10.1     Assurance and non-assurance engagements

  • Definition and objectives
  • Elements of an assurance engagement
  • Types of assurance engagements
  • Levels of assurance and reports
  • Non-assurance engagements

10.2 Nature and purpose of an audit

  • Nature and objectives
  • Audit as an assurance engagement
  • Development of audit (early audit and modern audit)
  • Types of audit and limitations

10.3 Audit Legal and Professional framework

  • Regulatory framework within which external audits take place
  • Statutory regulations; auditors’ liability, appointment, removal, remuneration, resignation, rights and duties of auditors
  • International standards on auditing and other regulations
  • Professional ethics/code of ethics for professional accountants
  • Fundamental principles, threats and safeguards, other professional guidelines on audit fees, conflict of interest, advertising and opinion shopping

10.4 Planning and risk assessment

  • Obtaining clients acceptance and retention
  • Understanding the entity and its environment
  • Audit planning, audit programmes and documentation
  • Assessing audit risks
  • Errors, fraud and other irregularities

10.5 Overview of forensic accounting

  • Nature, purpose and scope of forensic accounting
  • Types of forensic investigations: Corruption, asset misappropriation, financial statement fraud, others
  • Fraud prevention and deterrence

10.6    Internal control systems

  • Internal controls theory and practice
  • The use and evaluation of internal control systems by auditors
  • Tests of controls on specific control environment
  • Communication on internal control system (management letter)
  • Information technology threats and control

10.7    Audit evidence

  • Financial statement assertions and audit evidence
  • Audit evidence procedures/techniques
  • Audit sampling and other means of testing
  • The audit of specific items (income/expenses/assets/liabilities)
  • Using the work of others (internal audit and experts)
  • Computer assisted audit techniques

10.8    Overall audit review

  • Subsequent events review
  • Going concern review
  • Contingencies and commitments
  • Management representations
  • Quality control and reviews
  • Audit investigations

10.9    Audit reports

  • Legal provisions on audit reports
  • Basic elements and key audit matters
  • Types of audit reports and different aspect of reporting
  • Features of audit reports

10.10 Auditing in the Public Sector

  • Introduction to auditing in the Public Sector; regulatory provisions
  • Establishment, mandate and functions of public sector auditors; Kenya National Audit Office (KENAO) and similar national audit bodies
  • Role of internal audit function in public entities
  • Relationship between external and internal auditors in the public sector
  • International Standards on Supreme Auditing Institutions

10.11     Emerging issues and trends





TOPIC                                                                                                                 PAGE


  1. Assurance and non-assurance engagements………………..5
  2.  Nature and purpose of an audit…………………………………12
  3.  Legal framework and regulation…………………………….….31
  4.  Planning and risk assessment……………………………………66
  5.  Overview of forensic accounting……………………………….113
  6.  Internal control systems…………………………………………..125
  7.  Audit evidence………………………………………………………….139
  8.  Overall audit review………………………………………………….193
  9.  Audit reports……………………………………………………………211
  10.  Auditing in the Public Sector……………………………………..224





Revised on: November 2019



TO GET THESE NOTES, CALL|TEXT|WHATSAPP +254728 – 776 – 317 or Email







The term assurance refers to the expression of a conclusion that is intended to increase the confidence that users can place in a given subject matter or information. For example, an auditor’s report is a conclusion that increases the confidence that users can place in a company’s financial statements.

Audit engagement refers to audit performed by an auditor. It is the very first stage of an audit procedure where the client is notified by the auditor that the work pertaining to audit has been accepted by him/her and also provides clarifications with regard to the scope and purpose of audit. To be more specific, audit engagement can be referred to the written letter that the auditor uses to notify the client that he/she would be engaging in auditing services. Thus, the audit engagement procedure is basically a negotiation based on professional terms that takes place between prospective customer and a public accounting entity. This procedure is used for finding new customers and offer accounting related services to different businesses.

The auditor uses the term ‘audit engagement’ when the entity has to undergo the auditing procedure. This could imply varied things and therefore it is necessary that the auditor clarifies what she/he exactly means by the term. Irrespective of the definition followed by the auditor, he/she makes it a point to follow certain specific guidelines and procedure for offering the services.








Definition of an Audit:

An audit is the independent examination of an expression of an opinion on the financial statements of an economic entity by appointed auditor in pursuance of that appointment and in compliance with any relevant statutory obligation

The objective of an audit is to enable the auditor express an opinion whether financial statements show a true and fair view of the company state of affairs in accordance with an identified financial reporting framework.

The purpose of an audit is not to provide additional information but rather it is intended to provide the users of the accounts with assurance that the information provided to then by directors is reliable. However, the users should not assume the auditor’s opinion is one to efficiency with which management has conducted the affairs of the entity.

