TUESDAY: 22 August 2023. Morning Paper. Time Allowed: 3 hours.

Answer ALL questions. Marks allocated to each question are shown at the end of the question. Do NOT write anything on this paper.



Dunken Doyles Com (DDC) is a telecommunications company based in Kenya that has established itself as a leader in the industry. Founded in 1995, DDC has undergone tremendous transformation from one hundred employees to the current over two thousand . As of December 2022, the company had a total customer base of over 40 million subscribers, which included both mobile and fixed-line customers. The company has consistently recorded significant revenue growth over the years. In the financial year 2021-2022, the company reported a total revenue of approximately Sh.192 billion, representing an increase of 10 % compared to the previous year.

The company has maintained a strong financial position, demonstrating consistent profitability. In the financial year 2021-2022, the company reported a net profit of approximately Sh. 54.7 billion, marking a 58% increase compared to the previous year. The company offers a diverse range of telecommunications services to its customers. Its mobile services encompass voice calls, SMS messaging, mobile internet, and mobile data. With the largest mobile network in Kenya, the company provides extensive coverage across the country, ensuring reliable and accessible connectivity for its users. In addition to mobile services, DDC also offers fixed-line services such as broadband internet, corporate connectivity solutions, and fiber optic infrastructure.

To sustain this exponential growth, the CEO, John Kolt has emphasised the importance of compliance with good corporate governance practices as well as legal and regulatory compliance. The company had previously established some governance and compliance practices, but there were concerns regarding their effectiveness and potential gaps in the existing framework. John Kolt contracted BGM auditors to conduct a governance and compliance audit and give recommendations for improvement. This assurance engagement was intended to further boost the confidence of shareholders in the company.

The objectives of the audit were to assess the effectiveness of governance and compliance practices, identify areas of non-compliance and recommend improvements. The scope of the audit encompassed all departments, processes, and systems within DDC that were relevant to governance and compliance. To ensure a structured and systematic approach, BGM formulated a detailed audit plan. The plan outlined the activities, timelines, and allocation of resources required for the audit. It also involved engaging with key stakeholders, including department heads, legal counsels, and compliance
officers, to gather insights and ensure their cooperation throughout the audit process. While briefing his team, Mark West, the lead auditor, emphasised the importance of documentation in the entire audit process.

To collect data, BMG commenced the audit by conducting interviews with key personnel across various departments. This is after meticulous audit sampling by the team. These interviews provided valuable insights into existing practices, potential challenges, and areas requiring improvement. To triangulate the findings, the audit team reviewed documentation, policies, and procedures to evaluate their alignment with relevant laws, regulations, and industry standards. Internal controls and risk management processes were assessed to determine their effectiveness in mitigating compliance risks.

The audit revealed that governance and compliance structures were strong at DDC but a few weaknesses were also identified within DDC’s governance and compliance framework. The audit revealed inconsistencies in policy implementation, inadequate training programmes, and insufficient monitoring mechanisms. Non-compliance with certain regulations was also identified. A number of legal risks were also identified and based on these findings, the audit team developed a set of recommendations aimed at improving governance and compliance practices.

DDC understood the importance of addressing the identified issues promptly. A comprehensive action plan was formulated to address the weaknesses and deficiencies highlighted in the audit. The plan included specific actions, assigned responsibilities, and defined timelines for implementation. The company also allocated additional resources to support the implementation of corrective measures.
To ensure the sustainability of the improvements made, DDC implemented periodic reviews to assess the effectiveness of the corrective actions. These reviews aimed to evaluate whether the recommended changes were successfully implemented and if they addressed the identified weaknesses. BMG auditors also advised DDC to ensure that monitoring of governance and compliance practices becomes an integral part of the company’s culture.


1. Explain FIVE risks that BMG auditors may have identified while conducting the governance and compliance audit at DDC. (10 marks)

2. While briefing his team, Mark West, the lead auditor, emphasised the importance of documentation in the audit process.

Assess FIVE factors to consider during audit documentation. (10 marks)

3. Discuss FIVE merits of the method used to collect data from key personnel across various departments at DDC. (10 marks)

4. Analyse FIVE elements of the governance and compliance audit engagement that was intended to further boost the confidence of shareholders at DDC. (10 marks)

(Total: 40 marks)



1. Rob Pili is conducting a computerised governance audit for a client.

Identify SEVEN challenges he is likely to encounter during this exercise. (7 marks)

2. Walter Tight is a highly regarded auditor due to his professional skepticism.

Describe FOUR attributes of professional skepticism. (8 marks)

(Total: 15 marks)



1. The purpose of the governance audit is to ensure that the organisation conforms to the highest standards of good governance.

Analyse FOUR parameters covered in this audit. (4 marks)

2. Discuss FIVE factors that a client could consider before awarding a governance and compliance contract to a prospective firm. (5 marks)

3. Assess SIX elements that could be addressed by a governance audit consultancy firm`s system of quality control. (6 marks)

(Total: 15 marks)



1. XYZ Governance Auditors has just submitted a report to Jiji Sellers after conducting a governance audit.

Identify SEVEN the users of this report. (7 marks)

2. Evaluate FOUR roles of the board in the implementation of governance audit recommendations. (8 marks)

(Total: 15 marks)



1. Explain FIVE elements of subsequent events in post-governance and compliance audit activities. (5 marks)

2. Juma has been appointed as a peer reviewer in a governance audit assignment.

Identify FIVE of his responsibilities. (5 marks)

3.Summarise FIVE factors considered by judges during governance awards such as Champions of Governance (COG) under the board composition and structure parameters. (5 marks)

(Total: 15 marks)

(Visited 50 times, 1 visits today)
Share this:

Written by