Professional Documents
Culture Documents
SIR ASIF Audit Complete Book
SIR ASIF Audit Complete Book
SIR ASIF Audit Complete Book
CHAPTER ONE
INTRODUCTION TO ASSURANCE SERVICES
*Explanation of Reference:
First digit in Study Text’s Reference represents chapter number, second and third digits represents
section and sub-section number. Contents in brackets (if any) represent part of the sub-section
which is covered by the learning objective.
2
Auditing – Study Notes Chapter 1 Introduction to Assurance Services
Soon after, it was recognized that financial statements prepared by managers/directors presented
“best-view” of business instead of “true-and-fair-view” due to some Incentive (e.g. bonus) or
Pressure (e.g. fear of removal) faced by management. Thus credibility of financial statements was
questioned.
Role of auditors was recognized in a great way. Now a days, audits are performed either because:
they are required by law (called statutory audits e.g. all companies in Pakistan are required
by law to get their annual financial statements audited before they are given to
shareholders)
they are not required by law but are voluntarily performed because of value-added benefits
of audits (called non-statutory auditors e.g. sole-proprietorships, partnerships and NGOs
etc. undergoing an audit)
In addition to shareholders, some other stakeholders also get benefits from audit of F/S.
Assurance Engagement:
“Assurance engagement” means an engagement in which a
practitioner (i.e. assurance provider) obtains evidence about
evaluation of a subject matter against suitable criteria, and expresses
his conclusion to enhance the confidence of the intended users (other
than the responsible party).
Levels/Types of Assurance:
There are three levels/types of assurance i.e.
Absolute Assurance
It is a perfect level of assurance.
CHAPTER ONE
INTRODUCTION TO ASSURANCE SERVICES
QUESTIONS
Q.2 In achieving the objectives of audit, what possible disadvantages can be suffered by the company.
(CA CAF Level – Spring 1995)
LO1
Q.3 Briefly describe what you understand by the terms “reasonable assurance” and “limited assurance”.
(02 marks)
LO3 (ICAEW Professional Stage – March 2006)
Q.4 Distinguish between absolute and reasonable assurance. Identify the type of assurance that is
expected in an audit of the financial statements, clearly outlining the reasons to justify your point of
LO3 view. (08 marks)
(CA CAF Level – Spring 2009)
Q.6 List and explain the elements of an assurance engagement. (05 marks)
LO2 (ACCA Foundation Stage – June 2010)
Q.7 Describe the level of assurance that the auditor will provide for each of the following
engagements, and how the level of assurance is expressed by the auditor:
LO4 i. Audit engagement
ii. Review engagement
(Malaysian Institute of Accountants – September 2010)
Q.9 What is the difference between an “assurance engagement” and an “audit engagement”? (02 marks)
(CA CAF Level – Spring 2003)
LO4
SUGGESTED SOLUTIONS
Examiners’ Comments:
It was a basic question that was well answered by the students.
Q.3
Reasonable Assurance:
It is a high but not absolute level of assurance which is expressed in positive form of conclusion e.g.
“in our opinion, financial statements give true and fair view”.
Limited Assurance:
It is a moderate level of assurance which is expressed in negative form of conclusion e.g. “Based on
our review, nothing has come to our attention that causes us to believe that financial statements do
not give a true and fair view”.
Examiners’ Comments:
This question was very well answered overall. Nearly all candidates obtained full marks on this
question.
Exam Tip
Carefully note the requirement of the question. Question requires to describe “reasonable
assurance”, and not “reasonable assurance engagement”.
Reasonable assurance is a high but not absolute level of assurance which is expressed in positive
form of conclusion e.g. “in our opinion, financial statements give true and fair view”.
Examiners’ Comments:
Seemingly, a significant number of candidates found it to be the easiest question. This question was set
to test the candidate’s knowledge about the concept of absolute and reasonable assurance and their
relevance in audit, and was based on ISA 200.
Most candidates answered it to a pass standard with an encouraging number obtaining 7 or more
marks.
Exam Tip
This is a poorly drafted question with three sub-parts. As a good practice, whenever a question with
sub-parts is drafted, marks are allocated to each part separately to indicate weightage to be given to
each sub-part. If such a question appears in your exam, you are advised to answer each part
separately and judge yourself weightage to be given.
Examiners’ Comments:
Performance was inadequate on this question. This question was left unanswered by a significant
minority of candidates. Those who attempted it were often unable to provide more than one relevant
3 By: Muhammad Asif, ACA
Auditing –Practice Set Chapter 1 Introduction to Assurance Services
answer. Some candidates seemed to think the question wanted disadvantages of having an audit,
rather than the limitations of an audit, these are two different requirements.
Q.6
Element Explanation (with respect to assurance on financial statements)
1. Intended users (the party which requires subject matter and assurance
i.e. stakeholders)
A three party 2. a responsible party (the party which prepares subject matter i.e.
relationship management) and
3. a practitioner (the party which provides assurance on subject matter i.e.
auditor)
Subject matter is the information which management is required to
A subject matter
prepare i.e. Financial Statements
Criteria means Framework (i.e. rules and regulations) under which
Suitable Criteria financial statements are prepared e.g. GAAP or IFRS.
Suitable means it should be selected appropriately.
Evidence means information on which practitioner’s conclusion is based.
Evidence
Every conclusion should be backed by sufficient appropriate evidence.
Written It is a page which is written in standard format. It includes conclusion of
Assurance report practitioner, and it is provided by practitioner to intended users.
Examiners’ Comments:
A large number of candidates did not attempt this question, and where it was attempted it was
inadequately answered. Most candidates who provided an answer clearly did not know what the
elements of an assurance engagement were and therefore proceeded to write down anything they
knew about assurance. The usual answers focused on positive and negative assurance or on the
different types of assurance engagements. Only a small minority of candidates actually understood the
requirement and provided valid answers.
Q.7
Audit engagement Review engagement
Reasonable/High level of Limited/Moderate level of
Level of Assurance
assurance. assurance.
How Level of assurance Positive form of conclusion is Negative form of conclusion is
is expressed expressed in Report. expressed in Report.
Q.9 “Assurance engagement” means an engagement in which a practitioner (i.e. assurance provider)
obtains evidence about evaluation of a subject matter against suitable criteria, and expresses his
conclusion to enhance the confidence of the intended users (other than the responsible party).
Examiners’ Comments:
Students confused the question with engagement letter. Even very few students wrote correctly about
the audit engagement.
CHAPTER TWO
BASIC CONCEPTS OF AUDITING
ICAP'S STUDY TEXT
LO # LEARNING OBJCTIVE REFERENCE*
PART A – FINANCIAL REPORTING FRAMEWORK
Q. # 59(c i) of
LO 1 FINANCIAL REPORTING FRAMEWORKS
Question Bank
1.1.3 (True and fair
LO 2 WHAT IS MEANT BY TRUE AND FAIR VIEW
view)
PART B – RESPONSIBILITIES OF PARTIES INVOLVED IN AUDIT
1.3.9 (Responsibility
LO 3 MANAGEMENT’S (AND TCWG’S) RESPONSIBILITIES
of management…)
LO 4 AUDITOR’S RESPONSIBILITIES/OBJECTIVE 1.4.5
*Explanation of Reference:
First digit in Study Text’s Reference represents chapter number, second and third digits represents
section and sub-section number. Contents in brackets (if any) represent part of the sub-section
which is covered by the learning objective.
Compliance Framework:
Compliance framework is a financial reporting framework that requires compliance with
requirements of the framework, and does not contain acknowledgment of fair presentation
framework.
For example, Tax-basis Framework.
Study Tip
Terms “give true and fair view” and “present fairly, in all material respects” are
equivalent. However, first term is more common in practice.
Study Tips
1. Same responsibilities are included in Engagement Letter and in Auditor’s Report.
2. “Premise of an audit” means management has acknowledged and understands
that it has above responsibilities.
Study Tip
These responsibilities are included in Engagement Letter as well as in Auditor’s
Report.
LO 5: STAKEHOLDERS’ RESPONSIBILITIES:
It is the responsibility of general public (i.e. stakeholders) to understand and eliminate expectation
gap so that scope of audit is not misunderstood.
Expectation Gap:
Expectation Gap is the difference between ‘what general public
perceives of role and responsibilities of auditor’ and ‘what statutory
role and responsibilities of auditor are’.
LO 6: SCOPE OF AUDIT:
Scope of audit means nature, timing and extent of audit procedures which are necessary to achieve
the overall objective of audit (i.e. to obtain reasonable assurance that financial statements are free
from material misstatement). Scope of audit is determined by ISAs, legal and professional
requirements and auditor’s professional judgment.
Study Tip
If auditor is unable to obtain reasonable assurance about financial statements, this
is called “Limitation on Scope of Audit” or precisely “Scope Limitation”.
Characteristic Explanation
Professional Judgment is the application of Cumulative Audit Knowledge,
Professional Experience and Training, in different circumstances to reach an appropriate
Judgment course of action or conclusion.
Application of professional judgment is necessary to comply with ISAs.
Professional skepticism is an attitude which includes questioning mind
(being alert to circumstances which may indicate possible misstatement),
Professional and critical assessment of audit evidence.
Skepticism Consequently, auditor should not believe everything management tells. He
should remain alert to circumstances that indicate the possibility/risk of
misstatement or fraud.
IASB also issues International Auditing Practice Statements (IAPS) to help auditors in implementing
ISAs and to promote good auditing practice in general.
In Pakistan, ICAP is the professional body regulating auditors. Role of ICAP is as follows:
− Offers professional qualification to become auditor in Pakistan.
− Establishes procedures to ensure professional competence of auditors e.g. Continuing
Professional Development (CPD) of members, Quality Control Reviews of audits (QCR).
− Maintains a list of “registered auditors” for public.
− Adopts international accounting and auditing standards for implementation in Pakistan and also
provides guidance on their implementation.
In Pakistan, format of auditor’s report states that audit was conducted in accordance with auditing
standards as applicable in Pakistan, therefore, it is compulsory for auditors to comply with all
required procedures of all adopted ISAs unless:
a required procedure is not relevant, or
a required procedure is not practicable and is necessary to depart. In this case auditor has
to document reason of departure from required procedure and alternative procedures
performed to obtain evidence.
CHAPTER TWO
BASIC CONCEPTS OF AUDITING
QUESTIONS
Q. 2 Briefly discuss the term “true and fair view” in the context of an audit. (05 marks)
LO2 (CA Certificate Stage – Spring 2004)
Q.3 (a) Briefly highlight the management’s responsibilities relating to the financial statements?
(07 marks)
LO3
LO7
(b) During the audit team planning meeting, a member of the audit team passed a comment that
based on past experience with the client, he was confident that the management of the client was
honest and there was no issue as regards management integrity or risk of fraud in the Company.
The audit manager responded that the auditor should always maintain an attitude of professional
skepticism throughout the audit.
Required:
Briefly describe ‘Audit Skepticism’ and elaborate on the response of the audit manager. (08 marks)
(CA Certificate Stage – Autumn 2009)
Q.5 What is the “expectation gap” and how could it be removed or reduced by the auditing profession?
(04 marks)
LO5 (CA Final, Summer 1994)
Q.6 What is the scope of an audit? Also discuss as to who is responsible to prepare financial statements.
(07 marks)
LO3 (CA Certificate Stage – Spring 2002)
LO6
Q.8 During the course of the audit of Smart Services Limited for the year ended March 31, 2010,
LO7
the auditor noted certain contradictions between the results of inquiries from company’s legal
advisor and the representation provided by the management in respect of certain contingencies.