Financial statement: According to the Companies Act, the company accounts refers to the balance sheet and the profit and loss account but due to development in business practice and shareholders information needs, these are inadequate as to the information regarding financial position and performance of the company. Since most balance sheets and profit and loss accounts are summarized statements amplified by notes to the statements, the business community and the accountancy profession require that a cash flow statement as well as a statement of changes in equity be prepared. The terms company accounts and financial statements have the same meaning.

Financial Reporting framework: According to International Auditing Standards (ISA 200, the framework of international standards of auditing), financial statements are usually prepared and presented annually and are directed at common informational needs of a wide range of users.

Many of the users rely on the financial statements as their major source of additional information to meet their specific information needs. Therefore financial statements need to be prepared in accordance with one or combination of:

  • International Financial Reporting Standards (IFRS)or IASs
  • National accounting standards
  • Any other authoritative and comprehensive financial reporting framework designed for use in financial reporting and is identified in the financial statements. In Kenya the financial reporting framework adopted is as prescribed by IFRS.







Auditor’s liability

Auditors are potentially liable for both criminal and civil offences. The former occur when individuals or organizations breach a government imposed law; in other words criminal law governs relationships between entities and the state. Civil law, in contrast, deals with disputes between individuals and/or organizations.

Civil liability

Companies Act Section 206 of the provides that officers of the company and for these purposes auditors are considered as officers may be liable for financial damages in respect of the civil offences of misfeasance and breach of trust. This section which is only relevant to winding up refers to a situation where officers have misused their position of authority for the purposes of – personal gain e.g. if the auditor uses information acquired in course of an engagement for his financial gain or for benefit of another party.

Criminal liability

Companies Act Section 46 of the states that an auditor shall be criminally liable if he ‘willfully makes a materially false statement in any report, certificate, financial statement with an intention to deceive or mislead etc. Willfully implies fraudulently and can be difficult to prove. Whereby, it is held that where an officer of a body corporate with intent to deceive members or creditors, publishes or concurs in publishing a written statement of account which to his knowledge is or may be misleading, false or deceptive in a material particular he shall on conviction be liable to imprisonment for a term not exceeding 7 years.

Auditors may uncover criminal offences committed by a client or an employee of the client. This puts them in a difficult position, but the auditor should act carefully and correctly and if-necessary„ take legal advice. The auditor must not commit a criminal offence himself. It is felt that he would have committed a criminal offence if:

  1. He advises his client to commit a criminal offence;
  2. Aids the client in devising or examining a crime;
  3. If he agrees with a client to conceal or destroy evidence or mislead the police with ‘false statements;
  4. If he knows that his client has committed an arrest able offence and tries to impede his arrest and prosecution. Impede does not include refusing to answer questions or refusing to produce documents without the client’s consent;
  5. If he knows that his client has committed an offence. and agreed to accept consideration to withhold information;
  6. If he knows that the client has committed treason and fails to report the offence to the proper authority.








In the current business environment, it not only makes good business sense to consider client due diligence, but certain client acceptance and continuance procedures are required by the auditing and assurance standards.

ISA 210 Agreeing the terms of the audit engagement establishes the preconditions for accepting an audit, which are:

  • An acceptable financial reporting framework has been used in the preparation of the financial statements
  • Those charged with governance agree that they acknowledge and understand their responsibilities.

If the preconditions for an audit are not present, the auditor must discuss the matter with those charged with governance. Unless required by law or regulation to do so, the auditor must not accept the engagement.

ISA 220 Quality control for an audit of financial statements deals with those aspects of engagement acceptance that are within the control of the auditor. The engagement partner must be satisfied that appropriate procedures regarding the acceptance and continuance of client relationships and audit engagements have been followed, and must determine that conclusions reached in this regard are appropriate.

Information such as the following assists the engagement partner in determining whether the conclusions reached regarding the acceptance and continuance of audit engagements is appropriate:

  • the integrity of the principal owners, key management and those charged with governance of the entity
  • whether the engagement team is competent to perform the audit engagement and has the necessary capabilities, including time and resources
  • whether the firm and the engagement team can comply with relevant ethical requirements
  • Significant matters that have arisen during the current or previous audit engagement and their implications for continuing the relationship.








Forensic accounting is the use of accounting skills to investigate fraud or embezzlement and to analyze financial information for use in legal proceedings

Forensic accounting in its present state can be broadly classified into two categories encompassing litigation support and investigative accounting.

