- Identify the potential users of audited financial statements. (7 marks)
- What are the specific needs of the potential users of audited financial statements you
have identified in (a) above? (7 marks)
- An auditor is required to state whether, in his opinion proper books of account have been kept and whether the financial statements give a true and fair view of the state of the financial affairs of the company being audited.
What are the consequences, to the auditor, for giving an unqualified opinion, when he knows that there are material inaccuracies in financial statements? (6 marks)
(Total: 20 marks)
A & B
The framework for the preparation and presentation of financial statements, identifies the following users of financial statements:
- Investors: The providers of risk capital and their advisors are concerned with the risk inherent in, and return provided by, their investment. They need information to
help them determine whether they should buy, hold or sell their shares.
Shareholders are also interested in information which enables them to assess the ability of the enterprise to pay dividends.
- Employees: Employees and their representative groups are interested in information about the stability and profitability of their employers. They are also interested in information which enables them to assess the ability of the enterprise to provide
remuneration, retirement benefits and employment opportunities.
- Lenders: Lenders are interested in information that enables them to determine whether their loans, and the interest attaching to them will be paid when due.
- Suppliers and other trade creditors: These are interested in information that enables them to determine whether amounts owing to them will be paid when due.
- Customers: They have an interest in information about the continuance of an enterprise, especially when they have a long term involvement with, or are
dependent on the enterprise.
- Governments and their agencies: These are interested in the allocation of resources and therefore, the activities of enterprises. They also require information in order to regulate the activities of the enterprises, taxation policies and as the basis for
national income and similar statistics.
- Public: Financial statements may assist the public by providing information about the trends and recent developments in the prosperity of the enterprise and the range
of its activities.
The consequences an auditor of giving an unqualified opinion when he knows that there are material inaccuracies in the financial statements is that he exposes himself
to claims of negligence. In addition, he risks:
- Having practising certificate withdrawn for professional misconduct ii) Ruining the reputation of the firm
Claims for damages against him by the company and other third parties iv) Risk of criminal charges for issuing a misleading report.
One of the responsibilities of the directors of a company is to establish strong internal controls to safeguard the assets of the firm.
- State the audit objectives of internal controls on fixed assets. (6 marks)
- Set out the audit procedures you would follow to verify directors‘ fees.(7 marks)
- What procedures would you apply to verify the extension of a building that has been
constructed by the client during the year? (7 marks)
(Total: 20 marks)
The audit objectives of internal controls on fixed asset would be to ensure that the internal control objectives over fixed assets have been achieved. These objectives include:
Fixed assets are correctly recorded, adequately secured and properly maintained.
Acquisitions and disposals of fixed assets are properly authorized.
- Acquisitions and disposals of fixed assets are for the most favourable price
- Fixed assets are properly recorded, appropriately depreciated and written down where necessary.
- Safeguard assets from misuse.
- Audit procedures to verify directors‘ fees.
- A schedule should be obtained from the client showing the make up of the directors‘ remuneration;
- The amounts paid in respect of each individual should be verified by reference to the company‘s accounting records and the service agreements or a board minute in respect of management remuneration or to the articles of association
or annual general meeting minute in respect of fees for services as directors.
- The auditor should confirm that all directors‘ emoluments have been disclosed in the financial statements as required by the companies Act and have been appropriately taxed.
- Verification of building extension
- Ensure that proper authorisation was granted to build the extension (evidence by minutes of the board meeting) either by the board or a designated official.
(Evidenced by his signature).
- Ensure that all the costs of the extension has been properly capitalized. This is of special importance where any of the directors or senior executives are enumerated by commission on profits, as the figure upon which commission is calculated will be inflated if revenue expenditure is incorrectly allocated to
- Physically inspect the building to verify the physical existence of the
- Examine documents of title to the building, to ensure that the building
together with the extension rightfully belongs to the client.
- Ensure that the cost of the extension has been properly determined (i.e. the extension is properly valued). To do this: –
- Ensure the Company‘s system for allocating costs to the extension is Such costs include cost of labour, construction materials etc.
