Contents iii
 Introduction

CL1 Advanced Audit and Assurance
At the Corporate Level knowledge on documenting and evaluating an organisation's internal control
system is further looked at. The concept of assurance introduced at the first level is also explored in
detail with a deep emphasis on auditing. A discussion on ethical issues is done in a broader manner
incorporating regulatory aspects as well.

Syllabus structure
Main syllabus areas Weightings
A. Governance and internal control frameworks 10%
B. Audit planning and risk assessment 15%
C. Gathering audit evidence 20%
D. Auditing in a digital environment 10%
E. Evaluating evidence and audit reporting 15%
F. Assurance and related services 10%
G. Audit quality and ethics 15%
H. Professional practice of internal audit 5%

One of the key elements in examination success is practice. It is important that not only you fully
understand the topics by reading carefully the information contained in this Study Text, but it is also
vital that you practise the techniques and apply the principles that you have learned.
In order to do this, you should:
 Work through all the examples provided within the chapters and review the solutions, ensuring
that you understand them;
 Complete the progress test for each chapter.
In addition, you should use the Practice and Revision Kit. These questions will provide you with
excellent examination practice when you are in the revision phase of your studies.

iv Corporate Level Advanced Audit and Assurance
Pillar structure
The Chartered Accountant of Sri Lanka Curriculum 2020 is structured around four progressively
ascending levels of competency, namely, Business I, Business II, Corporate and Strategic Levels
The Corporate Level builds technical abilities whilst enhancing interpersonal and communication skills
and problem resolution skills as required of a Certified Senior Business Accountant.
The Curriculum is also subdivided into specific subject areas or knowledge pillars and learning
material is delivered to meet the knowledge requirements. These Knowledge Pillars focus on
imparting the technical knowledge required of a competent CA and comprise of five pillars that focus
on the following subject areas:
Knowledge Pillar 1: Audit, Assurance and Ethics (AA&E)
Knowledge Pillar 2: Financial Accounting and Reporting (FA&R)
Knowledge Pillar 3: Performance Measurement and Risk (PM&R)
Knowledge Pillar 4: Taxation and Law (T&L)
Knowledge Pillar 5: Business Management and Strategy (BM&S)

Pillar structure v
 Chapter features

Each chapter contains a number of helpful features to guide you through each topic.

Topic list This tells you what you will be studying in the chapter. The topic items form
the numbered headings within the chapter.

Chapter The introduction puts the chapter topic into perspective and explains why it is
introduction important, both within your studies and within your practical working life.

Learning The learning outcomes issued for the module by CA Sri Lanka are listed at the
outcomes beginning of the chapter, with reference to the chapter section within which
coverage will be found.

Key terms These are definitions of important concepts that you really need to know and
understand before the exam.

Examples These are illustrations of particular techniques or concepts with a worked
solution or explanation provided immediately afterwards.

Case study Often based on real world scenarios and contemporary issues, these examples
or illustrations are designed to enrich your understanding of a topic and add
practical emphasis.

Questions These are questions that enable you to practise a technique or test your
understanding. You will find the answer underneath the question.

Formula to These are the formula that you are required to learn for the exam.
learn

Section This summarises the key points to remember from each section.
introduction

Chapter This provides a recap of the key areas covered in the chapter.
roundup

Progress test Progress tests at the end of each chapter are designed to test your memory.

Bold text Throughout the Study Text you will see that some of the text is in bold type.
This is to add emphasis and to help you to grasp the key elements within a
sentence or paragraph.

vi Corporate Level Advanced Audit and Assurance
 Learning outcomes

CA Sri Lanka's Learning outcomes for the module are set out on the following pages. They are cross-referenced to the chapter in the Study Text where they
are covered.
A. Governance Internal Control Frameworks
(Syllabus Weighting: 10%)
Knowledge Learning Outcome Specific Knowledge Chapter
Component
1.1 Corporate 1.1.1 Discuss the need for an audit of financial statements using Ability to connect stewardship,
governance and agency theory. accountability and agency conflict with a 1
audit need to conduct an independent audit
1.2 Internal control 1.2.1 Evaluate components of an integrated internal control system. COSO-2014 Internal controls five
2, 3
framework components and 17 principles
1.2.2 Analyse design, implementation and operating effectiveness of SLAuS 315
2
identified controls.
1.2.3 Outline deficiencies in control activities to be communicated SLAuS 265
2
to those charged with governance.
1.3 IT risk and controls 1.3.1 Demonstrate the importance of IT general controls and IT general controls and application controls
2
application controls in an audit of financial statements.
Learning outcomes
vii
 viii
Corporate Level Advanced Audit and Assurance

B. Audit Planning and Risk Assessment
(Syllabus Weighting: 15%)
Knowledge Learning Outcome Specific Knowledge Chapter
Component
2.1 Terms of 2.1.1 Explain precondition required to perform an audit of financial SLAuS 210 4
engagement statements.
2.2 Overall audit 2.2.1 Demonstrate the importance of overall audit strategy as part Including non-complex group and SME 5
strategy of audit planning. audit scenarios covering the requirements
2.3 Risk of material 2.3.1 Assess risk of material misstatements including risk of frauds of SLAuS 300, 315, 240 and 600 4, 5
misstatement to be focused during the audit using risk assessment
procedures.
2.4 Materiality 2.4.1 Apply the concept of materiality in planning and performing 4
the audit.
2.5 Responding to risk 2.5.1 Outline suitable overall response and further audit procedures Including non-complex group and SME 5
of material for identified risk at financial statement level and assertion audit scenarios covering the requirements
misstatements level. of SLAuS 330
 B. Audit Planning and Risk Assessment
(Syllabus Weighting: 15%)
Knowledge Learning Outcome Specific Knowledge Chapter
Component
2.6 Complex issues 2.6.1 Apply risk assessment procedures to identify risks relating to Requirements of SLAuS 540, 550 and 570 14
related party transactions , going concern and accounting in relation to risk assessment
estimates including fair value and measurement.
2.7 Using the work of 2.7.1 Demonstrate the use of experts (both management and Requirements under SLAuS 610,SLAuS 620 6
others auditors experts), internal auditors and service organisation & SLAuS 402
auditors in an audit of financial statements.
2.8 Laws and 2.8.1 Explain auditors requirements consider compliance with laws Understanding the legal and regulatory 6
regulations and regulations during an audit of financial statement. framework, procedures when
non-compliance is identified or suspected
and reporting of identified or suspected
non-compliance
Learning outcomes
ix
 x
Corporate Level Advanced Audit and Assurance