  1. Litigation support – is the provision of assistance of an accounting nature in a matter involving existing or pending litigation. It is primarily focused on issues relating to the quantification of economic damages, which means a typical litigation support assignment would involve calculating the economic loss or damage resulting from a breach of contract. However, it also extends to other areas involving valuations, tracing assets, revenue recovery, accounting reconstruction and financial analysis. Litigation support also works closely with lawyers in matters involving, but not limited to, contract disputes, insolvency litigation, insurance claims, royalty audits, shareholders disputes and intellectual property claims
  2. Investigative accounting – in contrast, investigative accounting is concerned with investigations of a criminal nature. A typical investigative accounting assignment could be one involving employee fraud, securities fraud, insurance fraud, kickbacks and advance fee frauds. No doubt in many assignments, both litigation support and investigative accounting services are required.

Nature of forensic accounting

Forensic accounting is the specialty area of the accountancy profession which describes engagements that result from actual or anticipated disputes or litigation. „Forensic” means suitable for use in a court of law” and it is to that standard and potential outcome that forensic accountants generally have to work. It is often said „Accountants look at the numbers but Forensic accountants look behind the numbers. Forensic accountants are trained to look beyond the numbers and deal with the business realities of the situation. Analysis, interpretation, summarization and presentation of complex financial and business related issues are prominent features of the profession Bhasin 2007.







When carrying out the audit, the auditor first needs to carry out an evaluation of the internal control systems and evaluate its operating effectiveness and its efficiency. This will help the auditor to ascertain the degree of reliance he or she is going to place on the controls and hence the level of the level of tests the needs to be carried on the final balances. To ascertain the effectiveness of these controls, the auditor carries out tests of control. The tests of control will also help the auditor have a better understanding of the entity. Internal control is covered by the International Standard on Auditing (ISA) 315 on Understanding the entity and its environment and assessing the risk of material misstatement.

Internal audit is normally set up by the management to help in the risk assessment process and to ensure the company adheres to good corporate governance. This function can either be carried out in-house whereby the employees of the company employed as the internal auditors or it can be outsourced. Internal auditing is covered by the International Standard of Auditing (ISA) 610 on considering the work of internal auditing.

ISA 400 defines an accounting system as the series of tasks and procedures by which transaction are procedures as a means of maintaining proper financial records. The accounting system identifies, assembles, analyses, defines, records and summarizes transactions of an entity the mgt requires complete and accurate accounting and other records to assist in executing their responsibilities which are:

  • Safeguarding the company assets and preventing fraud and error
  • Selecting suitable accounting policies and applying them consistently
  • Ensuring that the company keeps proper accounting records as per the Companies Act.
  • Delivering to the government agency, court or stock exchange a copy of the company’s auditor financial statements within the specified period after year-end.
  • Stating whether applicable accounting standards have been followed subject to any material departure disclosed and explained in the financial statements.
  • Prepare the financial statements on a going concern basis unless it is appropriate to presume that the company will continue operations.
  • Setting up an internal control system to enable all the above responsibilities to be carried out as required.

ISA 400 defines internal control system as all the policies and procedures adopted by management to in achieving objectives as far as practicable. The objectives of an internal control system are: –

  • Orderly and efficient conduct of business.
  • Adherence to management policies.
  • Safeguarding of company assets







Financial Statement Assertions are the implicit or explicit claims and representations made by the management responsible for the preparation of financial statements regarding the appropriateness of the various elements of financial statements and disclosures.

Financial Statement Assertions are also known as Management Assertions and Audit Assertions.

In preparing financial statements, management is making implicit or explicit claims (i.e. assertions) regarding the recognition, measurement and presentation of assets, liabilities, equity, income, expenses and disclosures in accordance with the applicable financial reporting framework (e.g. IFRS).

For example, if a balance sheet of an entity shows buildings with carrying amount of sh.10 million, the auditor shall assume that the management has claimed that:

  • The buildings recognized in the balance sheet exist at the period end;
  • The entity owns or controls those buildings;
  • The buildings are valued accurately in accordance with the measurement basis;
  • All buildings owned and controlled by the entity are included within the carrying amount of sh.10 million.

Types & Examples

Assertions may be classified into the following types:






Subsequent events are transactions occurring after the balance sheet date, but before the financial statements are either issued or available to be issued.

Auditors must take steps to ensure that any such events are properly reflected in the financial statements.

To identify any such events, a subsequent events review is carried out.

There are two types of subsequent events:

  1. Adjusting event

 Event after the reporting period that provides further evidence of conditions that existed at the end of the reporting period, including events that indicates that the going concern assumption in relation to the whole or part of the enterprise is not

 2. Non-adjusting event

 Events after the reporting period that are indicative of a condition that arose after the end of the reporting period.