Ensure the costs included relate to the project by taking a sample of costs included and tracing back to costings and source documentation
Many auditors now use laptops computers to perform various audit tasks. However, if audit firms use laptop computers they risk data being corrupted and appropriate controls must therefore be put in place to prevent the corruption of data.
- Explain six ways which auditors can use laptop computers in their audit work (other
than computer-assisted audit techniques). (6 marks)
- Explain the computer assisted audit techniques listed below:
- Embedded audit facilities. (2 marks) ii. Integrated test facilities. (2 marks)
- Briefly describe two types of software that might be used by auditors in their work other than Computer Assisted Audit techniques. (4 marks)
- Describe the controls that auditors should implement when using laptop computers on (6 marks)
(Total: 20 marks)
- A micro-computer (including laptop) may be used by the auditor in the following ways to assist his audit work: –
- Flowcharting clients systems
Specialist flowcharting packages can assist the auditor in the production of clear, well presented flowcharts. The use of such packages ensures that the flow charts are legible and can be easily updated when systems change, unlike manually produced flowcharts. 2. Preparation of audit programmes
Audit programmes can be typed into a word processor, which again will allow for easy updating in the following years. Some firms may also have standard audit tests kept on a database within the word processor when such tests are required, they are simply copied into the audit program.
- Analytical procedures
A standard template can be set up on a spreadsheet package. Onto this template, the auditor inputs key details such as balance sheet totals from the financial statement. The spreadsheet then calculates key accounting ratios to assist the auditor with the analytical procedures.
- Preparation of audit working papers Word processing packages can be used in documenting the audit evidence gathered.
- Preparing correspondences with the client such as faxes, management letters and engagement letter among others.
- In random sample selection statistical packages can assist in sample selection and in performing the required mathematical computations.
- Embedded audit facilities
This module is a CAAT in which code prepared by the auditor is embedded in the client’s software. The code may be designed, for example, to replicate a specific aspect of a control procedure, or to record details of certain transactions in a file accessible only to the auditor. Thus, it may be used as both a test of control or as a substantive procedure. (This CAAT is particularly applicable to continuous auditing.
- Integrated test facilities (ITF)
Is a facility forming part of the client’s software that enables the auditor’s test data to be integrated and processed with the client’s live input data. The facility ensures that the test data updates special dummy files, rather than actual operating files. The dummy files are examined to ensure that the test data has been processed in the manner expected. This procedure provides evidence of the effectiveness of design of programmed control procedures as well as aspects of the effectiveness of operation.
- Types of audit software
- A spreadsheet package
This provides the auditor with a large worksheet which he can be able to use to carryout mathematical functions regarding his audit work such as casting client ledgers and carrying out analytical procedures.
- Word Processing
This is a package that enables the auditor to carry out his word processing work such as editing, copying, typing and typesetting.
- The controls that must be exercised by the auditor include:
- Back up of files
Backup copies of all audit files kept on the computer should be made regularly at least once per day. These backup copies should be kept in a separate location from the microcomputer or laptop. If the microcomputer is lost or damaged, the copy files will be used to continue work on that client.
When an audit is finished, the client files are taken off the computer to make room for the next clients‘ files, at least two or three backup copies should be made to ensure that if one copy becomes corrupted or lost, then the files can be retrieved from the second copy of the files.
- Security of files
Audit information on clients can be very sensitive. Adequate procedures must therefore be in force to ensure that only authorized audit staff can gain access to the audit information. All audit computers should therefore be protected by passwords and disks with client data stored in safe locations e.g. in a fireproof safe.
Care must also be taken to ensure that computers holding client data are not stolen.
If a computer is left at a client‘s premises overnight, then it should either be locked in a safe or securely chained and padlocked to a table.
- Adequacy of information
There is a danger with computers that not all the data or reasoning used to reach a particular decision will be documented. This can arise due to lack of ability to use the system. Adequate documentation must therefore be kept including print outs of all major documents for future reference, together with the reasons for decisions made.
- Testing of programs
Before any program is used on audits, it should be tested to ensure that it is as far as possible error free.