Q. 11 You were the engagement partner on the audit of a commercial bank which has a network of more
than 200 branches, across the country. During a recent meeting, a member of the audit committee
LO4
referred to an instance of irregularity in a branch, whereby the Branch Manager had extended
credit to a close relative without following the bank’s credit disbursement procedures. The member
criticized the auditors for their failure to highlight such instances.
Required:
As an engagement partner, write a letter to the audit committee explaining your point of view in
detail with specific references to the International Standards on Auditing, wherever applicable.
(09 marks)
(CA Final – Winter 2008)
SUGGESTED SOLUTIONS
Compliance Framework:
Compliance framework is a financial reporting framework that requires compliance with
requirements of the framework, and does not contain acknowledgment of fair presentation
framework.
Q. 2 The term “True and Fair View” has not been defined in the Companies Ordinance 1984 or in ISAs or
in IASs. Therefore, it is the most difficult and judgmental aspect of audit. Generally,
true means “free from error” and
fair means “free from undue bias in financial statements or the way in which they are
presented”.
Examiners’ Comments:
It was a routine question at this level that was not well answered by the students in general. Most of
the students did not define truth and fairness separately.
A minority also confused their explanations between true and fair, for example, stating “true means
unbiased”.
Q.3 (a)
Management has following responsibilities relating to financial statements:
1. For the preparation of financial statements in accordance with AFRF. This responsibility
includes:
1. Selecting the applicable financial reporting framework (AFRF).
2. Applying appropriate accounting policies and reasonable accounting estimates.
3. Prevention and detection of fraud.
2. For design, implementation and operating effectiveness of internal control which is
necessary to prepare financial statements in accordance with AFRF; and
(b)
Audit Skepticism:
Professional skepticism is an attitude which includes questioning mind (being alert to
circumstances which may indicate possible misstatement), and critical assessment of audit
evidence.
Consequently, auditor should not believe everything management tells. He should remain alert to
circumstances that indicate the possibility/risk of misstatement or fraud.
Viewpoint expressed by member of the audit team is Incorrect and viewpoint of by audit manager
is correct.
Though Professional skepticism does not mean to disregard past experience about competence and
integrity of management; but auditor should remain alert in every audit that there may be
circumstances that indicate the possibility/risk of misstatement or fraud.
A belief that management and those charged with governance are honest and have integrity does
not relieve the auditor of the need to maintain professional skepticism or allow the auditor to be
satisfied with less than persuasive audit evidence when obtaining reasonable assurance.
Examiners’ Comments:
This was an ISA based question but the students could not answer this part in an organized and
concise manner. However, majority of the students managed to pass in this part.
Q. 7 Professional Judgment is the application of Cumulative Audit Knowledge, Experience and Training,
in different circumstances to reach an appropriate course of action or conclusion.
Application of professional judgment is necessary to comply with ISAs.
Q.8 (i)
Professional skepticism is an attitude which includes questioning mind (being alert to
circumstances which may indicate possible misstatement), and critical assessment of audit
evidence.
(ii)
Auditor should perform further specific procedures to determine which source of evidence is
reliable e.g.
1. further inquiry of management and legal advisor about reasons of difference.
2. inspect documents relating to litigations and contingencies.
3. obtain opinion from other lawyers.
4. consider effect of events after the balance sheet date.
Examiners’ Comments:
(i) Professional Skepticism:
Majority of the examinees could not appropriately define the term.
(ii) Ways in which Professional Skepticism is Helpful for Auditor:
Majority of examinees failed to explain the application of the attitude of Professional Skepticism to
handle and resolve the contradictions between audit evidence collected from two different sources.
Q. 9 (a)
(i) IFAC is the global organization of professional accountants dedicated to serving the public
interest by strengthening the profession in the area of auditing, ethics, professional education and
public sector.
(ii) IAASB is one of the boards within IFAC. It serves the public interest by enhancing quality and
consistency of auditing and assurance practice throughout the world. It is a standard-setting body
which issues standards to be applied in providing the audit, review and related services. It also
provides facilitation in adoption and implementation of international standards.
(b) In Pakistan, ISAs are adopted by ICAP (being a member of IFAC). ICAP has adopted most of ISAs.
In Pakistan, format of auditor’s report states that audit was conducted in accordance with auditing
standards as applicable in Pakistan, therefore, it is compulsory for auditors to comply with all
required procedures of all adopted ISAs
Examiners’ Comments:
(a) Students had a surface knowledge of such roles.
(b) This part was designed to test the candidates’ knowledge about the applicability of the ISAs in
Pakistan. Very few candidates mentioned the relevant points.
Q. 10 Meaning of Governance:
Governance means act of supervision, direction and control.
Examiners’ Comments:
Very few students knew the exact definition of the term ‘governance’, that is, act of supervision,
direction and control.
Examiners’ Comments:
Answers to this question were disappointing as the majority of candidates failed to appreciate that
the irregularity cited in the scenario did not, in itself, result in a misstatement in the financial
statements and consequently its detection was not part of the external auditor’s responsibilities.
CHAPTER THREE
AUDIT EVIDENCE,
AUDIT PROCEDURES, AND
AUDIT DOCUMENTATION
ICAP'S STUDY TEXT
LO # LEARNING OBJCTIVE REFERENCE*
PART A – AUDIT EVIDENCE
LO 1 WHAT IS MEANT BY AUDIT EVIDENCE 4.1.1 (1st half)
Audit Evidence
Audit Evidence is the information used by auditor to draw reasonable
conclusions about financial statements on which the auditor’s opinion is
based. Audit evidence should be sufficient and appropriate.
Relevance:
Following are principles in assessing relevance of audit evidence:
1. Relevance of evidence means there should be logical connection between audit procedure
and assertion under consideration e.g.
a. to verify that sales are not overstated, relevant procedures will be to test the recorded
amount (i.e. select recorded amounts in F/S and compare with GDN).
b. to verify that sales are not understated, relevant procedures will be to test the
unrecorded information (i.e. select GDN and compare with recorded amounts in F/S).
2. An audit procedure may be relevant for one assertion but not for other.
3. For tests of controls, relevant evidence includes information that indicates performance or
deviation of a control.
4. For substantive procedures, relevant evidence includes information that indicates
misstatement or correctness of assertion.
Reliability:
Reliability of evidence means its source, nature, and circumstances should be trust-worthy e.g.
Evidence from independent external source is more reliable than internal evidence (e.g.
confirmation from customer is more reliable than a sales invoice)
Documentary evidence is more reliable than oral (e.g. a written confirmation from a debtor
is more reliable than a telephone confirmation)
Evidence in the form of original document is more reliable than photocopy
Evidence obtained directly by the auditor is more reliable than evidence obtained through
client (e.g. a confirmation obtained directly from the bank is more reliable than inspecting a
copy of a bank statement held by the client)
Evidence generated internally is more reliable when internal control is effective (e.g. pre-
numbered documents are more reliable than unnumbered documents because sequence
check can be verified.)
Exam Tip
A mnemonic to remember the reliability criteria of evidence is that evidence
should be “CODED” i.e. Controlled, Original, Documentary, External and Direct.
Risk
Assessment
procedures
Audit
Tests of To confirm control risk
Procedures (if controls are assessed strong)
Control
(7 Types)
Risk Assessment
Tests of Control (TOC) Substantive Procedures
Procedures (RAP)
RAPs are procedures to Objective of TOC is to confirm Objective of Substantive
obtain understanding of the the operating effectiveness of Procedures is to detect
entity and its internal controls in preventing, misstatements in financial
control to assess the risk of detecting and correcting statements at assertion level.
material misstatement at misstatements at assertion These include:
financial statement level and level. Analytical Procedures and
at assertion level. Tests of Details.
RAPs are required in all TOC are required only if auditor Substantive Procedures are
audits and for all material assess that controls are required in all audits and for
areas. operating effectively and he all material areas. However,
plans to rely on Internal their extent depends on risk
Control in his risk assessment. of material misstatement.
Directional Testing:
Directional testing means debit items (assets and expenses) are tested for overstatement and credit
items (liabilities, income and equity) are tested for understatement; thereby opposite accounts are
automatically tested because of double-entry characteristic of accounting system.
Assertions Testing:
Assertions/Management Assertions/Financial Statement Assertions:
Assertions are representations by management, explicit or otherwise, that are embodied in the
financial statements. These are used by the auditor:
to consider different types of misstatements that may occur and
to obtain evidence supporting these assertions.
Categories of Assertions:
Assertions about classes of transactions and events for the period
All Transactions (that have been recorded) have actually been occurred
Occurrence
i.e. there is no overstatement.
All transactions (that have occurred) have been recorded i.e. there is no
Completeness
understatement.
Amounts and other data relating to transactions have been recorded
Accuracy
appropriately.
Cutoff Transactions have been recorded in correct accounting period.
Classification Transactions have been recorded in the proper accounts.
Audit programmes are sets of instructions to the audit team, specifying the audit procedures that
should be performed in each area of the audit to verify relevant assertions.
Auditor is required to retain documentation (forming part of his opinion) in safe custody for
atleast 5 years from date of auditor’s report or group auditor’s report, whichever is later.
Auditor is also required to observe confidentiality of documentation.
Significant Matters are those matters which may affect auditor’s risk assessment or report.
Audit Files:
“Audit Files” are folders or other storage media (in physical or
electronic form) containing audit documentation for an engagement.
There are two types of audit files i.e. Current File and Permanent File
Current File Permanent File
This file contains documents relevant to This file contains documents of
Definition current audit only. continuance relevance i.e. relevant
to current as well as future audits.
Engagement Letter Long term loan agreements.
Planning Material (i.e. Overall audit Copies of Legal and Tax Status of
strategy including Risk Assessment and client.
Materiality determination, Audit Plan) Organizational hierarchy chart
Documents for each audit area Notes for Accounting System (i.e.
Examples Confirmation Letter documentation of understanding
Representation Letter of system)
Summary of corrected and uncorrected Minutes of meetings of
misstatements. shareholders and directors.
Current year’s financial statements. Previous years’ financial
Audit Report statements
Additional matters to be
Situation Type of Changes in documentation
documented
Following types of administrative changes can
be made in audit files during file assembly
period***:
(a) Deleting superseded/duplicate pages.
Changes in
(b) Sorting and cross- referencing working
documentation
papers. N/A
during file
(c) Sign-off completion checklist.
assembly period
(d) Adding/replacing documentation for
which evidence has been obtained before
audit report.
(e) To clarify/explain a matter.
Changes in Administrative type of changes can be made in – Circumstances encountered.
documentation documentation even after file assembly period. – when and by whom changes
after file assembly (e.g. because of an external QCR). were made and reviewed
period
– Circumstances encountered.
– New audit procedures
Indication of New audit procedures performed, new performed, new conclusion
misstatement after conclusion drawn and their effect on audit drawn and their effect on audit
auditor’s report report. report.
– When and by whom changes
were made and reviewed.
***ISAs state that an appropriate time for assembly (i.e. completion) of audit files is 60 days from the
date of auditor’s report.
CHAPTER FOUR
AUDITOR’S REPORT & TYPES OF
OPINIONS
*Explanation of Reference:
First digit in Study Text’s Reference represents chapter number, second and third digits represents
section and sub-section number. Contents in brackets (if any) represent part of the sub-section
which is covered by the learning objective.