Example 1

You are the trainee accountant of Gabriella Enterprises Co and are preparing the financial statements for the year-ended 30 September 2012. The financial statements are expected to be approved in the Annual General Meeting, which is to be held on Monday 29 November 2010. Today’s date is 22 November 2010. You have been made aware of the following matters:

  1. On 14 October 2010, a material fraud was discovered by the bookkeeper. The payables ledger assistant had been diverting funds into a fictitious supplier bank account, set up by the employee, which had been occurring for the past six months. The employee was immediately dismissed, legal proceedings against the employee have been initiated and the employee’s final wages have been withheld as part-reimbursement back to the company.
  2. On 20 September 2010, a customer initiated legal proceedings against the company in relation to a breach of contract. On 29 September 2010, the company’s legal advisers informed the directors that it was unlikely the company would be found liable; therefore no provision has been made in the financial statements, but disclosure as a contingent liability has been made. On 29 October 2010, the court found the company liable on a technicality and is now required to pay damages amounting to a material sum.
  3. On 19 November 2010, a customer ceased trading due to financial difficulties owing $2,500. As the financial statements are needed for the board meeting on 22 November 2010, you have decided that because the amount is immaterial, no adjustment is.






Companies Act stipulates the statements that should be expressly stated in the auditor’s report. These are;

  1. Whether they have obtained all the information and explanations which to the best of their knowledge and belief were necessary for the purposes of their audit.
  2. Whether in their opinion, proper books of account have been kept by the company, so far as appears from their examination of those books, and proper returns adequate for the purposes of their audit have been received from branches not visited by them.
  3. either the company’s balance sheet and (unless it is framed as a consolidated profit and loss account) profit and loss account dealt with by the report are in agreement with the books of account and returns.
  • Whether, in their opinion and to the best of their information and according to the explanations given to them, the said accounts give the information required by this Act in the manner so required and give a true and fair view—in the case of the balance sheet, of the state of the company’s affairs as at the end of its financial year; and
  • in the case of the profit and loss account, of the profit or loss for its financial year; or, as the case may be, give a true and fair view thereof subject to the non-disclosure of any matters (to be indicated in the report) which by virtue of Part III of the Sixth Schedule are not required to be disclosed.
  1. In the case of a company which is a holding company and which submits group accounts whether, in their opinion, the group accounts have been properly prepared in accordance with the provisions of this Act so as to give a true and fair view of the state of affairs and profit or loss of the company and its subsidiaries dealt with thereby, so far as concerns members of the company, or, as the case may be, so as to give a true and fair view thereof subject to the non-disclosure of any matters (to be indicated in the report) which by virtue of Part III of the Sixth Schedule are not required to be disclosed.

When financial statements are finalised, they usually must contain an evaluation – an auditor’s report – from a licensed accountant or auditor. This report provides an overview of the evaluation of the validity and reliability of a company or organization’s financial statements.

The goal of an auditor’s report is to document reasonable assurance that a company’s financial statements are free from error.






Objectives of public-sector auditing

  1. The public-sector audit environment is that in which governments and other public-sector entities exercise responsibility for the use of resources derived from taxation and other sources in the delivery of services to citizens and other recipients. These entities are accountable for their management and performance, and for the use of resources, both to those that provide the resources and to those, who depend on the services delivered using those resources, for example citizens, Public-sector auditing helps to create suitable conditions and reinforce the expectation that public-sector entities and public servants will perform their functions effectively, efficiently, ethically and in accordance with the applicable laws and regulations.
  2. In general public-sector auditing can be described as a systematic process of objectively obtaining and evaluating evidence to determine whether information or actual conditions conform to established criteria. Public-sector auditing is essential in that it provides legislative and oversight bodies, those charged with governance and the general public with information and. independent and objective assessments concerning the stewardship and performance of government policies, programs or operations.
  3. Supreme Audit Institutions serve this aim as important pillars of their national democratic systems and governance mechanisms and play an important role in enhancing public-sector administration by emphasizing the principles of transparency, accountability, governance and performance.

Public-sector auditing contributes to good governance by:

  1. Providing the intended users with independent, objective and reliable information, conclusions or opinions based on sufficient and appropriate evidence relating to public entities;
  2. Enhancing accountability and transparency, encouraging continuous improvement and sustained confidence in the appropriate use of public funds and assets and the performance of public administration;
  3. Reinforcing the effectiveness of those bodies within the constitutional arrangement that exercise general monitoring and corrective functions over government, and those responsible for the management of publicly-funded activities;


TO GET THESE NOTES, CALL|TEXT|WHATSAPP +254728 – 776 – 317 or Email

(Visited 3,120 times, 1 visits today)
Share this:

Written by 

Leave a Reply

Your email address will not be published. Required fields are marked *