- List and briefly explain the general forms of qualifications available to the auditor
in drafting his audit report, stating the circumstances in which each qualification is
appropriate. Give an example of each circumstance. (8 marks)
- List the principal matters, which the auditors considers in forming an opinion on the financial statements. (4 marks)
- Outline the basic elements of an unqualified audit report. (8 marks)
(Total: 20 marks)
- A qualified report is a modified audit report issued when there are circumstances such that an unqualified opinion cannot be issued.
An auditor may be unable to express an unqualified opinion when:
- There is a limitation on the scope of his work caused by:
- Imposed by entity e.g. when engagem ent terms specify that he won‘t carry out procedures
that he believes to be necessary
- Ø Circumstance e.g. appointment after stock taking
Inability to carry out audit procedures believed to be necessary e.g. because the accounting records are destroyed or corrupt.
There is a disagreement with management regarding the acceptability of the
accounting policies selected, methods of their application or adequacy of financial statements disclosure.
The qualifications can be summarized in the matrix:
|Nature of circumstance||Material but not pervasive||Material and pervasive|
|1. Limitation of scope
The auditor is unable to carry out
‗Except for‘ opinion
Disclaimer of opinion
|procedures because of a lack of evidence e.g. lack of accounting records that have||
The auditor is unable to form an
|been lost or destroyed, or a lack of||opinion and does not know whether|
|adequate information and explanations||the financial statements give a true and|
|from directors||fair view.|
The auditor disagrees with the accounting
‗Except for‘ opinion
|treatment or disclosure of a matter such as the non-provision for a doubtful debt.
The financial statements do not give a true and fair view.
Explanation of Matrix
„Except for‟ opinion (referred to as qualified opinion in ISA 700) should be expressedwhen the auditor concludes that an unqualified opinion cannot be expressed but that the effect of any disagreement with management or limitation on scope is not so material and pervasive as to require an adverse opinion or disclaimer of opinion.
A disclaimer of opinion should be expressed when the possible effect of a limitation onscope is so material and pervasive that the auditor has been unable to obtain sufficient
appropriate audit evidence and accordingly is unable to express an opinion on the financial statements.
An adverse opinionshould be expressed when the effect of a disagreement is so material and pervasive to the financial statements that the auditor concludes that a qualification of the report is not adequate to disclose the misleading or incomplete nature of the financial statements.
When forming an opinion, the auditors should consider whether:
- Proper returns adequate for their audit have been received from branches not visited by them (where applicable)
- The company‘s balance sheet and its profit and loss account are in agreement with the accounting records and returns.
Such information and explanations as auditors think necessary for the performance of their duties have been received from the company‘s officers. Ø
The directors‘ report is consistent with the financial statements.
- Ø The financial statement comply with the requirements of the company‘s Act
The financial statements have been prepared in accordance with the International Financial Reporting Standards (IFRS)
( Basic elements of the unqualified audit report.
Audit reports should be addressed to the members of the company (on whose behalf the audit is undertaken) in the absence of alternative statutory or contractual agreements (e.g. in the case of a non-statutory audit).
- Introductory paragraph
It identifies the financial statements audited by the use of page numbers, to distinguish such information from other documents that have not been subject to
audit e.g. chairman‘s report.
This paragraph also refers to the accounting convention under which the financial statements have been prepared.
- Statement of responsibility of directors and auditors (covered earlier)
- Basis of opinion (scope paragraph)
Audit carried out in accordance with the International Standards on Auditing and Company‘s Act requirements and other statutory requirements.
- Examining on a test basis evidence to support the financial statement amounts and disclosures.
- Assessing the accounting policies used in preparing the financial statements
- Assessing the significant estimates made by directors in preparation of financial
- Evaluating the overall financial statement presentation.
- It should describe an audit as including:
- A statement that the audit was planned and performed to obtain reasonable assurance that financial statements are free from material misstatements.
- It should clearly state the auditor‘s opinion as to whether the financial statements give a true and fair view in accordance with financial reporting framework and their compliance with statutory requirements.
- It should date the report as of audit completion date i.e. when the auditor receives all evidence required to support his opinion. It should be signed in the audit firm‘s name and should name the audit firm office.QUESTION FIVEThe auditor‘s operational standard states, ―The auditor should obtain relevant and reliable audit evidence sufficient to enable him to draw reasonable conclusions thereon‖.