C. Gathering Audit Evidence
(Syllabus Weighting: 20%)
Knowledge Learning Outcome Specific Knowledge Chapter
Component
3.1 Test of details 3.1.1 Outline audit procedures to address assertion level risk for This should cover audit evidence over key 7, 8, 9, 10, 11, 12
non-complex key account balances and classes of transactions. account balances and classes of
transactions
3.1.2 Apply specific considerations in obtaining sufficient SLAuS 501 9, 12
appropriate audit evidence with respect to inventory,
litigation and claims involving the entity, and segment
information.
3.2 External 3.2.1 Apply procedures to design and perform external SLAuS 505 10, 11
confirmation confirmation to obtain relevant and reliable audit evidence.
3.3 Opening balances 3.3.1 Discuss the requirements to be considered by an auditor in an SLAuS 510 and 710 13
and corresponding initial engagement and in relation to corresponding figures.
figures
3.4 Selecting items for 3.4.1 Apply different methods of selecting items for audit testing SLAuS 530 13
testing and the use including audit sampling.
of audit sampling
3.5 Analytical 3.5.1 Apply analytical procedures as substantive procedures and in Recognise the importance of analytical 7, 15
procedures the overall review of financial statements. software which has the ability to analyse
100% data to identify outliers
3.6 Complex account 3.6.1 Design audit procedures to address complex items including SLAuS 540, 550, 570 14
balances accounting estimates, fair valuation, related party transactions
and going concern.
3.7 Subsequent events 3.7.1 Outline procedures required to deal with events occurring SLAuS 560 14
between the date of the financial statements and the date of
the auditor's report and facts that become known to the
auditor after the date of the auditor's report.
 D. Auditing in a Digital Environment
(Syllabus Weighting: 10%)
Knowledge Learning Outcome Specific Knowledge Chapter
Component
4.1 Digital business 4.1.1 Recognise trends in a digital business environments including Artificial intelligence (AI), robotic process 15
environment Artificial Intelligence (AI), Robotic Process Automation (RPA), automation (RPA), blockchain, digital
Block chain, digital currencies and their impacts on internal currencies
controls and audit.
4.1.2 Recognise the use of big data and analytics as business Big data and analytics 15
intelligence tools and potential risk associated with big data.
4.2 Audit automation 4.2.1 Demonstrates the use of cloud based audit working papers, Audit automation 15
audit automation tools and their limitations.
4.3 Data analytics 4.3.1 Discuss the use of data analytics software including CAATs in Data analytics 15
planning and gathering audit evidence.
4.4 Cyber security 4.4.1 Outline controls required to mitigate cyber security risk. Cyber security risk 15

E. Evaluating Audit Evidence and Audit Reporting
(Syllabus Weighting: 15%)
Knowledge Learning Outcome Specific Knowledge Chapter
Component
5.1 Audit report 5.1.1 Evaluate the effects of material misstatements on audit the SLAuS 450 16
audit opinion.
Learning outcomes

5.1.2 Evaluate the effect of misstatements in opening balances and SLAuS 510 and SLAuS 710 13
corresponding figures on current year audit opinion.
xi
 xii
Corporate Level Advanced Audit and Assurance

E. Evaluating Audit Evidence and Audit Reporting
(Syllabus Weighting: 15%)
Knowledge Learning Outcome Specific Knowledge Chapter
Component
5.2 Key audit matters 5.2.1 Explain matters to be communicated with those charged with SLAUS 250 16
governance.
5.2.2 Apply Key Audit Matters (KAM) for a given scenario. SLAuS 701 16

5.3 Modified audit 5.3.1 Apply modified audit opinions and going concern reporting Reporting considerations relating to SLAuS 16
report requirements for a given scenario. 705, 701 and SLAuS 570
5.4 Emphasis of 5.4.1 Apply emphasis of matter and other matter for a given SLAuS 706 16
matters and other scenario of audit reporting.
matters (SLAuS
706)
5.5 Special purpose 5.5.1 Apply special purpose audits including audit of single financial Includes both SLAuS 800 and 805 16
audit statements/elements to a given scenario.
5.6 Other information 5.6.1 Explain auditor's responsibility towards other information Fair understanding of the auditor's 16
included in documents containing audited financial responsibilities relating to other
statements. information contained in an annual report
(SLAuS 720)
5.7 Review 5.7.1 Explain procedures required in conducting review Fair understanding of application of review 17
engagements engagements. engagement and that the procedures used
in a review engagement is limited
compared to an audit of financial
statements (SLSRE 2400,SLSRE 2410)
 F. Assurance and Related Services
(Syllabus Weighting: 10%)
Knowledge Learning Outcome Specific Knowledge Chapter
Component
6.1 Assurance 6.1.1 Apply framework for assurance engagements in identifying Understanding of the definition, elements, 17
framework and accepting assurance engagements. scope of and preconditions for an
assurance engagement
6.2 Assurance 6.2.1 Apply Sri Lanka Standard on Assurance Engagement together Fair knowledge about application of SLSAE 17
engagements with subject matter specific assurance standards to provide 3000 for general subject matters and
reasonable or limited assurance as required in the subject matter specific assurance standards
engagement circumstances. including prospective financial statements
6.3 Related services 6.3.1 Apply Sri Lanka Standard on Related Services relating to Fair understanding of the SLSRE 4400 & 17
agreed up on procedures and compilation as required by SLSRE 4410
engagement circumstances.
6.4 Reporting 6.4.1 Outline key elements of reports used in assurance and related 17
services.