It is the responsibility of the company’s management to establish and maintain a system of internal
control, and prepare and present the above said statements in conformity with the approved
accounting standards and the requirements of the Companies Ordinance, 1984. Our responsibility
is to express an opinion on these statements based on our audit.
We conducted our audit in accordance with the auditing standards as applicable in Pakistan. These
standards require that we plan and perform the audit to obtain reasonable assurance about
whether the above said statements are free of any material misstatement. An audit includes
examining, on a test basis, evidence supporting the amounts and disclosures in the above said
statements. An audit also includes assessing the accounting policies and significant estimates made
by management, as well as, evaluating the overall presentation of the above said statements. We
believe that our audit provides a reasonable basis for our opinion and, after due verification, we
report that:
(a) in our opinion, proper books of accounts have been kept by the company as required by the
Companies Ordinance, 1984;
(c) in our opinion and to the best of our information and according to the explanations given to
us, the balance sheet, profit and loss account, cash flow statement and statement of changes
in equity together with the notes forming part thereof conform with approved accounting
standards as applicable in Pakistan, and, give the information required by the Companies
Ordinance, 1984, in the manner so required and respectively give a true and fair view of the
state of the company’s affairs as at June 30, 2014 and of the profit (or loss), its cash flows
and changes in equity for the year then ended; and
(d) in our opinion, Zakat deductible at source under the Zakat and Ushr Ordinance, 1980 (XVIII
of 1980), was deducted by the company and deposited in the Central Zakat Fund established
under section 7 of that Ordinance(N–1).
ABC & Co.
August 13, 2014
Lahore
Engagement partner: XYZ
N – 1: Where no Zakat is deductible, substitute “in our opinion, no Zakat was deductible at source
under the Zakat and Ushr Ordinance, 1980”.
Types/Situations Examples
1. Accounting Policy is not selected in accordance with AFRF.
Accounting Policies 2. Accounting policy is not applied correctly (errors in application)
are not appropriate. 3. Accounting policy is not applied consistently and auditor does not
concur with change.
Transactions/Events 1. Not recording depreciation on fixed assets.
are not recorded in 2. Impairment loss not recorded on fixed assets.
financial statements. 3. Not recording inventory at lower of cost and NRV.
Study Tip
Disclosure of misstatement in financial statements is not a substitute for correct
accounting treatment.
Types/Situations Examples
a. Management prevents auditor from requesting confirmation from
debtors.
Limitations imposed b. Management does not provide representation letter to auditor.
by c. Management does not provide minutes of meetings of
management/entity Shareholders/TCWG to auditor.
d. Management does not allow auditor to communicate with predecessor
auditor.
Limitations by a. Accounting records of entity have been destroyed due to fire,
circumstances beyond computer virus or other natural disaster.
the control of entity b. Accounting records of entity have been seized by govt. authorities.
Limitations by a. Auditor is appointed after year-end and is unable to observe the
circumstances relating inventory count.
to the nature or timing b. For Consolidation, financial statements of subsidiary are not available.
of the auditor’s work
Study Tip
1. There will be no scope limitation if auditor is able to obtain evidence from
alternative audit procedures in above cases.
2. Scope limitation (of any type) affects auditor’s report. However if there is a
scope limitation by management which is unreasonable, it also affects other
aspects of audit.
Material:
Effects of misstatement/scope limitation are considered material if they,
individually or in aggregate, could reasonably be expected to influence the
economic decisions of users taken on the basis of the financial statements.
Pervasive:
Effects of misstatement/scope limitation are considered pervasive, if they:
i. Are not confined to specific accounts of the financial statements;
ii. If so confined, represent substantial proportion of the financial
statements; or
iii. In relation to disclosures, are fundamental to users’ understanding of
the financial statements.
(Pervasive effect is greater than Material effect and both depend on auditor’s
judgment.)
2. When there are multiple uncertainties and it is not possible to form an opinion due to these
uncertainties.
Study Tips
1. There will be only one opinion in an audit report.
2. Qualified Opinion, Adverse Opinion and Disclaimer of Opinion are collectively
called “Modified Opinions”.
3. The term “Modified Report” means report contains either:
(a) Modified Opinion or
(b) “Emphasis of Matter” or “Other Matter”.
PART C – APPENDICES
Exam Tips
1. In the absence of information, assume that Auditor’s Report is to be drafted in accordance with
“Form 35A of Companies Rules 1985”.
2. If you are required to identify errors, write errors alongwith correct treatment. But, DO NOT
redraft report; otherwise you will get zero marks.
(You can get FULL marks in such questions if you follow this simple-systematic approach)
Solution:
(a)
̶ This is a case of misstatement in financial statements. IFRSs require to record inventory at lower of cost
and NRV but management has not written down inventory to NRV.
̶ Effect is Material (clearly mentioned in case).
̶ Auditor shall express Qualified Opinion.
(b)
̶ This is a case of scope limitation on audit. Auditor is unable to obtain evidence on inventory balance.
Alternative procedures also, do not provide sufficient appropriate audit evidence.
̶ Effect could be Material or Pervasive.
̶ If effect is material, auditor shall express Qualified Opinion. If effect is pervasive, auditor shall express
Disclaimer of Opinion.
CHAPTER FIVE
ACCEPTANCE AND CONTINUANCE
PROCEDURES
ICAP'S STUDY TEXT
LO # LEARNING OBJCTIVE REFERENCE*
*Explanation of Reference:
First digit in Study Text’s Reference represents chapter number, second and third digits represents
section and sub-section number. Contents in brackets (if any) represent part of the sub-section
which is covered by the learning objective.
Client Screening:
Matters/Factors to be considered, in evaluating client integrity, include:
Identity and business reputation of owners, TCWG and key management.
Attitude of owners, TCWG and key management towards interpretation of accounting
standards and internal control environment.
Identity and business reputation of related parties
Reason of change of auditors.
Indication of any inappropriate scope limitation by management.
Indication of involvement of client in money laundering and other criminal activities
Client Screening procedures (i.e. sources to obtain information about integrity of client) include:
1. Communicate with third parties dealing with client e.g.
a. Predecessor auditor through “Professional Clearance/ Etiquette Letter”
b. Bankers, Lawyers, Debtors, Creditors.
2. Inquire/discussion with management.
3. Appropriate background research of business information database (e.g. industry specific
databases, Internet searching, inspection of previous annual reports and auditor’s report)
4. Evaluation of information obtained and significant matters arisen during previous
assurance and non-assurance engagements, if any.
CHAPTER SIX
COMPLIANCE WITH LEGAL
REQUIREMENTS
*Explanation of Reference:
First digit in Study Text’s Reference represents chapter number, second and third digits represents
section and sub-section number. Contents in brackets (if any) represent part of the sub-section
which is covered by the learning objective.
Important Points
1. Tenure of auditor appointed in each case is from date of appointment till the
conclusion of next AGM.
2. Remuneration of auditor shall be fixed by SECP (if appointment is made by
SECP), or by Directors (if appointment is made by directors) or by company
in general meeting (in all other cases).
3. If a company appoints disqualified person as auditor, this appointment shall
be void ab-initio and SECP will fill vacancy.
4. Company shall inform SECP within 1 week if its power becomes exercisable.
*** It is not necessary for company to circularize representation given by auditor if:
Representation made is too lengthy or too late (in this case, representation will be read-out in
AGM) or
Registrar is satisfied, on application of company or other aggrieved person, that this right is
being misused to obtain needless publicity or for defamatory purpose.
Ethical Procedures:
7. Outgoing auditor will file with ICAP a copy of Representation (if made to members).
8. Incoming auditor shall obtain a copy of the Representation before acceptance.
Ethical Procedures:
3. Outgoing auditor must immediately file with ICAP a “Statement of Facts/Circumstances”.
4. Incoming auditor should inform ICAP about the offer of appointment and should not accept
offer without prior clearance from ICAP (ICAP gives clearance within 15 days).
Rights on removal:
1. Right to receive notice of removal.
2. Right to make representation in writing to company.
3. Right to have representation circulated to all members.
4. Right to receive notices of general meetings, attend general meetings and speak at general
meetings at which he is being removed.
Qualification Criteria:
Disqualification Criteria:
Following persons are disqualified for appointment as auditor in a company:
1. If person (i.e. sole-practitioner or any partner in a firm) or his spouse or minor child holds
any shares in that company (or its associated company). However, such a person can be
appointed if he discloses the fact at time of appointment and disposes shares within 90 days
of appointment.
2. If person is indebted to the company.
However following are not considered debt in this regard:
a. sum payable to a credit card issuer up to Rs. 500,000.
b. sum payable to a utility company outstanding for 90 days.
3. If person is or was an employee (or officer or director) of the company in last 3 years.
4. If person is a partner or employee of an employee (or officer or director)of the company.
5. If person is Spouse of a director.
6. If person is a Body corporate.
If a person is disqualified for a company, he is also disqualified for its subsidiaries, its holding, and
holding’s other subsidiaries.
Exam Tips
1. All conditions of disqualification apply at time of appointment as well as during
term of appointment.
2. Appointment by firm’s name shall be appointment of all partners. Therefore,
ALL partner should meet qualification and disqualification criteria.
3. Indebtedness includes Lease Arrangements (whether operating or finance).
4. How to know whether auditor is a Corporate Body?
Word of “Limited” in the name of auditor confirms that it is a corporate body.
Word of “Company” in the name of auditor does not confirm this.
Such auditor shall have the same powers and duties as a statutory auditor of the company and such
other powers and duties as may be prescribed.
Further, if such a report is made with an intent to make profit or for material consideration or to
put another person at loss, auditor shall be punishable with fine upto Rs. 100,000 and
imprisonment up to one year.
CHAPTER EIGHT
AGREEING ON AUDIT ENGAGEMENT
ICAP'S STUDY TEXT
LO # LEARNING OBJCTIVE REFERENCE*
PART A – AGREEING ON AUDIT ENGAGEMENT
LO 5 MATERIALITY 2.2.1
*Explanation of Reference:
First digit in Study Text’s Reference represents chapter number, second and third digits represents
section and sub-section number. Contents in brackets (if any) represent part of the sub-section
which is covered by the learning objective.
Engagement Letter:
Engagement letter is a written agreement between auditor and client
(through appropriate representative e.g. CFO, CEO) on terms and
conditions of audit engagement.
If auditor accepts the change If auditor does not accept the change
1. Revised terms of engagement shall be agreed. Auditor shall continue to perform the audit
2. Procedures to be performed and Report to be engagement as per original terms of engagement.
issued shall be according to revised If management does not permit auditor to
engagement. continue original engagement, auditor shall:
3. Report shall NOT refer to: withdraw from engagement where possible
Original audit engagement or under local laws and regulations.
Any procedures performed in original Determine whether there is any contractual
audit engagement or other obligation to report the
circumstances to other parties (e.g. TCWG,
Shareholders, Regulatory or Professional
bodies).
If AFRF is required by law, auditor shall accept engagement under ISAs only if following conditions
are met:
1. Management agrees to provide additional disclosure (which will explain deficiencies in
framework to avoid F/S being misleading), and
2. It is mentioned in Engagement Letter that:
auditor’s report will not include phrases “give a true and fair view” or “present
fairly, in all material respects”.
auditor’s report will include additional paragraph (to draw users’ attention towards
additional disclosure)
If AFRF is required by law, and above conditions are also NOT met:
1. Auditor shall evaluate the effect of misleading F/S on auditor’s report.
2. Auditor shall refer to this effect in engagement letter.
CHAPTER NINE
PLANNING AN AUDIT
ICAP'S STUDY TEXT
LO # LEARNING OBJCTIVE REFERENCE*
PART A – PLANNING OF AN AUDIT
3.1.3 (Overview &
LO 1 PLANNING ACTIVITIES
Involvement of ....)