- What factors would influence the judgment of the auditor with regard to sufficiency of audit evidence?(10 marks)
- What factors would influence the auditor to accept third party certificates as audit
evidence? (7 marks)
- State the important factors that must be considered when assessing the reliability of
audit evidence. (3 marks)
(Total: 20 marks)
- According to ISA 500 ―Audit evidence‖ the auditor‘s judgment as to what is sufficientappropriate audit evidence is influenced by factors such as:
- The auditor‘s assessment of the nature and level of inherent risk at both
the financial statement level and the account balance or class of transactions level.
- Nature of the accounting and internal control systems and the assessment of control risk. iii. Materiality of item being examined.
- Experience gained during previous audits
- Results of audit procedures including fraud or error, which may have been found.
- Source and reliability of information available.
NB: Sufficiency of audit evidence refers to the quantity of audit evidence. Audit evidence is considered to be sufficient if auditor can be able to reach a conclusion on an audit objective based on that information.
Appropriate audit evidence refers to the quality of audit evidence, which is assessed in terms of the relevance, and reliability of the evidence.
Relevant audit evidence provides the auditor with audit evidence and information regarding management‘s assertions of the financial statements. These assertion include:
- Existence: An asset or liability exists at a given date.
- Rights and obligations: An asset or liability pertains to the entity at a given date. iii. Occurrence: A transaction or event took place, which pertains to the entity during the period.
- Completeness: There are no unrecorded assets, liabilities, transactions or undisclosed items.
- Valuation: An asset or liability is recorded at an appropriate carrying value.
- Measurement: A transaction or event is recorded at the proper amount and revenue or expenses are allocated to the proper period.
- Presentation and disclosure: An item is disclosed, classified and described in accordance with the applicable financial reporting framework.
- Factors that would influence the auditors to accept third party certificates as audit evidence include:
- Whether the third party be reliably determined to be knowledgeable in the mater for which he is providing the certificate.
- The integrity of the source for the certificate – can the source be said to be honest or independent of the client.
- The relationship of the source with the client. For instance, a certificate from a related party may not be as reliable as certificate issued on arm‘s length transaction by an independent party.
- Previous experience with the third party. If the certificates given by the third party previously have proved unreliable, chances are that the certificate would be unreliable.
The reliability of audit evidence is influenced by: –
- Its source: internal or external, and
- By its nature: visual, documentary or oral. While the reliability of audit evidence is dependent on individual circumstances, the following generalizations will help in
assessing the reliability of audit evidence:
- Audit evidence from external sources (e.g. confirmation received from a third party) is more reliable than that generated internally.
- Audit evidence generated internally is more reliable when the related accounting and internal control systems are effective.
- Audit evidence obtained directly by the auditor is more reliable than that obtained from the entity.
- Audit evidence in the form of documents and written representations is more reliable than oral representations.
NB: Audit evidence is more persuasive when items of evidence from different sources or of different nature are consistent. Thus, the auditor may obtain a cumulative degree of confidence higher than would be obtained from items of audit evidence when considered individually.
Conversely, when audit evidence obtained from one source is inconsistent with that obtained from another, the auditor determines what additional procedures are necessary to resolve the inconsistency.
Control procedures consist of practices and procedures in addition to the control environment, established to achieve certain specific objectives. For each of the procedures listed below, explain the purpose of the control procedures and state the tests of control you would perform to confirm that the control objective was being achieved.
- The preparation of a reconciliation statement. (4 marks)
- The maintenance of a fixed assets register. (9 marks)
- The existence of passwords in a micro-computer accounting system. (7 marks)
(Total: 20 marks)
- The preparation of a bank reconciliation statement is carried out to reconcile the balances on the cash book to the company with the bank statement prepared by the
bank and sent periodically to the entity.
It is mainly carried out to ensure that all receipts and payments are promptly and accurately recorded.
Controls procedures over the bank reconciliation include: –
- Bank reconciliation should be prepared at least monthly.
- The person responsible for preparation should be independent of the receipts and payments function or, alternatively, an independent person should check the reconciliation.