G. Audit Quality and Ethics
(Syllabus Weighting: 15%)
Knowledge Learning Outcome Specific Knowledge Chapter
Component
7.1 Framework for 7.1.1 Demonstrate the elements of the framework for audit quality. Understanding of the definition and 18
Learning outcomes

audit quality elements of the quality framework
7.2 System of quality 7.2.1 Demonstrate the elements of a system of quality controls of Fair understanding of the importance of 18
controls the firm. elements of quality controls of the firm
based on SLQC 1
xiii
 xiv
Corporate Level Advanced Audit and Assurance

G. Audit Quality and Ethics
(Syllabus Weighting: 15%)
Knowledge Learning Outcome Specific Knowledge Chapter
Component
7.3 Audit quality 7.3.1 Explain the requirements to implement quality control Fair understanding of the importance of 18
procedures at the audit engagement level including the elements of quality controls of the firm
engagement quality control review. based on SLAuS 220
7.4 Threats to 7.4.1 Analyse threats applicable to professional accountants in Part B of Code of Ethics (Section200 to 270) 19
compliance with public practice in complying with fundamental and ethical
fundamental and principle.
ethical principles
7.5 Auditors 7.5.1 Apply conceptual framework approach to analyse threats Fair understanding of the importance of 19
independence relating to auditors independence. auditors independence including the scope
of applicability and specific issues dealt in
Section 290-100 to 148)
7.5.2 Evaluate threats associated with provision of non-assurance Threats associated with provision of 19
service and methods of mitigating such threats. non-assurance service and methods of
mitigating such threats
7.5.3 Apply conceptual framework approach to evaluate specific (Section 290-164- to 219) 19
non-assurance services.
 H. Professional Practice of Internal Audit
(Syllabus Weighting: 5%)
Knowledge Learning Outcome Specific Knowledge Chapter
Component
8.1 International 8.1.1 Recognise the importance of professional practice in internal Core principles for the professional practice 20
professional audit using the elements of the International Professional of internal auditing
practice framework Practice Framework (IPPF) of the Institute of Internal Definition of internal auditing
Auditors.
Code of ethics
International standards for the professional
practice of internal auditing
8.2 Internal audit 8.2.1 Propose an internal audit charter to govern an internal audit Key elements and mandatory nature of the 20
charter function for a given entity considering entity specific Charter based on IIA standard
circumstances.
8.3 Audit universe and 8.3.1 Develop an audit universe and a plan aligned to organisations 20
plan strategies, objectives and risks.

8.4 Risk role of internal 8.4.1 Advise the extent to which internal auditor can support risk IIA position paper-role of internal auditor 20
auditor management initiatives of an entity using assurance and in risk management (ERM FAN)
advisory services.
8.5 Managing an 8.5.1 Outline key considerations in setting engagement objectives, Ability to apply IIA performance standards 20
internal audit engagement planning and conducting an internal audit applicable to engagement objectives,
engagement for a given business scenario. planning and performance of an internal
audit taking into account engagement
specific issues eg fraud risk, IT controls,
possibility of using data analytics etc

8.6 Governance and 8.6.1 Advise on the process of structuring a governance audit and a Understanding key elements of a 20
culture audit culture audit. governance and culture audit and approach
Learning outcomes

to be followed in the audit
8.7 Audit committee 8.7.1 Advise on the oversight role to be played by the audit Application of SLAuS 610 20
and internal audit committee in ensuring the independence and effectiveness of
internal audit function.
8.7.2 Advice on the extent to which external auditor can rely on the
work of internal audit.
xv
 Action verbs checklist

Knowledge Process Verb List Verb Definitions

Tier - 1 Remember Define Describe exactly the nature, scope or meaning
Recall important
information Draw Produce (a picture or diagram)

Identify Recognise, establish or select after consideration

List Write the connected items one below
the other
Relate To establish logical or causal connections

State Express something definitely or clearly

Tier - 2 Calculate/Compute Make a mathematical computation
Comprehension
Explain important Discuss Examine in detail by argument showing
information different aspects, for the purpose of arriving at a
conclusion
Explain Make a clear description in detail
revealing relevant facts
Interpret Present in understandable terms or to translate

Recognise To show validity or otherwise, using knowledge
or contextual experience
Record Enter relevant entries in detail

Summarise Give a brief statement of the main points
(in facts or figures)

Classify Allocate into categories
Describe Communicate the key features

Provide Give illustrations to support or illuminate
a point or assertion

Tier - 3 Application Apply Put to practical use
Use knowledge in a
Assess Determine the value, nature, ability
setting other than the or quality
one in which it was
learned/solve close- Demonstrate Prove, especially with examples
ended problems
Graph Represent by means of a graph
Prepare Make ready for a particular purpose

Prioritise Arrange or do in order of importance

Reconcile Make consistent with another
Solve To find a solution through calculations and/
or explanations

xvi Corporate Level Advanced Audit and Assurance
Knowledge Process Verb List Verb Definitions

Conduct Organize and carry out a task
Communicate Transmit thoughts or knowledge

Display Make evident or noticeable

Perform Do or execute, usually in the sense of
a complex procedure

Reconcile Make or prove consistent or compatible
or show differences

Set Fix or establish

Select Choose from a range of options
or possibilities
Support Assist to make decisions by providing
appropriate information about
respective concepts
Use Apply in a practical way
Undertake Commit to do or perform
Tier - 4 Analysis Analyse Examine in detail in order to determine
the solution or outcome
Draw relations among
Compare Examine for the purpose of
ideas and to compare
discovering similarities
and
Contrast Examine in order to show
contrast/solve open- unlikeness or differences
ended problems
Construct Build or make a diagram, model
or formula