3.1.3 (Planning
DIFFERENCE BETWEEN OVERALL AUDIT STRATEGY AND
LO 2 Activities)
AUDIT PLAN
3.1.4
ADDITIONAL CONSIDERATIONS FOR INITIAL AUDIT
LO 3 3.1.6
ENGAGEMENT
LO 4 INTERIM AUDIT AND FINAL AUDIT 3.1.5
PART B – AUDIT MATERIALITY
1.1.3
LO 5 MATERIALITY
3.2.4
LO 6 PERFORMANCE MATERIALITY 3.2.4
*Explanation of Reference:
First digit in Study Text’s Reference represents chapter number, second and third digits represents
section and sub-section number. Contents in brackets (if any) represent part of the sub-section
which is covered by the learning objective.
1
Auditing – Study Notes Chapter 9 Planning an Audit
LO 1: PLANNING ACTIVITIES:
Planning Activities:
Planning an audit involves establishing the overall audit strategy for the engagement and
developing audit plan.
Objectives/Benefits of Planning:
Planning helps to:
1. pay attention to important areas
2. identify and resolve potential problems on timely basis.
3. select appropriately experienced staff and proper assignment of work to them.
4. perform engagement in efficient and effective way.
5. perform direction, supervision and review of engagement team.
2
Auditing – Study Notes Chapter 9 Planning an Audit
3
Auditing – Study Notes Chapter 9 Planning an Audit
LO 5: MATERIALITY:
What is Materiality:
Effects of items are considered material if they, individually or in aggregate, could reasonably be
expected to influence the economic decisions of users taken on the basis of the financial statements.
Materiality depends on size as well as nature of misstatement.
Exam Tip
Following “rule of thumb” has been established to determine materiality:
1. For profit oriented entity, materiality= Profit before tax * 5%
2. For not-for-profit entity, materiality = Total Revenue or Expenses * 0.5%
LO 6: PERFORMANCE MATERIALITY:
What is Performance Materiality:
Performance Materiality is the amount set by the auditor, less than materiality for the financial
statements as a whole, to reduce the risk that the aggregate of uncorrected and undetected
misstatements exceeds materiality for the financial statements as a whole.
4
Auditing – Study Notes Chapter 9 Planning an Audit
LO 7: QUALITATIVE MATERIALITY:
What is Qualitative Materiality:
Qualitative materiality means ignoring the amounts of misstatements and considering its
“qualitative characteristics” to determine whether it is material or not.
LO 8: REVISION IN MATERIALITY:
When is Materiality Revised:
Materiality is revised if auditor obtains new information/evidence which is different from
information/evidence on which original assessment was based e.g.
1. Occurrence of events substantially affecting draft financial statements
2. Revision in risk
3. Change in the auditor’s understanding of the entity and its operations
4. Change in circumstances during audit
5
Auditing – Study Notes Chapter 10 Risk Assessment Procedures
CHAPTER TEN
RISK ASSESSMENT PROCEDURES
ICAP'S STUDY TEXT
LO # LEARNING OBJCTIVE REFERENCE*
PART A – AUDIT RISK MODEL
LO 1 APPROACHES TO AUDITING 3.3.1, 3.2.3, 5.1.3, 5.1.4
*Explanation of Reference:
First digit in Study Text’s Reference represents chapter number, second and third digits represents
section and sub-section number. Contents in brackets (if any) represent part of the sub-section
which is covered by the learning objective.
LO 1: APPROACHES TO AUDITING:
Transaction-based approach / Substantive Approach:
This approach is used where:
1. Internal controls are weak, and
2. there are a few transactions or auditor is also providing accountancy services
Under this approach, auditor does not rely on internal control system and almost every item in the
financial statements is tested and vouched to supporting documents.
Under this approach, underlying accounting and internal control system is tested (through tests of
controls) to ensure system is operating effectively. Individual transactions and balances are tested
with less emphasis.
Risk-Based Approach:
Under risk-based approach to auditing, auditor performs risk assessment procedures and identifies
risk of material misstatement at financial statement level and at assertion level. Thereafter, auditor
performs audit procedures at financial statement level and at assertion level to address these risks.
Inherent Risk:
The susceptibility of an assertion about a class of transaction, account balance or disclosure to a
misstatement that could be material, either individually or when aggregated with other
misstatements, before consideration of any related controls.
Control Risk:
The risk that a misstatement that could occur in an assertion about a class of transaction, account
balance or disclosure and that could be material (either individually or when aggregated with other
misstatements) will not be prevented, detected or corrected on a timely basis by the entity’s
internal control.
Detection Risk:
The risk that the procedures performed by the auditor (to reduce audit risk to an acceptably low
level) will not detect a misstatement that exists and that could be material, either individually or
when aggregated with other misstatements.
Audit Risk:
The risk that the auditor expresses an inappropriate audit opinion when the financial statements
are materially misstated. Audit risk is a function of the risks of material misstatement and detection
risk i.e.
Audit Risk (A.R.) = Risk of Material Misstatement (RMM) * Detection Risk (D.R.)
Study Tip
1. Audit Risk = Inherent Risk * Control Risk * Detection Risk.
2. Inherent risk cannot be controlled.
3. Control risk can be controlled by client through internal control.
4. Detection risk can be controlled by auditor through audit procedures.
***Walk-through Tests:
Walk-through testing involves selecting a small sample of transactions and following them through
the various stages in their processing in accounting system to understand the system and related
controls.
***Business Risk:
Business risk is a risk resulting from significant conditions, events, circumstances, actions or
inactions that could adversely affect an entity’s ability to achieve its objectives and execute its
strategies, or from the setting of inappropriate objectives and strategies.
(Auditor understands business risks because most of business risks result in inherent/audit risks.)
Launch of new product/services because product may have to be sold at below cost to attract
by entity customers
“Standard costing” or “S.P less
because Actual Cost may be different from standard cost/S.P less
profit margin” method is used
profit margin method
for Inventory valuation
Specialized/Customized if customer cancels orders or goes bankrupt, inventory may
Inventory become obsolete
Debtors Dispute with debtors because full recovery is not expected
because of concern about accuracy and completeness of
transactions, concern about correct categorization of costs
Self-construction of fixed assets
between revenue and capital expenditure, Capitalization of
borrowing cost if self-construction is financed by loan
concern about accuracy and completeness of transactions, concern
Heavy repair and maintenance
about correct categorization of costs between revenue and capital
Fixed during the year
expenditure
Assets
Disposal of fixed assets because profit/loss on disposal may be not correctly calculated
Destroyed/Unused PPE because PPE may have been impaired.
Purchase of fixed assets during
because Cost of Purchase may not be calculated accurately
the year
because there is subjectivity e.g. issues of life, selective
Revaluation of fixed assets
revaluation, and complexity e.g. implications of deferred tax
Large volume of payroll
transactions e.g. numerous
accuracy and completeness of transactions may be difficult to
Payroll joiners/leavers, part-
determine
time/temporary employees,
overtimes
Pending litigations against
company e.g. claims regarding Because Provision/disclosure may be misstated, Going concern
unfair dismissal of staff, food (if affects major customers), NRV (if due to malfunctioning of
Litigations, poisoning, physical Injury due to inventory
Intangible malfunctioning of product.
because these may be overstated/understated because of
Intangible Assets and Provisions estimates, judgments, uncertainty, subjectivity in their
measurement
because Classification and Disclosures of loan may not be
Loan Increased borrowings appropriate, Going Concern Assumption may not be appropriate if
debt-covenant requirements are violated
Cost of sales (as a percentage of If cost of sales is unusually high, it indicates overstatement of
sales) should remain constant purchases or cut-off errors in purchases. It also indicates
over the period unless there is: understatement of closing stock or incorrect valuation of stock.
Cost of
Increase/decrease in cost of
Sales
material or labor or overheads If cost of sales is unusually low, it indicates understatement of
Change in production purchases or cut-off errors in purchases. It also indicates
technology overstatement of closing stock, or incorrect valuation of stock.
Operating expenses (as a
If operating expenses are unusually high, it indicates
percentage of sales) should
overstatement of operating expenses or misclassification between
remain constant over the years
operating expenses and cost of sales/capital expenditures.
unless there is:
Operating
Increase or decrease in
Expenses If operating expenses are unusually low, it indicates
number of administrative or
understatement of operating expenses or misclassification
selling employees.
between operating expenses and cost of sales/capital
Heavy advertisement or
expenditures.
promotional schemes.
Finance charges (as a percentage
If finance charges are unusually high, it indicates overstatement or
of Borrowings) should remain
incorrect calculation of interest expense.
Finance constant over the years unless
Charges there is:
If finance charges are unusually low, it indicates some finance
Increase or decrease in interest
charges are unrecorded.
rates during the year.
If Debtors’ Turnover Ratio is unusually high, it indicates necessary
Debtors’ Turnover Ratio should provision for doubtful or uncollectible debtors may not have been
remain constant over the year made. It also indicates overstatement of debtors or cut-off errors
Debtors unless there is: in sales.
Increase or decrease in credit
period by entity. If Debtors’ Turnover Ratio is unusually low, it indicates
understatement of debtors or cut-off errors in sales.
Inventory Turnover Ratio (in If Inventory’ Turnover Ratio is unusually high, it indicates
days) should remain constant over necessary provision for obsolete or out-of-date inventory may not
the year unless there is: have been made. It also indicates overstatement of inventory, or
Inventory Increase or decrease in cost of incorrect valuation of inventory or cut-off errors.
inventory
Increase or decrease in If Inventory’ Turnover Ratio is unusually low, understatement of
quantity of inventory inventory, or incorrect valuation of inventory or cut-off errors.
If Creditors’ Turnover Ratio is unusually high, it indicates
Creditors’ Turnover Ratio (in
overstatement of creditors or cut-off errors in Purchases. It also
days) should remain constant over
indicates company is unable to pay creditors timely.
Creditors the year unless there is:
Increase or decrease in credit
If Creditors’ Turnover Ratio is unusually low, it indicates
period by suppliers.
understatement of creditors or cut-off errors in Purchases.
If PPE is unusually high, it indicates impairment of PPE or some
PPE (as a percentage of sales) revenue expenditure may have been recorded as capital
should remain constant over the expenditure.
PPE period unless:
new products are launched by If PPE is unusually low, it indicates some capital expenditure may
entity. have been recorded as revenue expenditure.
Company may be facing problems in continuing as a Going Concern if there are liquidity and solvency
problems e.g.
Decrease in Current Ratio and Quick Ratio.
Going
Decrease in Gross Profit Margin and Net Profit Margin.
Concern
Decrease in Interest Coverage Ratio.
Increase in Borrowings/Debts.
Increase in Creditors’ Turnover Ratio.
Examples:
Examples of risks at financial statement level include:
1. Management Override of Control.
2. Financial statement level risks mostly relate to situations arising from fraud.
3. Financial statement level risks also relate to Weak Control environment e.g. management’s
lack of competence.
Examples:
Examples of significant risks at assertion level include:
1. Transactions involving new or complex regulatory/accounting requirements
2. Non-routine transactions**
3. Estimation Transactions (also called Judgmental Matters)***
**Non-routine transactions:
Non-routine transactions are transactions that are unusual and occur infrequently e.g. stock-taking,
calculating depreciation expense, and calculating foreign currency gains and losses.