- If the reconciliation is prepared by an independent person, he should obtain bank statements directly from the bank and hold them until the reconciliation is
- The preparation should preferably include a check of at least a sample of receipts and payments against items on the bank statements.
The tests of control I would carry out on the bank reconciliation includes: –
- Checking whether the reconciliations are indeed prepared as required.
- Examine evidence of independent review of bank reconciliations e.g. a signature of reviewer.
- Examine evidence of follow-up of outstanding items on bank reconciliation‘s.
Pay particular attention to old outstanding reconciling items that should be written back such as old, un-presented cheques.
- Verify that the reconciliations are accurately prepared by checking costs and that the current balances are picked as per the cashbook and bank statements.
Maintenance of a fixed assets register.
A fixed assets register is a list of all the fixed assets owned by a company. The company requires a fixed asset register in order to control and identify all the fixed assets, which it owns. The register should show: –
- The serial number allocated to the asset. (Ideally, each asset should have its own unique identity number). ii. Details of the type and specification of asset.
- Name of the supplier and date of purchase of the asset.
- Cost of the asset
- Rate of depreciation and total depreciation charged to date.
- Location Expenditure incurred by way of maintenance and repair charges on the asset.
viii. Current net book value of the asset.
Every year, the auditor should select some items from the fixed asset, register and physically check their existence and condition. This ensures that items shown in the balance sheet are still in existence and are in good condition and have not been scrapped without a record being made in the accounting records
The company should also require that individual assets are checked against the fixed asset register on a regular basis and that periodically the register is reconciled to the nominal ledger, as part of its internal control system.
(c) The existence of passwords in a micro- computer accounting system is aimed at achieving the following objectives:
n To restrict access to the computer program to authorised persons only;
To protect the data and programs against unauthorised amendment. Employees are granted
password rights that give them varying access rights. This ensures that amendments to data can only be made by those with the relevant access rights.
To confirm that these objectives are met the auditor should verify whether appropriate password controls are in place. He should also verify whether employees are given password rights that are appropriate for their duties and that there is appropriate segregation of duties in the rights awarded. The auditor should also inquire there have been any cases of data corruption or unauthorised amendements.
- Give a definition of an ―internal control system‖. (4 marks)
- Describe the internal control procedures you would recommend to the owner of a medium size wholesale business to facilitate prevention and detection of errors and
frauds. (16 marks)
(Total: 20 marks)
- According to ISA 400, ―Risk assessments and internal control‖, the internal controlsystem means all the policies and procedures adopted by the management of an entity, to assist in achieving managements‘ objective of ensuring, as far as practicable, the orderly and efficient conduct of its business, including adherence to management policies, the safeguarding of assets, the prevention and detection of error and fraud, the accuracy and completeness of accounting records and the timely preparation of reliable financial information.
NB: The internal control system extends beyond those matters, which relate directly to the functions of the accounting system and comprises:
- ―The control environment‖ which means the overall attitude, awareness and actions of directors and management regarding the internal control system and its importance to the entity.
- Control procedure: procedures established to achieve the entity‘s specific objectives such as the ones mentioned in (a) above.
- this question requires you to discuss the controls that the owner of a medium size wholesale business should put in place to facilitate the
detection and prevention of errors and frauds.
The controls should include the following:
- Organisational Plans/Chart
The business should have proper organisation plans. An organisation plan shows clearly the various departments within the business, their functions and the persons charged with ensuring that such functions are fulfilled. Fir example there should be a unit to carry out the purchase of stock and another to sell the stock and make the collections from customers.
The functions of every department are specified and the duties of every individual in the department are specified. Delegation of authority and limits of authority should be well and clearly defined. Such a plan boosts accountability within the organisation and reduce the incidence of fraud and error..
- Segregation of Duties
This refers to the separation of the various duties and responsibilities such that one person cannot process and record complete transactions from beginning to the end without being checked by another person. For example in the purchase of stock the duties of raising the purchase order, authorising the order, placing the order with the supplier, receiving the stock and recording the transaction in the ledger should be performed by independent persons. This will deter fraud and detect since the work of every person in checked by another person.
- Physical Controls
These are security measures concerned with the custody of assets by limiting access to authorised people only.