Differentiate Constitute a difference that
distinguishes something
Outline Make a summary of significant features

Write Provide word descriptions to express an opinion
or idea
Tier - 5 Evaluate Advise Offer suggestions about the best course of
Formation of action in a manner suited to the recipient
judgments and Convince To persuade others to believe something
decisions about the using evidence and/or argument
value of methods, ideas, Criticise Form and express a judgment
people or products
Comment Provide written remarks expressing an opinion
in both positive and negative perspectives
Evaluate To determine the significance by careful appraisal

Conclude Form a judgment about, or determine or resolve
the outcome of, an issue through a process
involving reasoning
Determine Ascertain or conclude after analysis and
consideration; judge

Action verbs checklist xvii
 Knowledge Process Verb List Verb Definitions
Justify Give valid reasons or evidence for

Review Study critically with a view
to correction or improvement
Recommend A suggestion or proposal as to the
best course of action
Resolve Settle or find a solution to a
problem or contentious matter
Validate Check or prove the accuracy

Tier - 6 Synthesis Compile Produce by assembling information
Solve unfamiliar problems by collected from various sources
combining different aspects Design Devise the form or structure according to
to form a unique or novel a plan
solution Develop To disclose, discover, perfect or unfold a
plan or idea

Propose To form or declare a plan or intention
for consideration or adoption

Anticipate Foresee, or experience or realise
beforehand

Draft Write original material for the scrutiny
of others

Formulate Devise and put into words

Plan Devise the plan for an assurance
engagement

Report Give the formal final conclusion for an
assurance engagement

Submit Send a completed document to a
particular party

Suggest Put forward an idea or give reasons

Synthesize Make or propose a new concepts or ideas
by combining existing knowledge in
different aspects

xviii Corporate Level Advanced Audit and Assurance
Part A: Governance Internal Control Frameworks

2 CA Sri Lanka
 CHAPTER

INTRODUCTION
In this introductory chapter we look first at what an assurance engagement is and
the main elements of an assurance engagement.
An audit is an assurance engagement in which an independent auditor expresses
an opinion over the truth and fairness of a company's financial statements. We
look at the objectives of the statutory audit and its benefits and limitations.
We also cover in this chapter the regulation of auditors in Sri Lanka and introduce
Sri Lanka Auditing Standards (SLAuS). Auditors must follow SLAuSs when
carrying out an audit.

Knowledge Component
A Governance internal control frameworks
1.1 Corporate Governance and 1.1.1 Discuss the need for an audit of financial statements using agency theory
Audit

3
AAA | Chapter 1: Introduction to External Audit

LEARNING
CHAPTER CONTENTS OUTCOME
1 Assurance engagements 1.1.1
2 Objective of statutory audits and the audit opinion 1.1.1
3 Regulation of auditors 1.1.1
4 Sri Lanka Auditing Standards (SLAuSs) 1.1.1

1 Assurance engagements
An engagement in which a practitioner expresses a conclusion designed to
enhance the degree of confidence of the intended users other than the responsible
party about the outcome of the evaluation or measurement of a subject matter
against criteria.

1.1 Introduction to assurance engagements
In this chapter we revise the basic principles of audit engagements, and look at the
regulation of auditors.
Assurance engagements play an important role in giving users of financial
information, such as company shareholders, confidence that the information is
reasonably accurate and has been properly prepared and presented.
This is because during an assurance engagement a review of that information is
carried out by a practitioner who was not involved in its preparation. Therefore
their conclusions are seen as independent and impartial.

1.2 Accountability, stewardship and agency
The key reason for having a review as part of an assurance engagement can be
seen by working through the following case study.

4 CA Sri Lanka
 AAA | Chapter 1: Introduction to External Audit

CASE STUDY
Amanthi decides to set up a business selling flowers. She gets up early in the
morning, visits the market and then sets up a stall by the side of the road. For the
first year, all goes well. She sells all the flowers she is able to buy and she derives
some income from the business.
However, Amanthi feels that she could sell more flowers if she was able to
transport more to the place where she sells them, and she also knows that there
are several other roads nearby where she could sell flowers, if she could be in two
places at once. She could achieve these two things by buying a van and by
employing people to sell flowers in other locations.
Amanthi needs more money to achieve this expansion of her business. She decides
to ask her wealthy friend Thilak to invest in the business.
Thilak can see the potential of Amanthi's business and wants to invest, but he
doesn't want to be involved in the management of the business. He also does not
want to have ultimate liability for the debts of the business if it fails. He therefore
suggests that they set up a company. He will own the majority of the shares and be
entitled to dividends. Amanthi will be managing director and be paid a salary for
her work.
At the end of the first year of trading as a limited company, Thilak receives a copy
of the financial statements. Profits are lower than expected, so his dividend will
not be as large as he had hoped. He knows that Amanthi is paid a salary so she
does not care as much as him that profits are low.
Thilak is concerned by the level of profits and feels that he wants further
assurance on the accounts. He doesn't know whether they give a true reflection on
the last year's trading, particularly as the profits do not seem as high as those
Amanthi had predicted when he agreed to invest.
The solution is that the assurance Thilak is seeking can be given by an
independent audit of the financial statements.
The practitioner performing the review can provide the two things that Thilak
requires:
 A knowledgeable review of the company's business and of the accounts
 An impartial view, since Amanthi's view might be biased

Other people will also view the company's accounts with interest, for example:
 Creditors (payables) of the company
 Taxation authorities

CA Sri Lanka 5
AAA | Chapter 1: Introduction to External Audit

The various parties interested in the accounts of a company are sometimes
referred to as stakeholders. Although they will each judge the accounts by
different criteria, they will all gain assurance from learning that the accounts
they are reading have been subject to an independent report.
Figure 1.1: Typical stakeholders of an organisation
Directors Shareholders Employees

STAKEHOLDERS

Creditors The public Taxation authorities

The example above is a simple one. In practice, companies may have thousands of
shareholders and may not know the management personally. It is therefore
important that directors are accountable to shareholders. Directors act as
stewards of the shareholders' investments. They are agents of the shareholders.
Figure 1.2: Accountabilities

Vera: Manager Agent Steward Directors: Management

Accountable Accountable
to to

Peter (owner)
Shareholders (owners)

Accountability is the quality or state of being accountable, that is, being required
or expected to justify actions and decisions. It suggests an obligation or
willingness to accept responsibility for one's actions.
Stewardship refers to the duties and obligations of a person who manages
another person's property.
Agents are people employed or used to provide a particular service. In the case of
a company, the people being used to provide the service of managing the business
also have the second role of trying to maximise their personal wealth in their own
right.