***Judgmental Matters:
Judgmental matters are transactions that involve accounting estimates, judgments, uncertainty e.g.
provision for bad debts, provision for warranty, impairment of assets.
PART D – FRAUD
LO 10: RISK ASSESSMENT PROCEDURES RELATING TO FRAUD AND FRAUD RISK FACTORS :
Risk Assessment Procedures:
ISAs require the auditor to perform the following procedures to identify the risks of material
misstatement due to fraud:
1. Make enquiries of management in respect of:
a. their assessment of the risk of fraud
b. their process in place for identifying and responding to the risks of fraud
c. any specific risks of fraud identified or likely to exist
d. any communications within the entity in respect of fraud (e.g. code of conduct).
2. Make inquiries of management and others within the entity as to whether they have any
knowledge of any actual, suspected or alleged frauds.
3. Evaluate any unusual or unexpected relationships identified in performing analytical
procedures which may indicate a risk of material fraud.
4. Evaluate whether any fraud risk factors are present.
In designing and performing audit procedures for such tests, auditor shall:
i. Inquire of individuals involved in the financial reporting process about
inappropriate or unusual activity relating to the processing of journal entries
and other adjustments;
ii. Select (judgementally) and Test the journal entries and other adjustments made
at the end of a reporting period; and
Test the iii. Select (judgementally) and Test the journal entries and other adjustments
appropriateness of throughout the reporting period. (if considered necessary)
journal entries (for
fake entries) When selecting journal entries and other adjustments for testing and examining their
underlying support, following matters are relevant:
Assessment of risk of material misstatement.
Controls over journal entries.
Characteristics of fraudulent journal entries or other adjustments.
Nature and complexity of accounts.
Journal entries processed outside the normal course of business.
Auditor shall also communicate identified/suspected fraud to TCWG if fraud involves management
or is significant.
If management is involved in a fraud, integrity of management becomes doubtful and auditor may
consider appropriate action (e.g. withdrawal) based on advice of his legal advisor.
CHAPTER ELEVEN
TESTS OF CONTROLS
ICAP'S STUDY TEXT
LO # LEARNING OBJCTIVE REFERENCE*
PART A – OBTAINING UNDERSTANDING OF INTERNAL CONTROLS
*Explanation of Reference:
First digit in Study Text’s Reference represents chapter number, second and third digits represents
section and sub-section number. Contents in brackets (if any) represent part of the sub-section
which is covered by the learning objective.
1
Auditing – Study Notes Chapter 11 Tests of Controls
Control Environment:
Control environment includes attitude, awareness and actions of TCWG and management regarding
entity’s internal control and its importance in the entity.
2
Auditing – Study Notes Chapter 11 Tests of Controls
Identifying risk means recognizing existence of risk. Assessing risk means deciding whether risk is
significant or not. Managing risk means designing and operating internal controls to minimize the
risk.
Monitoring of Controls:
Monitoring of control is a process to evaluate the internal control. It includes evaluation of whether
internal control system is operating effectively and , if necessary, taking necessary remedial actions.
LO 3: THE SALES SYSTEM – OBJECTIV ES, ACTIV ITIES AND TESTS OF CONTROLS :
There should be segregation of duties between Sales Order (to prepare sales order), Despatch
Department (to despatch goods and prepare GRN), Invoicing Department (to prepare invoice) and
Accounts Department (to post invoices into Sales Journal & Ledgers).
3
Auditing – Study Notes Chapter 11 Tests of Controls
4
Auditing – Study Notes Chapter 11 Tests of Controls
5
Auditing – Study Notes Chapter 11 Tests of Controls
6
Auditing – Study Notes Chapter 11 Tests of Controls
7
Auditing – Study Notes Chapter 11 Tests of Controls
Supplier’s Statement:
A supplier’s statement is a printed statement, received at regular intervals from a supplier (usually
each month), showing details of transactions between the supplier and its customer (purchases,
purchase returns and payments) since the previous statement, and the amount owing as at the date
of the statement.
8
Auditing – Study Notes Chapter 11 Tests of Controls
9
Auditing – Study Notes Chapter 11 Tests of Controls
LO 6: BANK AND CASH SYSTEM – OBJECTIVES, ACTIV ITIES AND TESTS OF CONTROLS :
BANK AND CASH SYSTEM
–Process of Opening the mail should be –Observe whether the process is being
All cash received by monitored. monitored.
Post is recorded –A listing should be prepared for all cash and –Check amounts recorded as receipts from
cheques received through mail. customers against Listing.
–There should be segregation of duties
between Receipt of Cash and Recording of –Check that segregation of duties does
Cash. exist.
–Only a restricted number of employees –Check whether authority to receive cash
All cash received should be authorized to receive cash. is limited.
from cash sales is –Another person should check the actual –Check for evidence that Till roll totals of
recorded. cash received against the till roll total. Receipts Total are checked against cash
–Cash Till and Till Rolls should be used to received by an authorized person.
record cash sales. Alternatively, sequentially –Observe whether the process is being
prenumbered Receipts should be given for monitored.
cash received.
–At day end, cash received should be
recorded and deposited daily in bank
–Check frequency of deposit into bank.
All money received is account.
–Check whether bank statement matches
banked –Cash recorded and deposited into bank
with total of Till Roll.
account should be cross matched with
deposit slip.
–All payments (except petty expenses)
–Review the documents supporting
should be made through cross cheque and
requisition for payment.
should be backed by supporting documents.
–Review that supporting documents are
All Payments should –Supporting documents should be cancelled
being cancelled.
be properly once cheque is prepared (to avoid duplicate
–Review that only authorized persons are
authorized, made to payment).
signing the cheques.
correct person and –There should be established authority levels
–Review the sequence of cheque number.
properly recorded. for cheque signing.
–Agree entries into cheque book or in
–All cheques should be sequentially
listing of direct transfer to G.L., Bank
prenumbered.
Statement and Subsidiary Ledger.
–Payments must be recorded promptly.
–New bank accounts should be opened only
in accordance with established procedures.
–Confirm that new accounts are opened
–Responsibility for holding of cheque book
only under established procedures.
and preparation of cheques should be given
–Observe which persons are involved with
to restricted persons.
Proper Safeguards handling and preparation of cheques of
–There should be safe custody of cheque
should exist over company.
book and cheques should not be pre-signed.
money held –Inquire about custody of cheqeu books
CASH:
and chek to see whether any cheques are
–Cash and Coins should be kept in a secure
pre-signed.
place (e.g. safe).
-Observe cash custody procedures.
–Access to cash should be restricted to
authorized employees.
10
Auditing – Study Notes Chapter 11 Tests of Controls
PETTY CASH
Maximum Limit for petty cash should be one month's petty cash
spending.
To avoid or reduce the risk
Petty cash should be kept in a locked cash box.
of petty cash being stolen.
There should be 'occasional checks' of petty cash by a senior
person.
All Petty cash expenses should be authorized in advance by a
To ensure that all spending properly authorized person.
out of petty cash is All withdrawals of petty cash should be recorded on a
properly authorized sequentially prenumbered Petty Cash Voucher. Supporting
documents should be attached with the voucher.
To ensure that only correct
amount of cash are When petty cash is 'topped up', the amount of withdrawal from
withdrawn from bank to bank should be equal to total of petty cash vouchers.
go into Petty Cash.
To ensure that all spending There should be a system for the regular recording of petty
out of petty cash is cash expenses in the petty cash book. Each entry should include
accounted for. the voucher number to ensure completeness.
11
Auditing – Study Notes Chapter 11 Tests of Controls
12
Auditing – Study Notes Chapter 11 Tests of Controls
Exam Tips
In exam if a concept review question is set from “Controls”, you may be required to:
1. State control objectives for whole system or for a specific department.
2. State control activities for a specific department (sometimes, you may also be
required to state reason of each control activity. If so, control objective is reason).
3. State tests of controls for a specific department (sometimes, you may also be required
to state reason of each test of control. If so, control objective is reason)
In exam if a case study is set from “Controls”, you may be given a typical system and you may
be required to:
1. Identify strengths or weakness/deficiencies in the system. (Weakness = Lack of
Control Activity with specific reference to case)
2. Explain the effect/implication of each weakness/deficiency (Effect of Weakness =
Objective of Absent Control Activity will not fulfilled).
3. Provide a recommendation to address/improve each weakness/deficiency (State
control activity with specific reference to case).
4. State tests of controls which you will perform on system. (state tests of controls with
specific reference to case).
Narrative Notes
Narrative notes consist of a written description of the system; they would detail what occurs in the
system at each stage and would include any controls which operate at each stage.
13
Auditing – Study Notes Chapter 11 Tests of Controls
– This method can make it more difficult to identify missing internal controls as the notes record
the detail but do not identify control weaknesses clearly.
Questionnaires
Internal control questionnaires (ICQ) or internal control evaluation questionnaires (ICEQ) contain a
list of questions; ICQs are used to assess whether controls exist whereas ICEQs test the
effectiveness of the controls.
Flowcharts
Flowcharts are a graphic illustration of showing how a system (e.g. sales system) is processed in
different steps. Lines usually demonstrate the sequence of events and standard symbols are used to
signify controls or documents.
14
Auditing – Study Notes Chapter 11 Tests of Controls
15
Auditing – Study Notes Chapter 12 Substantive Procedures
CHAPTER TWELVE
SUBSTANTIVE PROCEDURES
ICAP'S STUDY TEXT
LO # LEARNING OBJCTIVE REFERENCE*
1
Auditing – Study Notes Chapter 12 Substantive Procedures
2
Auditing – Study Notes Chapter 12 Substantive Procedures
Study Tip
Main sources of evidence in audit of Tangible Non-current Assets are “Fixed Assets’
Schedule” and “Fixed Assets’ Register”.
3
Auditing – Study Notes Chapter 12 Substantive Procedures
Development Cost:
1. Ensure that criteria required by IAS - 38 to recognize development cost as intangible asset
has been met.
2. Discuss the feasibility of the project with management i.e.
a. Review projects and forecasts.
b. Production and marketing plans.
c. Obtain representation from management regarding intention to complete the
project.
3. For a sample of costs, inspect supporting documents e.g. development contracts, billing and
timesheets.
4. Test controls over documentation and safekeeping of scientists’ notes, discoveries and
conclusions.
Other Intangibles:
1. Inspect legal and purchase documents to ensure existence, valuation and right of entity over
intangible asset.
2. Check amortization calculation using client’s policy to ensure its accuracy (audit procedures
for amortization are same as of depreciation).
3. Review the possibility of impairment subsequent to acquisition. If so, ensure impairment
loss has been correctly calculated and recorded.
LO 3: INVENTORY:
1. Obtain “inventory lists” from client. Cast them to ensure mathematical accuracy and agree
balances with financial statements.
2. Select a sample of items from inventory lists and:
a. physically inspect them. (Existence).
b. During physical verification, also select assets from the floor and trace them into
inventory list (Completeness).
c. During physical verification, also check for conditions of inventory for indications of
impairment (Valuation).
3. Review reconciliation between physical balance and book balance at year end if total of
listing differs with book value. (Completeness)
Valuation:
Inventory is valued at lower of Cost and NRV.
1. Cost of Raw Material and Goods held for resale will be verified by auditor as follows:
Check figure of cost by comparing with prices as per purchase invoice.
Recalculate the cost using approach adopted by management (e.g. FIFO or Weighted
Average).