For example cash received at the business should be kept in saves awaiting banking. Within the business premises there should be CCTVc cameras. These measures will reduce the risk of misappropriation of assets.
- Authorisation and Approval
Transactions that commit organisation‘s resources should be subject to authorisation and approval by a responsible official. The limits for authorisation should also be specified in the organization plan. For example before paying suppliers a senior manager within the business should authorise the payments. This will deter fraud by checking that all payments being made are genuine.
- Arithmetical and Accounting Control.
These are controls within the accounting function, which check that transactions are authorised, correctly and accurately recorded. This is aimed at ensuring completeness and accuracy of the accounting records. For example before paying suppliers a reconciliation should be prepared between the suppliers statement and the ledger balance. This will assist in detecting any transactions that have not been recorded in the ledger or where the supplier is claiming payment for fraudulent supplies. A bank reconciliation statement should also be prepared as a check against any errors or fraudulent transactions going through the cash book.
The proper functioning of any system is dependent on the competence and integrity of those operating it. The business must therefore recruit competent staff that have integrity. Staff should be assigned responsibilities that match their capabilities. Staff should undergo proper training to ensure that the operations are carried out in the best way possible.
Day to day transactions and their recording should be subjected to supervision by competent responsible officials. This will increase the level of accountability and consequently reduce the possibility of fraud and errors.
- Management Controls
These controls are exercised by management outside the day to day routine of the system. They include:
- Review of management accounts.
- Comparison of actual performance with budgets.
Such reviews by the management of the business will assist in highlighting if there are any significant errors and frauds that manifest themselves in the financial records.
- Rotation of Duties
Duties should be rotated between personnel at the same level. Staff should be encouraged to take annual leave; this will provide an opportunity for their work to be checked by an independent person.
- Routine and Automatic Checks.
These are checks conducted on routine duties and operations to ensure that they are operating efficiently. Such checks are conducted on a surprise basis to minimise errors and frauds. These include controls such as surprise cash counts and physical inspection of stock at the shops. Such checks will deter staff from perpetrating any frauds
Inspection and monitoring of quality control by a firm of auditors involves both in-house and external procedures. The internal procedures include the post-audit review, sometimes known as a ―cold review‖. The external procedures are sometimes known as ―external practice inspections‖ or ―peer reviews‖.
- Write explanatory notes on the ―cold-review‖.(10 marks)
- Explain the advantages and disadvantages of the ―peer review‖. (10 marks)
(Total: 20 marks)
- Cold review is the review done by an audit review department. This team has the job of reviewing in detail the work performed by an audit group and ensuring that the audit has been conducted in accordance with the firm‘s standard.
It is done as a quality control procedure to ensure that every audit team has adhered to the firm‘s standards as a way of minimizing exposure to negligence claims regarding the work done by the audit firm.
- Peer review may be described as an independent review of a firm‘s accounting and auditing practices. It is intended that the review be done by practitioners upon fellow practitioners hence the team peer review.
The work of the review is limited to: –
- Professional aspects of the practice
- Overall total quality control policies.
- Professional aspects of the firm‘s accounting and auditing practices like maintenance of working papers work products such as financial statements.
Reasons for introducing peer review
- There is a desire on the part of professional bodies worldwide today to ensure that their members apply and observe professional standards.
- ICPAK deems it appropriate to ensure adherence to existing technical standards through this mechanism of monitoring compliance.
- It is better for professional bodies to be self regulating than to be government regulated.
Benefits/Advantages of peer review
- To promote compliance with professional standards and other technical
- To provide reasonable assurance to users of financial statements that professional standards have been complied with in the performance of audit and related services.
- To gain increased user confidence in the reliability of audited financial statements.
- To promote uniform application of generally accepted methods of professional practice.
- To establish a mechanism of continuous quality improvement in professional practice and self regulatory framework for policies and procedures.
- To enhance the status of the image of CPA‘s to the public through the assurance of compliance and quality in the performance of audit and related services.
- To help ensure that auditors are competent and to identify potential problems in these regards at an early stage for necessary collective action to be taken.
- To help identify weaknesses in the audit process and provide technical assistance for professional development.