You may ask, 'what are the directors accountable for?' It is important to
understand the answer to this question. The directors are accountable for the
shareholders' investment. The shareholders have bought shares in that
company (they have invested). They expect a return from their investment. As
the directors manage the company, they are in a position to affect that return.

6 CA Sri Lanka
 AAA | Chapter 1: Introduction to External Audit

Figure 1.3: Shareholders' expectations

Capital
growth
Shareholder
buys shares expects

Dividends

The exact nature of the return expected by the shareholder will depend on the
type of company he or she has chosen to invest in: that is part of his or her
investment risk analysis. Certain issues are true of any such investment, however.
For example, if the directors mismanage the company, and it goes bankrupt, it
will neither provide a source of future dividends nor create capital growth in the
investment – indeed, the opposite is true and the original investment may even be
lost.
Accountability therefore covers a range of issues, as shown in Figure 1.4.
Figure 1.4: Aspects of accountability
Financial ProitsĀ Going concern
statements warnings disclosure

Communication

Directors'
accountability

Investment protection

Internal controls Risk policies

These issues are often discussed under the umbrella title 'corporate
governance', where 'governance' indicates the management (governing) role of
the directors, and 'corporate' indicates that the issue relates to companies (bodies
corporate). This is illustrated by our scenario, where we saw Amanthi taking up a
corporate governance position in relation to Thilak.

1.3 Assurance Provision
Many of the requirements in relation to corporate governance necessitate
communication between the directors and the shareholders.

CA Sri Lanka 7
AAA | Chapter 1: Introduction to External Audit

Directors of all companies are usually required to produce financial
statements annually which give a true and fair view of the affairs of the
company and its profit or loss for the period. They are also encouraged to
communicate with shareholders on matters relating to directors' pay and
benefits, going concern and management of risks.
But how will the shareholders know whether the directors' communications are
accurate, or present a fair picture? We are back to the problem that Thilak had in
the scenario we presented earlier in this section. He knew that Amanthi's view
might be biased in a different way to his own, and he sought assurance on the
information he was presented with.
The Sri Lanka Framework for Assurance Engagements provides a frame of
reference for professional accountants when performing assurance engagements.
It provides the following definition of an assurance engagement.
An assurance engagement is an engagement in which a practitioner expresses a
conclusion designed to enhance the degree of confidence of the intended users
other than responsible party about the outcome of the evaluation or measurement
of a subject matter against criteria.

1.4 The objective of an assurance engagement
The objective of an assurance engagement will depend on the level of assurance
given. First we will consider a reasonable assurance engagement, where a high,
but not absolute, level of assurance is given.
Sri Lanka Framework for Assurance Engagements states that the objective of a
reasonable assurance engagement is a reduction in assurance engagement risk
to an acceptably low level in the circumstances of the engagement as the basis for
a positive form of expression of the practitioner's conclusion.
In order to give reasonable assurance, a significant amount of testing and
evaluation is required to support the positive conclusion, such as the opinion
given in the auditor's report on the financial statements. We look at reasonable
assurance in the context of an audit in section 2.
Limited assurance is a lower level of assurance. It allows for a lesser amount of
testing and evaluation and results in a negative conclusion.
Sri Lanka Framework for Assurance Engagements also states that the objective of a
limited assurance engagement is a reduction in assurance engagement risk to a
level that is acceptable in the circumstances of the engagement, but where that
risk is greater than for a reasonable assurance engagement, as the basis for a
negative form of expression of the practitioner's conclusion.

8 CA Sri Lanka
 AAA | Chapter 1: Introduction to External Audit

1.5 The elements of an assurance engagement
An assurance engagement performed by a practitioner will consist of the following
elements:
(a) A three-party relationship. The three parties are the intended user, the
responsible party and the practitioner (each party is described in the key
terms that follow).
(b) A subject matter. This is the data to be evaluated that has been prepared by
the responsible party. It can take many forms including financial
performance (eg historical financial information), non-financial performance
(eg key performance indicators), processes (eg internal control) and
behaviour (eg compliance with laws and regulations).
(c) Suitable criteria. The subject matter is evaluated or measured against
criteria in order to reach an opinion.
(d) Evidence. Sufficient appropriate evidence needs to be gathered to support
the required level of assurance.
(e) A written assurance report. A report containing the practitioner's opinion
is issued to the intended user.
Intended users are the person, persons or class of persons for whom the
practitioner prepares the assurance report.
The responsible person is the person (or persons) responsible for the subject
matter (in a direct reporting engagement) or subject matter information of the
assurance engagement.
The practitioner is the individual providing professional services that will review
the subject matter and provide the assurance.

One way to remember these five elements of an assurance engagement is using
the mnemonic CREST.
 Criteria
 Report
 Evidence
 Subject matter
 Three-party relationship

CA Sri Lanka 9
AAA | Chapter 1: Introduction to External Audit

1.6 Types of assurance services

Assurance services include a wide range of activities such as external audits,
internal audits, internal control, sustainability reviews, review engagements
and forecasting.