2. Cost of Work in Process and Manufactured Finished Good will be verified by auditor as
follows:
Obtain a breakup of cost of each item of Work in Process and Manufactured Finished
Good and agree the total to the general ledger.
Check that correct cost and quantity of Material has been used in valuation.
Check Labor cost to approved payroll records, time sheets, etc,
Check only production overheads are included in the valuation (selling/admin
overheads are excluded). Also check that overheads are based on normal levels of
output.
Review expert’s assessment of stage of completion.
4
Auditing – Study Notes Chapter 12 Substantive Procedures
Before Inventory count (i.e. During inventory count (i.e. After inventory count (i.e.
Planning) Observing and Recording) Follow up)
Review client’s instruction Observe the count to Ensure quantity of final
for inventory count to endure that instructions valuation match with
assess effectiveness of are being followed. inventory list.
count. Perform test count by Inspect aging of inventory
Determine if any inventory checking items from to identify slow moving and
is held by third parties to inventory sheet to obsolete stock and discuss
assess need to send warehouse and vice-versa. provisioning with
confirmation letter. Observe conditions of management.
Determine whether there is inventory for possible NRV Ensure that inventory is
need of an expert or adjustment. valued at lower of cost and
component auditor. Ensure that inventory NRV.
Decide which counts and belonging to third parties Ensure that Cutoff
locations will be observed but held by client is procedures have been
by audit team. segregated. appropriately applied while
Perform cutoff test on sales recording sales and
and purchases. purchases.
Obtain signed copies of
prenumbered count sheets
from client.
Study Tip
Main source of evidence in audit of Inventory is “Inventory Count” at year end.
5
Auditing – Study Notes Chapter 12 Substantive Procedures
LO 4: TRADE RECEIVABLES:
Existence, Completeness, and Rights and Obligation:
1. Obtain a listing of trade receivables from the sales ledger. Cast it and agree to the control
account and financial statements. Review reconciliation between control account and sales
ledger if difference exists.
2. Calculate debtors’ turnover ratio and compare with prior years. Investigate any significant
differences.
3. Review the list of trade receivables against prior years to identify any significant
variations/omissions.
4. Select a sample of debtors from sales ledger at year end (focusing on major customers,
customers with long outstanding balances, customers with credit balances) and perform a
trade receivables’ circularization. Perform alternative audit procedures in case of non-
response and additional audit procedures in case of exceptions identified.
5. Select a sample of debtors from sales ledger at year end and agree back to valid supporting
documentations of GDN and Sales orders.
6. Review whether effect of cut-off on sales have been appropriately accounted for in debtors.
7. Review the control account entries shortly before and after the year end for unusual items
and investigate them.
8. Review cash receipts after year end and trace to debtors at year end.
9. Review credit notes after year end to identify any sales transactions before year end which
should be reversed.
Study Tip
Main sources of evidence in audit of Receivables are “Debtors’ Confirmation Letter”
and “Aging of Debtors”.
6
Auditing – Study Notes Chapter 12 Substantive Procedures
LO 5: PREPAYMENTS:
1. Obtain a schedule of all prepayments. Cast list to ensure mathematical accuracy and agree
balances with financial statements.
2. Nature and amount of all prepayments should be compared with prior periods.
3. For sample of prepayments, recalculate their amounts with supporting documents and
payment from bank statement.
4. Agree prepayments to the adjustments after the end of the year.
LO 6: BANK:
1. Obtain a list of all bank accounts (including accounts closed during the year) along with
closing balances. Cast list to ensure mathematical accuracy and agree balances with
financial statements.
2. Obtain bank confirmation letter for all bank accounts (including accounts closed during the
year) and perform following procedures:
Agree balances as per bank confirmation letter with bank reconciliation statements
(to ensure accuracy) and with list of bank accounts (to ensure completeness).
Confirmation should be reviewed for evidence of loans, collateral or any
lien/restriction on balance.
3. Obtain Bank Reconciliation Statements (BRS) and perform following procedures:
Cast BRS to ensure mathematical accuracy and agree balances of BRS with bank
statement and cash book.
Trace deposits in transit into deposit slips and cash book of current month; and in
bank statement of subsequent month. For significant delays inquire explanation
from management.
trace unpresented cheques into cash book of current month; and in bank statement
of subsequent month. For significant delays inquire explanation from management.
for untraced items examine supporting documentation.
4. Perform cutoff test on cheque receipts and cheque payments.
5. Review cash book and bank statement for large transfers near year-end as indication of
window-dressing.
Study Tip
Main sources of evidence in audit of Bank are “Bank Reconciliation Statement” and
“Bank Confirmation Letter”.
LO 7: CASH:
1. Perform cash count at year end (including petty cash) and agree the total to the balance
includes in financial statements.
2. Review reconciliation for difference between book balance and physical balance.
3. Perform cutoff test on cash receipts and cash payments.
4. Ensure cash is under proper lock and key, and in safe custody.
7
Auditing – Study Notes Chapter 12 Substantive Procedures
LO 8: TRADE PAYABLES:
1. Obtain a listing of trade payables from the purchase ledger. Cast it and agree to the control
account and financial statements. Review reconciliation between control account and
purchase ledger if difference exists.
2. Calculate creditors’ turnover ratio and compare with prior years. Investigate any significant
differences.
3. Review the list of trade payables against prior years to identify any significant
variations/omissions.
4. Select a sample of creditors from purchase ledger at year end (focusing on major suppliers,
suppliers with long outstanding balances, and suppliers with credit balances) and perform
circularization i.e. sending confirmation letter. Perform alternative audit procedures in case
of non-response and additional audit procedures in case of exceptions identified.
5. Select a sample of creditors from purchase ledger at year end and agree back to valid
supporting documentations of GRN and Purchase Orders.
6. Review whether effect of cut-off on purchases have been appropriately accounted for in
creditors.
7. Review the control account entries shortly before and after the year end for unusual items
and investigate them.
8. Review cash payments after year end and trace to creditors at year end.
9. Review debit notes after year end to identify any purchases transactions before year end
which should be reversed.
LO 9: ACCRUALS:
1. A schedule of accruals should be obtained. Check for arithmetical accuracy and agree to the
general ledger and financial statements.
2. Individual accruals should be compared with prior periods.
3. Ensure that period end accruals of expenses includes necessary items (e.g. Salaries accrual,
Accruals for Utility bills, Withholding tax payable, Provision for Warranty etc.)
4. Agree accruals to the payments made after the end of the year e.g. tax on salaries paid to
FBR.
5. Check calculations of individual accruals to supporting documentation e.g. tax payable on
salaries should be based on payroll.
6. For Accrued Wages and Salaries:
a. Check whether accrual is based on last month’s payroll using correct records of
time, records of wage rates and salaries.
b. Confirm that additional costs (e.g. employer’s contributions) have been accounted
for.
c. Test reasonableness of accrual balance by performing analytical procedures e.g.
calculate ratio of accrued expenses to total salaries expenses and compare with last
year.
8
Auditing – Study Notes Chapter 12 Substantive Procedures
4. Ensure that period end provisions includes necessary items (e.g. Provision for bad debts,
Provision for slow moving stock, Provision for warranty, Provision for redundancy,
Provision for Legal cases, Provision for site restoration, etc.)
5. Review whether provisions have been adjusted in accordance with events occurring after
the balance sheet date.
6. Check calculations of individual provisions.
7. Relate the testing of provisions to other areas of the audit work e.g. correspondence with
lawyers.
LO 13: EQUITY:
Share Capital:
1. Check authorized and issued share capital complies with legal requirements.
2. For share capital issued during the year, auditor should check:
a. Cash received is properly recorded in accounts.
b. supporting documents and ensure that all legal requirements have been complied
with.
3. Agree amount of share capital in balance sheet with register of members.
9
Auditing – Study Notes Chapter 12 Substantive Procedures
Reserves:
1. Obtain a list of all reserves from client (with opening balance, additions, deletions and
closing balance).
2. Check accuracy of listing of client with supporting documents.
3. Ensure that legal requirements relating to reserves have been complied (e.g. regarding use
of share premium)
4. Check calculation of dividend and ensure that payment is consistent with issued share
capital.
5. Check authorization of payment of dividend and ensure that it has been paid in accordance
with legal requirements.
LO 15: REVENUE:
Completeness:
Select a sample of customer orders and agree these to the despatch notes and sales invoices and
sales/subsidiary ledger to ensure completeness of revenue.
Occurrence:
Select a sample of sales recorded in Sales Journal and vouch back to sales invoices, shipping
documents and customer orders.
Accuracy:
Select a sample of sales invoices and perform following procedures to ensure these are accurate:
(a) compare prices, discounts and terms and conditions with authorized price list and authorized
terms and conditions.
(b) recalculate sales tax on invoice.
Cut-off on Sales:
1. When attending the warehouse for the inventory count at year end, the auditors should
select the last goods despatched note made on that day. He should then select further goods
despatched notes for despatches both soon before and soon after the year end date.
2. The sample of goods despatched notes should be traced to the associated sales invoices to
ensure that sales invoices have been posted as sales in the correct accounting period.
10
Auditing – Study Notes Chapter 12 Substantive Procedures
LO 16: PURCHASES:
Completeness:
Select a sample of purchases orders and agree these to the goods receipt notes and purchase
invoices and purchase/subsidiary ledger to ensure completeness of purchases.
Occurrence:
Select a sample of purchases recorded in Purchase Journal and vouch back to purchase invoices,
receiving documents, and purchase orders.
Accuracy:
Select a sample of purchase invoices and perform following procedures to ensure these are
accurate:
(a) compare prices, discounts and terms and conditions with authorized terms and conditions.
(b) recalculate tax on invoice.
Cut-off on Purchases:
1. When attending the warehouse for the inventory count at year end, the auditors should
select the last goods received note made on that day. He should then select further goods
received notes for receipts both soon before and soon after the year end date.
2. The sample of goods received notes should be traced to the associated purchase invoices to
ensure that purchase invoices have been posted as purchases in the correct accounting
period.
LO 17: PAYROLL:
1. Obtain all payroll sheets processed during the year. Agree total of payroll sheets with
financial statements.
2. Cast a sample of payroll sheets to confirm completeness and accuracy of the payroll
expense.
3. For a sample of employees, recalculate the gross and net pay and agree to the payroll
records to verify accuracy.
4. Re-perform calculation of statutory deductions to confirm whether correct deductions for
this year have been included within the payroll expense.
5. Compare the total payroll expense to the prior year and investigate any significant
differences.
6. Perform analytical procedures on total salaries expense, incorporating joiners and leavers
and the pay increase. Compare this to the actual wages and salaries in the financial
statements and investigate any significant differences.
7. Agree the individual wages and salaries per the payroll to the personnel records and
records of hours worked per clocking in cards.
8. Select a sample of employees from payroll and check whether employees exist.
Study Tip
Main source of evidence in audit of Payroll is “Payroll Sheet”.
11
Auditing – Study Notes Chapter 12 Substantive Procedures
12
Auditing – Study Notes Chapter 13 External Confirmation
CHAPTER THIRTEEN
EXTERNAL CONFIRMATION
*Explanation of Reference:
First digit in Study Text’s Reference represents chapter number, second and third digits represents
section and sub-section number. Contents in brackets (if any) represent part of the sub-section
which is covered by the learning objective.
2
Auditing – Study Notes Chapter 1 Introduction to Assurance Services
External Confirmation:
External confirmation is a process of obtaining evidence by auditor directly
from a third party in written (on paper, electronic or other medium).