The degree of assurance given by the impartial professional will depend on the
nature of the exercise being carried out.
Directors prepare financial statements for the benefit of members. They declare
that the financial statements give a true and fair view. As we will see in section 2,
the auditors provide assurance on this declaration.
To provide such assurance, the auditors must:
 Assess risk
 Plan audit procedures
 Conduct audit procedures
 Assess results
 Express an opinion

The degree of satisfaction achieved and, therefore, the level of assurance which
may be provided, is determined by the nature of procedures performed and
their results.
Another type of assurance engagement, where a lower level of assurance is given,
is a review engagement.
A review engagement can be distinguished from an external audit engagement as
follows.
(a) External audit engagement: the auditor provides a high, but not absolute,
level of assurance that the information audited is free of material
misstatement. This is expressed positively in the audit report as
reasonable assurance (see section 2).
(b) Review engagement: the auditor provides a limited level of assurance that
the information subject to review is free of material misstatement. The
assurance report will contain a negative form of expression of the
practitioner's conclusion.
The following table summarises the different types of assurance engagements that
can be carried out by practitioners.

10 CA Sri Lanka
 AAA | Chapter 1: Introduction to External Audit

Table 1.1: Different types of assurance engagements

Engagement Type of Example Expression of
assurance conclusion
External audit Reasonable Statutory external Positive
audit
Review Limited Review of interim Negative
financial statements

In a limited assurance engagement, the practitioner expresses the conclusion in
the negative form. An example might be:
'Based on our work as set out in this report, nothing has come to our attention that
indicates the financial statements have not been prepared according to the financial
reporting framework'

2 Objective of statutory audits and the audit opinion
An external audit is a type of assurance engagement that is carried out by an
auditor to give an independent opinion on a set of financial statements.

2.1 The objective of an external audit
The objectives of an audit of financial statements are:
1. To obtain reasonable assurance about whether the financial statements as a
whole are free from material misstatement, whether due to fraud or error,
thereby enabling the auditor to express an opinion on whether the financial
statements are prepared, in all material respects, in accordance with an
applicable financial reporting framework; and
2. To report on the financial statements, and communicate as required by the
SLAuSs, in accordance with the auditor's findings.
The purpose of an external audit is to enable auditors to enhance the degree of
confidence of intended users (shareholders) in the financial statements by
expressing an opinion on them. While an audit might produce by-products such
as advice to the directors on how to run the business, its objective is solely to
report to the shareholders.

CA Sri Lanka 11
AAA | Chapter 1: Introduction to External Audit

2.2 The audit opinion in the auditor's report

Within an auditor's report on the financial statements, the auditor will give an
opinion on whether the financial statements are prepared, in all material respects,
in accordance with an applicable financial reporting framework.

Following the audit of a company's financial statements, if the auditor finds no
reason to modify the audit opinion (that is, a 'clean' report is issued), then the
audit opinion in the auditor's report may state:
'In our opinion the financial statements present fairly, in all material respects, the
financial position of the company...'
An equivalent wording for 'present fairly in all material respects' is 'give a true
and fair view of'. Therefore, under Sri Lanka Auditing Standards (SLAuSs) an
alternative wording for an unmodified audit opinion is:
'In our opinion the financial statements give a true and fair view of the financial
position of the company...'
If the auditor concludes the financial statements are true and fair, this is generally
taken to mean the financial statements:
 Are factual
 Are free from bias
 Reflect the commercial substance of the business's transactions
Below is an example of an auditor's report on an entity's financial statements. This
is a report with an unmodified opinion (which means the financial statements are
true and fair and properly prepared). It has been taken from SLAuS 700 Forming
an opinion and reporting on financial statements.

12 CA Sri Lanka
 AAA | Chapter 1: Introduction to External Audit

Figure 1.5: Example audit report, unmodified

INDEPENDENT AUDITOR'S REPORT
To the Shareholders of ABC Company [or Other Appropriate Addressee]
Report on the Audit of the Financial Statements
Opinion
We have audited the financial statements of ABC Company (the Company), which
comprise the statement of financial position as at December 31, 20X1, and the
statement of comprehensive income, statement of changes in equity and
statement of cash flows for the year then ended, and notes to the financial
statements, including a summary of significant accounting policies.
In our opinion, the accompanying financial statements present fairly, in all
material respects, (or give a true and fair view of) the financial position of the
Company as at December 31, 20X1, and (of) its financial performance and its cash
flows for the year then ended in accordance with Sri Lanka Accounting Standards.
Basis for Opinion
We conducted our audit in accordance with Sri Lankan Standards on Auditing
(SLAuSs). Our responsibilities under those standards are further described in the
Auditor's Responsibilities for the Audit of the Financial Statements section of our
report. We are independent of the Company in accordance with the with the Code
of Ethics issued by CA Sri Lanka (Code of Ethics) and we have fulfilled our other
ethical responsibilities in accordance with these requirements and the Code of
Ethics. We believe that the audit evidence we have obtained is sufficient and
appropriate to provide a basis for our opinion.
Key Audit Matters
Key audit matters are those matters that, in our professional judgment, were of
most significance in our audit of the financial statements of the current period.
These matters were addressed in the context of our audit of the financial
statements as a whole, and in forming our opinion thereon, and we do not provide
a separate opinion on these matters.
[Description of each key audit matter in accordance with SLAuS 701, which
applies to audits of the financial statements of listed entities.]

CA Sri Lanka 13
AAA | Chapter 1: Introduction to External Audit

Other Information
Management is responsible for the other information. The other information
comprises the information included in the X report, but does not include the
financial statements and our auditor's report thereon.
Our opinion on the financial statements does not cover the other information and
we do not express any form of assurance conclusion thereon.
In connection with our audit of the financial statements, our responsibility is to
read the other information and, in doing so, consider whether the other
information is materially inconsistent with the financial statements or our
knowledge obtained in the audit or otherwise appears to be materially misstated.
If, based on the work we have performed, we conclude that there is a material
misstatement of this other information, we are required to report that fact. We
have nothing to report in this regard.
Responsibilities of Management and Those Charged with Governance for the
Financial Statements
Management is responsible for the preparation and fair presentation of the
financial statements in accordance with Sri Lanka Accounting Standards, and for
such internal control as management determines is necessary to enable the
preparation of financial statements that are free from material misstatement,
whether due to fraud or error.
In preparing the financial statements, management is responsible for assessing
the Company's ability to continue as a going concern, disclosing, as applicable,
matters related to going concern and using the going concern basis of accounting
unless management either intends to liquidate the Company or to cease
operations, or has no realistic alternative but to do so.
Those charged with governance are responsible for overseeing the Company's
financial reporting process.
Auditor's Responsibilities for the Audit of the Financial Statements
Our objectives are to obtain reasonable assurance about whether the financial
statements as a whole are free from material misstatement, whether due to fraud
or error, and to issue an auditor's report that includes our opinion. Reasonable
assurance is a high level of assurance, but is not a guarantee that an audit
conducted in accordance with SLAuSs will always detect a material misstatement
when it exists. Misstatements can arise from fraud or error and are considered
material if, individually or in the aggregate, they could reasonably be expected to
influence the economic decisions of users taken on the basis of these financial
statements.

14 CA Sri Lanka
 AAA | Chapter 1: Introduction to External Audit

As part of an audit in accordance with SLAuSs, we exercise professional judgment
and maintain professional scepticism throughout the audit. We also:
 Identify and assess the risks of material misstatement of the financial
statements, whether due to fraud or error, design and perform audit
procedures responsive to those risks, and obtain audit evidence that is
sufficient and appropriate to provide a basis for our opinion. The risk of not
detecting a material misstatement resulting from fraud is higher than for one
resulting from error, as fraud may involve collusion, forgery, intentional
omissions, misrepresentations, or the override of internal control.
 Obtain an understanding of internal control relevant to the audit in order to
design audit procedures that are appropriate in the circumstances, but not for
the purpose of expressing an opinion on the effectiveness of the Company's
internal control.
 Evaluate the appropriateness of accounting policies used and the
reasonableness of accounting estimates and related disclosures made by
management.
 Conclude on the appropriateness of management's use of the going concern
basis of accounting and, based on the audit evidence obtained, whether a
material uncertainty exists related to events or conditions that may cast
significant doubt on the Company's ability to continue as a going concern. If we
conclude that a material uncertainty exists, we are required to draw attention
in our auditor's report to the related disclosures in the financial statements or,
if such disclosures are inadequate, to modify our opinion. Our conclusions are
based on the audit evidence obtained up to the date of our auditor's report.
However, future events or conditions may cause the Company to cease to
continue as a going concern.
 Evaluate the overall presentation, structure and content of the financial
statements, including the disclosures, and whether the financial statements
represent the underlying transactions and events in a manner that achieves fair
presentation.
We communicate with those charged with governance regarding, among other
matters, the planned scope and timing of the audit and significant audit findings,
including any significant deficiencies in internal control that we identify during
our audit.

CA Sri Lanka 15
AAA | Chapter 1: Introduction to External Audit

We also provide those charged with governance with a statement that we have
complied with relevant ethical requirements regarding independence, and to
communicate with them all relationships and other matters that may reasonably
be thought to bear on our independence, and where applicable, related
safeguards.
From the matters communicated with those charged with governance, we
determine those matters that were of most significance in the audit of the financial
statements of the current period and are therefore the key audit matters. We
describe these matters in our auditor's report unless law or regulation precludes
public disclosure about the matter or when, in extremely rare circumstances, we
determine that a matter should not be communicated in our report because the
adverse consequences of doing so would reasonably be expected to outweigh the
public interest benefits of such communication.
Report on Other Legal and Regulatory Requirements
[The form and content of this section of the auditor's report would vary depending
on the nature of the auditor's other reporting responsibilities prescribed by local
law, regulation, or national auditing standards. The matters addressed by other law,
regulation or national auditing standards (referred to as 'other reporting
responsibilities') shall be addressed within this section unless the other reporting
responsibilities address the same topics as those presented under the reporting
responsibilities required by the SLAuSs as part of the Report on the Audit of the
Financial Statements section. The reporting of other reporting responsibilities that
address the same topics as those required by the SLAuSs may be combined
(ie, included in the Report on the Audit of the Financial Statements section under the
appropriate subheadings) provided that the wording in the auditor's report clearly
differentiates the other reporting responsibilities from the reporting that is required
by the SLAuSs where such a difference exists.]
The engagement partner on the audit resulting in this independent auditor's
report is [name].
[Signature in the name of the audit firm, the personal name of the auditor, or both,
as appropriate for the particular jurisdiction]
[Auditor Address]
[Date]

Auditor's reports with modified opinions may arise because of a number of
different reasons and are discussed in depth in Chapter 16.

16 CA Sri Lanka
 AAA | Chapter 1: Introduction to External Audit

External auditors give an opinion on the truth and fairness of financial
statements. This is not an opinion of absolute correctness. 'True' and 'fair' are not
defined in law or audit guidance, but the following definitions are generally
accepted.
True information is factual and conforms with reality. In addition the information
conforms with required standards and law. The financial statements have been
correctly extracted from the books and records.
Fair information is free from discrimination and bias and in compliance with
expected standards and rules. The accounts should reflect the commercial
substance of the company's underlying transactions.

The auditor's report refers to the fact that the audit is planned and performed to
obtain 'reasonable assurance' whether the financial statements are free from
material misstatement. This is because the auditor cannot check everything and
therefore can only provide 'reasonable', not 'absolute', assurance.
Reasonable assurance is a high, but not absolute, level of assurance. The auditor's
report does not guarantee that the financial statements are correct, but that they
are true and fair within a reasonable margin of error.
One of the reasons that an auditor does not give absolute assurance is because of
the inherent limitations of audit. We discuss these limitations below.

2.3 Limitations of audit and materiality

External audits give reasonable assurance that the financial statements are free
from material misstatement.