Situations where external confirmation procedures may provide relevant audit evidence:
Usually, confirmation procedure is used to confirm information from:
Debtors/Creditors
Banks
Lawyers
Inventories/Investments/Property title deeds held by third parties.
Timing of Confirmation:
Confirmations can be sent:
at year-end (to confirm year-end balance)
before year-end
If confirmations are sent prior to year end, following further procedures are performed at year end
to ensure that intervening transactions are not materially misstated:
A non-response:
In cases of non-response, auditor shall perform alternative audit procedures to obtain evidence e.g.
If refusal is reasonable:
Auditor shall perform alternative audit procedures (discussed above) to obtain evidence.
CHAPTER FOURTEEN
AUDIT SAMPLING
ICAP'S STUDY TEXT
LO # LEARNING OBJCTIVE REFERENCE*
*Explanation of Reference:
First digit in Study Text’s Reference represents chapter number, second and third digits represents
section and sub-section number. Contents in brackets (if any) represent part of the sub-section
which is covered by the learning objective.
100% Selection:
100% examination of population is not done in Tests of Controls but may be done in Substantive
Procedures when:
o Population consists of small number of large values or
o There is a significant risk which cannot be reduced by other means or
o 100% examination becomes cost effective (e.g. when a repetitive calculation is performed
automatically by computer).
Audit Sampling:
Audit sampling:
Audit Sampling is the application of audit procedures to less than 100% of
items within a population in such a way that all sampling units have a chance
of selection, to draw conclusions about the entire population.
Sampling Risk:
Definition:
“Sampling risk is the risk that auditor’s conclusion based on sampling might be different from the
conclusion if entire population would have been tested.”
First type of risk is more important because it may lead to incorrect audit opinion.
Non-Sampling Risk:
Definition:
Non-sampling risk is the risk that auditor’s conclusion may be wrong for any reasons/errors other
than sampling risk.
Examples:
This risk arises due to errors by the auditors or incompetency of the audit team e.g.
Inappropriate selection of audit procedure
Inappropriate application of audit procedures
Inappropriate interpretation of results of audit procedures (i.e. failure to recognize a
misstatement/deviation)
LO 3: STEPS IN SAMPLING:
1) Sample Design
2) Sample Selection
3) Performing Audit Procedures on Sample & Projecting Misstatements
4) Evaluating results of Sampling
LO 4: SAMPLE DESIGN:
Designing of audit sample includes making following decisions:
i. Determine Purpose of sample and Population from which sample will be drawn.
ii. Determine what constitutes a Misstatement or Deviation.
iii. Determine Tolerable Rate of Deviation and Expected Rate of Deviation (For Tests of
Controls)
iv. Determine Tolerable Misstatement and Expected Misstatement (For Tests of Details)
v. Determine Sampling Approach (i.e. whether Statistical or Non-Statistical)
vi. Determine Method of Selection (i.e. whether Systematic, Random or Haphazard)
Tolerable Misstatement:
It is the amount of misstatement (in financial statements) set by auditor for which auditor obtains
assurance that actual amount of misstatements in population does not exceed from this set-amount.
(it is the application of performance materiality in sampling).
Understanding of business
Understanding of Internal Control/Results of Tests of Controls
Statistical Sampling:
An approach of sampling is called Statistical Sampling, if it has following
characteristics:
i. Use of Random selection to select items.
ii. Use of Probability theory to evaluate results.
e.g. Random Selection, Systematic Selection
Random Selection:
Use of a computerized random number generator or random number tables to
select items.
Systematic Selection:
In this method, a random starting point is chosen and then every nth item is
selected e.g. selecting every 50th item.
Haphazard Selection:
Auditor selects sample without a structured technique, however whole
population is considered by auditor in sample selection.
LO 5: SAMPLE SELECTION:
Following factors influence determination of sample size:
Factors Effect on Sample Size
(Increase in) for Tests of Details
Tolerable rate of deviation/misstatement Decrease
Expected Rate of Deviation/Misstatement Increase
Desired Level of Assurance Increase
Risk of Material Misstatement Increase
Stratification of Population Decrease
Other Substantive Procedures (e.g. analytical procedures) Decrease
Population Size Negligible
CHAPTER FIFTEEN
ANALYTICAL PROCEDURES
ICAP'S STUDY TEXT
LO # LEARNING OBJCTIVE REFERENCE*
*Explanation of Reference:
First digit in Study Text’s Reference represents chapter number, second and third digits represents
section and sub-section number. Contents in brackets (if any) represent part of the sub-section
which is covered by the learning objective.
Phase of the
Purpose of Use
audit
Start of the Analytical Procedures are used as Risk Assessment Procedures to identify areas
Audit with potential risk of material misstatement.
During the Analytical Procedures are used as Substantive Procedures to identify
Audit misstatements in classes of transactions/account balance.
Analytical Procedures are used in forming overall conclusion:
To corroborate conclusions formed during the audit of individual
At the end of components
the Audit To form overall conclusion whether financial statements as a whole are
consistent with auditor’s understanding of entity.
To identify previously unrecognized risk (if any).
If adequate explanation is given, sufficient appropriate audit evidence has been obtained.
If explanation is not given or explanation is not adequate, audit evidence has not been obtained.
Auditor shall perform other procedures as necessary e.g. Tests of Details.
CHAPTER SIXTEEN
RELATED PARTIES
ICAP'S STUDY TEXT
LO # LEARNING OBJCTIVE REFERENCE*
*Explanation of Reference:
First digit in Study Text’s Reference represents chapter number, second and third digits represents
section and sub-section number. Contents in brackets (if any) represent part of the sub-section
which is covered by the learning objective.
Responsibilities of Auditor:
1. To evaluate whether related party relationships/transactions have been appropriately
identified, accounted for and disclosed in accordance with IFRS.
2. To evaluate whether:
Fraud risk factors exist
Financial statements present true and fair view
reporting to regulators (e.g. SECP, FBR, SBP), Records of the entity’s investments,
Significant contracts re-negotiated by the entity during the period, Published reports by
company (e.g. financial statements of prior period, prospectuses).
Written Representation:
Auditor shall obtain written representations from management that:
1. All Related party relationships and transactions have been appropriately identified,
accounted for and disclosed in financial statements in accordance with the requirements of
AFRF.
2. Management has disclosed to auditor all related party relationships and transactions of
which they are aware.
Documentation:
The auditor shall include in the audit documentation:
Name of related parties
Nature of relationships with related parties
CHAPTER SEVENTEEN
RELIANCE ON OTHERS
LO # LEARNING OBJCTIVE REFERENCE
1
Auditing – Study Notes Chapter 17 Reliance on Others
Group Auditor:
Group auditor is the audit firm responsible for the audit of the group financial
statements. Group auditor will also be the auditor of the parent company.
LO 2: WHAT IS A COMPONENT:
Component:
A component is an entity or business activity, for which group or component
management prepares financial information, that should be included in the
group financial statements (e.g. in case of subsidiaries, branches or
combination of both).
Significant component:
Significant Component is a component identified by the group engagement
team, that is:
1. of individual financial significance to the group, or
2. likely to include significant risk of material misstatement in the group
financial statements (due to its specific nature or circumstances).
2
Auditing – Study Notes Chapter 17 Reliance on Others
If a component is subject to an audit by law or regulation or other reason, auditor shall evaluate
whether materiality level is appropriate. If materiality level was low, additional procedures will be
necessary.
If group engagement team has serious concerns/issues about component auditor from above
evaluation, it will not engage such component auditor. However, if concerns are less than serious,
group engagement team may engage component auditor but it will have to perform additional audit
procedures by getting involved more extensively in the work of component auditor.
For other components, extent of involvement will depend on understanding of component auditor.
3
Auditing – Study Notes Chapter 17 Reliance on Others
4
Auditing – Study Notes Chapter 17 Reliance on Others
Areas where work of internal audit function can be used by external auditor:
Testing of the operating effectiveness of controls;
Substantive procedures involving limited judgment;
Observations of inventory counts;
Tracing transactions through the information system relevant to financial reporting;
Testing of compliance with regulatory requirements;
audits or reviews of the financial information of subsidiaries that are not significant
components to the group.
5
Auditing – Study Notes Chapter 17 Reliance on Others
Exact nature, timing and extent of testing of specific work depend on:
Scope and assessment of of internal audit function’s work
Risk of material misstatement.
Significance of Judgments involved in work.
If auditor determines that the work of internal auditor is not adequate for auditor’s purposes,
auditor may:
− Perform additional audit procedures appropriate to the circumstances or
− Agree with internal auditor on further work to be performed by internal auditor.
6
Auditing – Study Notes Chapter 17 Reliance on Others
Direct Assistance:
Direct assistance is defined as the use of internal auditors to perform audit procedures under the
direction, supervision and review of the external auditor.
Prior to using internal auditors to provide direct assistance, the external auditor shall:
Obtain written agreement from an authorized representative of the entity that the internal
auditors will be allowed to follow the external auditor’s instructions, and that the entity will
not intervene in the work the internal auditor performs for the external auditor; and
Obtain written agreement from the internal auditors that they will keep confidential specific
matters as instructed by the external auditor and inform the external auditor of any threat
to their objectivity.
Agreement:
It may be useful for the external auditor to agree the following in advance with internal audit:
the timing of such work
the nature of the work performed
the extent of audit coverage
materiality and performance materiality
methods of item selection and sample sizes
documentation of work performed
review and reporting procedures.
Documentation:
The external auditor is required to document:
threats to the objectivity of the internal auditors, and the level of competence of the internal
auditors used to provide direct assistance;
The basis for the decision regarding the nature and extent of the work performed by the
internal auditors;
Who reviewed the work performed and the date and extent of that review;
The written agreements obtained from an authorized representative of the entity and the
internal auditors; and
The working papers prepared by the internal auditors who provided direct assistance on
the audit engagement.
7
Auditing – Study Notes Chapter 17 Reliance on Others
Auditor’s expert:
An individual or organization possessing expertise in a field (other than
accounting or auditing), whose work in that field is used by the auditor to
assist the auditor in obtaining sufficient appropriate audit evidence.
8
Auditing – Study Notes Chapter 17 Reliance on Others
9
Auditing – Study Notes Chapter 23 Final Matters
9
Auditing – Study Notes Chapter 23 Final Matters
Written representation
A written statement by management provided to the auditor to confirm
certain matters or to support other audit evidence.
9
Auditing – Study Notes Chapter 23 Final Matters
Auditor shall:
Re-evaluate the integrity of management.
Reconsider the impact on other representations and audit evidence.
Take appropriate actions, including considering effect on audit report.
9
Auditing – Study Notes Chapter 23 Final Matters
Passive Review of subsequent events (i.e. auditor does not search subsequent events
actively; rather he relies on information from management. This review is performed after
the date of auditor’s report but before financial statements are issued)
9
Auditing – Study Notes Chapter 23 Final Matters
Auditor’s Responsibilities:
When financial Auditor shall:
statements have – Review the steps taken by management to ensure that
been issued users do not rely on previously issued financial
statements.
–Carry out necessary audit procedures on the
amendment.
–Provide a new audit report (on amended financial
statements) that shall include an Emphasis of Matter
Paragraph or Other Matter Paragraph, referring to the
note in financial statements that explains reason
for the amendment in financial statements, or
earlier report provided by the auditor.