The assurance given by auditors is governed by the fact that auditors use
judgement in deciding what audit procedures to use and what conclusions to
draw, and also by the limitations of every audit. These are illustrated in the
following diagram.

CA Sri Lanka 17
AAA | Chapter 1: Introduction to External Audit

Figure 1.6: Audit limitations

Risk Audit opinion Standard format
assessment can be limiting
Auditing is not Audit report
What to test objective. has inherent
Judgements have to limitations Layman may not
How much be made LIMITATIONS OF understand
'audit jargon'.
to test AUDITING

Whether errors
are representative T Up-to-date position
H Audit report is and historic position
What to Not all items issued a long time may be different
sample in the FS are E after the period end
Sampling tested R
risk E
F
O
Estimates
Non-routine R Audit evidence
transactions Limitations in
E
accounting and sometimes indicates
control systems what is probable,
not certain
Human Judgements
error
Possibility of
Possibility of controls Intentions
collusion in override Auditors can never
fraud certify that the
Cost/beneit
trade off accounts are correct.
They can only ever
express an opinion

Misstatements which are significant to readers may exist in financial statements
and auditors will plan their work on this basis, that is, with professional
scepticism. The concept of 'significance to readers' is the concept of materiality
(which will be discussed in more detail later in this Text).
Materiality is an expression of the relative significance or importance of a
particular matter in the context of the financial statements as a whole. A matter is
material if its omission or misstatement would reasonably influence the economic
decisions of users, taken on the basis of the financial statements. Materiality
depends on the size of the item or error judged in the particular circumstances of
its omission or misstatement.

The auditor's task is to decide whether the financial statements show a true and
fair view. The auditors are not responsible for establishing whether the financial
statements are correct in every particular. This is because it can take a great deal
of time and trouble to check the accuracy of even a very small transaction and the
resulting benefit may not justify the effort. Also, financial accounting inevitably
involves a degree of estimation which means that financial statements can never
be completely precise.
Although the definition of materiality refers to the decisions of the addressees of
the audit report (the company's members), their decisions may well be influenced
by other entities that use the financial statements, for example, the bank.

18 CA Sri Lanka
 AAA | Chapter 1: Introduction to External Audit

3 Regulation of auditors

Auditors in Sri Lanka must follow Sri Lanka Auditing Standards (SLAuSs).
SLAuSs are published by the Institute of Chartered Accountants of Sri Lanka
(CA Sri Lanka).
Auditors are monitored by the Sri Lanka Accounting & Auditing Standards
Monitoring Board (SLAASMB).

3.1 Regulation of auditors in Sri Lanka
Under the Sri Lanka Accounting and Auditing Standards Act, No 15 of 1995, the
Institute of Chartered Accountants of Sri Lanka (CA Sri Lanka) is the formulating
body for Sri Lanka Accounting Standards (SLFRS/LKAS) and Sri Lanka Auditing
Standards (SLAuSs). Auditors in Sri Lanka must follow SLAuSs.
Regulation of the auditing profession and monitoring of compliance with SLASs
and SLAuSs by Specified Business Enterprises is carried out by the Sri Lanka
Accounting & Auditing Standards Monitoring Board (SLAASMB).
Auditors carrying out an audit in accordance with the Accounting and Auditing
Standards Act, No 15 of 1995 are required to certify in their auditor's report that
the audit has been conducted in accordance with Sri Lanka Auditing Standards
and that the financial statements have been prepared and presented in accordance
with Sri Lanka Accounting Standards.

3.2 Entities subject to audit
Specified Business Enterprises (SBEs) must have their financial statements
audited by members of the Institute of Chartered Accountants of Sri Lanka,
holding a certificate to practice issued by the Institute.
SBEs are:
 Companies licensed under the Banking Act, No. 30 of 1988
 Companies authorised, under the Control of Insurance Act, No. 25 of 1962, to
carry on insurance business
 Companies carrying on leasing business
 Factoring companies
 Companies registered under the Finance Companies Act, No. 78 of 1988
 Companies licensed under the Securities and Exchange Commission Act, No. 36
of 1987, to operate unit trust
 Fund Management Companies

CA Sri Lanka 19
AAA | Chapter 1: Introduction to External Audit

 Companies licensed under the Securities and Exchange Commission Act, No.36
of 1987, to carry on business as stockbrokers or stock dealers
 Companies licensed under the Securities and Exchange Commission Act, No. 36
of 1987, to operate a Stock Exchange
 Companies listed in a Stock Exchange licensed under the Securities and
Exchange Commission Act, No.36 of 1987
 Other companies which:
– Have a turnover in excess of s 500 million Rupees;
– At the end of the previous financial year, had shareholder equity in
excess of 100 million Rupees;
– At the end of the previous financial year, had gross assets in excess of 300
million Rupees;
– At the end of the previous year had liabilities to banks and other financial
institutions in excess of 100 million Rupees;
– Have a staff in excess of 1,000 employees.

20 CA Sri Lanka
 AAA | Chapter 1: Introduction to External Audit

4 Sri Lanka Auditing Standards (SLAuSs)
Sri Lanka Auditing Standards (SLAuSs) are based on the Sri Lanka Standards on
Auditing published by the Sri Lanka Auditing and Assurance Standards Board
(IAASB).

The Sri Lanka Auditing Standards are based on the Sri Lanka Standards on
Auditing (SLAuS) published by the Sri Lanka Auditing and Assurance Standards
Board (IAASB) of the Sri Lanka Federation of Accountants (IFAC).
The Sri Lanka Standards have been adapted where necessary to comply with Sri
Lanka legislation. However, compliance with the SLAuSs ensures compliance in all
material respects with the Sri Lanka Standards on Auditing.
The most recently published set of SLAuSs are applicable for audits of financial
statements for periods beginning on or after 31 March 2018.
A list of these standards and the SLAuSs themselves can be found on the