9
Auditing – Study Notes Chapter 23 Final Matters
Management Letter is normally issued at the conclusion of the audit engagement and contains
following elements:
Internal Control Weakness
Risk faced by entity because of weakness
Suggestions by auditor to remove control weaknesses
Management’s Response
LO 8: AUDIT CORRESPONDENCE:
9
Auditing – Study Notes Chapter 19 International Standards on Review Engagements
CHAPTER NINTEEN
INTERNATIONAL STANDARDS ON
REVIEW ENGAGEMENTS
LO # LEARNING OBJCTIVE REFERENCE
1
Auditing – Study Notes Chapter 19 International Standards on Review Engagements
Review:
Review is also a form of assurance engagement. Objective of a review is to obtain moderate
assurance whether anything has come to auditor’s attention that causes him to believe that interim
financial information is not prepared, in all material respects, in accordance with applicable
financial reporting framework.
Agreed-upon Procedures:
The objective is to carry out procedures of audit nature to which the auditor and the entity have
agreed and to report on factual findings.
Compilations:
The objective is to carry out procedures of accounting nature to collect, classify and summarize
financial information e.g. preparing a tax computation for client.
Attestation Engagement:
In this type of engagement, a practitioner is engaged to attest to something e.g. to attest that certain
procedures within the entity have been performed in prescribed way. Practitioner will not
comment on quality of procedures.)
2
Auditing – Study Notes Chapter 19 International Standards on Review Engagements
Practitioner shall:
1. Obtain understanding of entity and its industry.
2. Make inquiries of management about significant matters e.g. about identification of
subsequent events affecting financial information, about events or conditions affecting
ability of entity to continue as a Going concern.
3. Applying analytical procedures i.e.
a. Comparing financial information with Prior Period, Budgets competitors and
industry
b. Study of Relationships between elements in financial statements that should be
expected to confirm a predictable pattern.
4. Reading the minutes of the meetings of shareholders, and TCWG.
5. Other review procedures including:
a. evaluating uncorrected misstatements (as in audit).
3
Auditing – Study Notes Chapter 19 International Standards on Review Engagements
Introduction
We have reviewed the accompanying condensed interim statement of financial position of Pakistan Telecommunication
Company Limited as at June 30, 2014, and the related condensed interim statement of comprehensive income, condensed
interim statement of cash flows, condensed interim statement of changes in equity and notes to the financial information
for the six months period then ended (here-in-after referred to as the “interim financial information”). Management is
responsible for the preparation and presentation of this interim financial information in accordance with approved
accounting standards as applicable in Pakistan for interim financial reporting. Our responsibility is to express a conclusion
on this interim financial information based on our review.
Scope of Review
We conducted our review in accordance with International Standard on Review Engagements 2410, “Review of Interim
Financial Information Performed by the Independent Auditor of the Entity”. A review of interim financial information
consists of making inquiries, primarily of persons responsible for financial and accounting matters, and applying analytical
and other review procedures. A review is substantially less in scope than an audit conducted in accordance with
International Standards on Auditing and consequently does not enable us to obtain assurance that we would become
aware of all significant matters that might be identified in an audit. Accordingly, we do not express an audit opinion.
Conclusion
Based on our review, nothing has come to our attention that causes us to believe that the accompanying interim financial
information as of and for the six months period ended June 30, 2014, is not prepared, in all material respects in accordance
with approved accounting standards as applicable in Pakistan for interim financial reporting.
Auditor
Auditor
Date
Address
4
Auditing – Study Notes Chapter 20 IT Concepts and Controls
CHAPTER TWENTY
IT CONCEPTS AND CONTROLS
LO # LEARNING OBJCTIVE REFERENCE
PART A – IT CONTROLS
LO 1 IT CONTROLS 5.2.7, 5.2.11
1
Auditing – Study Notes Chapter 20 IT Concepts and Controls
PART A – IT CONTROLS
LO 1: IT CONTROLS:
Control Activities in an organization could be either Manual or IT/Automated/Programmed.
Manual Control:
A manual control is performed by people (e.g. Authorization, Review, Reconciliations).
IT/Automated/Programmed Control:
A programmed control is performed by computer software (e.g. validation checks).
IT Controls are further classified between two types i.e. IT General Controls (ITGC) and IT
Application controls.
LO 2: IT GENERAL CONTROLS:
IT General Controls (ITGC):
IT General Controls are those controls that operate at entity level and relate to all or many
applications. General Controls help effective functioning of application controls by ensuring
continued proper operation of IT system.
Category of
Objective of Control Example of Control
Control
a) Security meansures for protection of equipment against fire,
flood, power-failure, theft or other diasters.
Controls over Data
b) Disaster Recovery Plan/Contingency Plan e.g.
Center and To ensure continuity of
Offsite storage of backup data.
computer operations.
Standby arrangements with third parties to provide
Operations
“technical support” in the event of disaster.
Insurance coverage for IT infrastructure.
Prevention of To avoid unauthorized physical access:
unauthorized Controlled single entry point with visitors’ logs.
Access Controls
acess/amendment to Door locks with log-in function (e.g. passwords, access cards,
(over Programs
program and data files biometric).
and Data)
(by employees or by Identification badges
hackers) Alarm & CCTV System.
2
Auditing – Study Notes Chapter 20 IT Concepts and Controls
Audit Trail:
Audit Trail is the ability of users to trace a transaction through all of its processing stages. Audit
trail can be provided by system-logs.
System Log:
A log file is a file that records events taking place in the execution of a system. Logs provide
essential information that can assist in analyzing and improving system’s performance.
Examples of system logs include:
When employees entered and left the building
Which users logged-in, when and from where
Failed log-in attempts
Who accessed and amended data file.
Changes made to a program – what when and by whom
Attempted cyber intrusions.
3
Auditing – Study Notes Chapter 20 IT Concepts and Controls
LO 3: IT APPLICATION CONTROLS:
IT Application controls:
IT Application Controls typically operate at a business process level and apply to the processing of
transactions in individual applications (e.g. sales or purchases or expenses). Application controls
help to ensure that transactions are properly authorized, accurately processed and timely
distributed.
Category of
Objective of Control Example of Control
Control
1. Use of Log-in ID and password for operator.
2. Authorization of source documents (used for input).
3. Source Data Automation (e.g. Use of Bar Codes)
4. Data Validation Controls
4
Auditing – Study Notes Chapter 20 IT Concepts and Controls
Limit Test
Range Test.
On-Screen Prompts: On-screen prompts are used to ensure
that a transaction is not left partly processed. A prompt
displays on screen and guides users what to do next.
Marking a file as read only.
Checkpoint and recovery procedures
Restriction on printing of confidential reports
Distribution of report restricted to relevant/authorized
To ensure that personnel only.
computer output is A distribution-log should be kept (i.e. when a report was
Controls over
not distributed or prepared, list of its intended recipients and acknowledgement
Output
displayed to of recipients)
unauthorized users. Audit trail
Exception reports showing data that does not conform to
specified criteria.
Controls over To ensure that data Record-counts in master file
Master held on master files Regular update of master files.
File/Standing and standing files is Review of master file by management.
Data correct.
Data Encryption:
Encryption is the process of transforming information to make it unreadable to anyone except
those possessing special knowledge (called a key).
5
Auditing – Study Notes Chapter 20 IT Concepts and Controls
Advantages of CAAT:
1. Enables auditor to test program controls (i.e. “auditing through computers”) and not just
copies or printouts.
2. Enable auditors to test a large volume of data accurately and completely.
3. Reduce level of human errors in performing audit procedures.
4. Reduces efforts on routine work and gives opportunity to concentrate on judgmental areas.
Disadvantages of CAAT:
1. Expensive to set up (High investment needed for infrastructure and training of staff )
2. Require co-operation of the client.
6
Auditing – Study Notes Chapter 20 IT Concepts and Controls
3. Major changes in client systems often require major changes in CAATs, which is expensive.
4. Client’s system may not be compatible with audit softwares.
5. Checking client’s original files ‘lively’ may increase risk of files being corrupted.
Embedded Audit Facilities (or “integrated audit facility” or “resident audit software”:
It is auditor’s computer programs that is built into the client’s IT system to allow the audit to carry
out tests at the time transactions are processed in ‘real time’. In this approach, a dummy
department is built into client’s accounting system (usually during its original design) that operates
every time the ‘live’ process is run. Information about processing and controls of client’s system is
stored in a file called SCARF (System Control And Review File). Only auditor has access to such
dummy department and its data.
LO 8: AUDIT SOFTWARES:
Audit Softwares are computer programs used by the auditor to interrogate a client’s computer files.
The principle objective is substantive testing.
Interrogation programs
These are used to access the client’s files and records and to extract data for auditing. These could
be:
Package programs (generalised audit software) – i.e. pre-prepared programs.
Purpose-written programs – perform specific functions of the auditor’s choosing.
Interactive software:
These are used in interrogation of on-line IT systems.
Embedded Audit Facilities (or “integrated audit facility” or “resident audit software”:
(defined above)
7
Auditing – Study Notes Chapter 20 IT Concepts and Controls
PART C – FLOWCHARTS
LO 9: TYPES OF FLOWCHARTS:
Linear Flowchart.
A Linear Flowchart is a diagram that displays the sequence of activities that make up a
process.
This tool can help identify rework and redundant or unnecessary steps within a process
Opportunity Flowchart
An Opportunity Flowchart (a variation of the basic linear type) differentiates process
activities that add value from those that add cost only.
Value-added steps are essential for producing the required product or service. Cost-added-
only steps are not essential for producing the required product or service. They are added
to a process to avoid something wrong e.g. end-of-process review.
Deployment Flowchart.
A Deployment Flowchart shows the actual process flow and identifies the people or groups
involved at each step.
This type of chart shows where the people or groups fit into the process sequence, and how
they relate to one another throughout the process.
Micro/Ground Level:
This provides detailed presentation of specific portion of the process by documenting every
action and decision.
Mini/Midi Level:
This is a flowchart between Macro and Micro.
It focuses only on part of the Macro level flow chart.
8
Auditing – Study Notes Chapter 20 IT Concepts and Controls
Shape Tips
1. Every flowchart will have 2 Oval Shapes; one at starts and other at end..
2. At start only one arrow comes out.
Oval
3. At end, only one arrow comes in (however other arrows may merge with
last arrow).
1. It is always in ‘verb’ form (as it shows an activity).
2. Only one arrow should come in Box.
Rectangular Box
3. Only one arrow comes out from Box which leads to next activity or a
decision table (except when End).
1. Two arrows come out from Diamond one for yes and one for no. (Yes arrow
should go down; No arrow should go right).
Diamond
2. These arrows can lead to a Box or another Diamond.
3. You can use symbols like “>”, “=”, “<” in a diamond.
1. Usual direction is “Top to Down” or “Left to Right”. However, sometimes it
may also be from down to up.
2. Only one arrow enters/comes out of a shape (except diamond from which 2
Arrow / Flow-line arrows will come out).
3. Give arrow a head at each turn.
4. An arrow may join another arrow.
5. An arrow may cross over another arrow (if not to be joined).
9
Auditing – Study Notes Chapter 20 IT Concepts and Controls
Online System:
Benefits of Online-system:
Immediate entry of the transactions into the system.
Immediate updating of master file.
Immediate response to Inquiry system
Controls in Online-System:
Application Controls:
Access Controls (to prevent unauthorized access)
Programming Controls (to prevent unauthorized changes to programs)
Audit Trail and System-Logs
Firewall
General Controls:
Authorization before processing of transactions.
Data validation checks
Balancing/Checking of control totals before and after processing.
10