AA - Audit & Assurance Flashcards
What is sampling risk?
is the risk that the auditor’s conclusion based on a sample may be different from the conclusion that would be reached if the entire population were subjected to the same audit procedure
What two types of risk make up detection risk?
Sampling risk and non-sampling risk.
What two risks contribute to the risk of material misstatement in the financial statements?
Inherent risk and control risk
contribute to the risk of…
What are the three components of audit risk?
Inherent risk
control risk
detection risk
When the audit firm changes, the proposed new auditor should contact the retiring auditor. If the client refuses permission for communication to take place, what should the proposed new auditor do?
Decline the appointment
What are the suggested limits for the percentage of total fees coming from any one client?
15% for ordinary; 10% for special interest.
What is a familiarity threat?
Due to a close relationship, members of the assurance firm become too sympathetic to the interests of members of the client firm, so that objectivity and scepticism are lost
ACCA suggest that lead audit partners should be rotated no less frequently than how many years?
ACCA suggest that the lead partner should be changed at least every 5 years.
What six threats can relate to objectivity, integrity and independence?
(IF SSAM)
Intimidation
Familiarity
Self-interest
Self-review
Advocacy
Management
In relation to corporate governance, what is meant by the ‘agency problem’?
There can be a problem if directors to not run the company in the best interests of the shareholders (e.g. excessive remuneration is arranged for the directors) (Shareholders own the company and are its principles. Directors run the company and are the agents of the shareholders)
Define corporate governance
The system by which companies are directed and controlled
Define an audit
An audit is the independent examination of, and expression of opinion on, the financial statements of an entity.
(LEARR) - Leadership
The UK Corporate Governance Code states that there should be a clear division … between the running of the board and the executive responsibility for the running of the company’s business. To comply with this, what roles should be split?
The roles of Chief Executive Officer and Chairman should be split.
What sub-committee of the board of directors is responsible for finding new directors?
The nomination committee
What sub-committee of the board of directors is responsible for determining directors’ pay?
The remuneration committee
(LEARR) - Effectiveness
How many non-executive directors should be on a board of directors to comply with the UK Corporate Governance Code?
NEDS 50% >= board;
2 or more in small companies
What is a NED?
A NED is a non-executive director
In relation to corporate governance, what does comply or explain mean?
Listed companies are expected to comply with the corporate governance code or, if they don’t, explain why not.
What are the five main principles of the UK Corporate Governance Code?
(LEARR)
Leadership
Effectiveness
Accountability
Remuneration
Relations with shareholders
What is a statement of circumstances?
A statement that auditors are required to make upon resignation or removal as auditors. It will state whether there are any untoward reasons for their removal or resignation – such as non-cooperation by the directors.
Who sets the International Standards on Auditing?
The International Standards on Auditing are set by International Auditing and Assurance Standards Board (IAASB) – part of the International Federation of Accountants (IFAC)
What are RQBs and RSBs?
To be an auditor, the person must: Pass an approved set of professional examinations, set by a Recognised Qualifying Body (RQB) eg the ACCA Become a member (and stay a member!) of a Recognised Supervisory Body (RSB) eg the ACCA
What are the five elements of an assurance engagement?
(3WESS)
3 party relationship
Written assurance report
Evidence (sufficient, appropriate evidence to support the conclusion)
Subject matter
Suitable criteria
What are the five fundamental principles of the ACCA’s ethical code?
(ICOPP)
Integrity
Confidentiality
Objectivity
Professional competence and due care
Professional behaviour
What are the two categories of substantive test?
- Analytical procedures 2. tests of detail
These are the 2 categories of…
Why is it important that audits are properly documented? (Four reasons)
To show that the audit work has been done properly
To enable senior staff to review the work of junior staff
To help the audit team in future years
To encourage a methodical, high-quality approach.
What range of percentages are often taken as guidance for materiality?
Value %
Revenue & Gross profit ½-1
Total assests 1-2
Profit (before & after tax) 5-10
Analytical procedures are used at three stages of an audit. What are these?
Planning/risk assessment stage; substantive testing stage (sourcing of audit evidence); final review stage.
What is meant by ‘audit risk’
The risk that an inappropriate audit opinion is given when the financial statements are materially misstated
An auditor gives weekly advice to a client on a wide range of matters (financial and non-financial). What sort of threat can this give rise to?
A management threat.
(Management threat = the auditor performs managerial functions for the client)
What sort of ethical threat arises from the auditor being a close friend of the financial director of the company being audited?
A familiarity threat
What sort of ethical threat arises from the auditor owning shares in the company audited?
A self-interest threat because the auditor wants the share price to rise.
What sort of ethical threat arises from the auditor auditing financial statements that the auditor also prepared?
A self-review threat.
What sort of ethical threat can arise from overdue fees?
A self-interest threat because the auditor is anxious to be paid.
What are the three elements of the ACCA’s ethical framework?
Fundamental ethical principles
Threats to the principals
Safeguards against threats to the principals
In a listed company, to whom should internal audit report?
The audit committee.
Is the following true or false? Under the UK government code listed companies are required to have an internal audit department
False. Internal audit is not mandatory. Though it is encouraged and the need for it must be constantly reviewed
What is an emphasis of matter paragraph?
The paragraph that can be inserted in an audit report to draw users’ attention to a note in the financial statements
Describe what is meant by ‘fair’ in ‘true and fair’
The information is free from discrimination and bias and is in compliance with expected standards and rules.
It reflects the commercial substance of the transactions.
Describe what is meant by ‘true’ in ‘true and fair’
The information is factual and conforms with reality.
What are the words missing from the following extract from the audit report? Auditor’s Responsibility ….we … plan and perform the audit to obtain XXXXXXXXXXXX whether the financial statements are free from XXXXXXXXX.
Auditor’s Responsibility … we … plan and perform the audit to obtain reasonable assurance whether the financial statements are free from material misstatement.
In what circumstances would auditors refer to the directors’ report in their audit report?
If it contained anything that was at odds or contradictory with the financial statements.
Of what do financial statements consist?
* Statement of financial position
* Income statement
* Statement of changes in equity
* Cash flow statement
* Notes
* Any other material identified as being part of the financial statements
In what two circumstances might management representations provide the only source of audit evidence?
- Where knowledge is confined to management 2. Reliance on the judgement of the directors
What sort of audit report should be issued if going concern doubts are fully disclosed in the financial statements.
Unmodified (the financial statements are as right as they can be).
However, the audit report should contain a ‘Material Uncertainty Relating to Going Concern’ section drawing users’ attention to the note relating to going concern.
For how long after the date of the statement of financial position should going concern be assessed?
12 months
Define a non-adjusting event.
An event after the reporting period that is indicative of a condition that arose after the end of the reporting period
Define an adjusting event
An event after the reporting period that provides evidence of conditions that existed at the end of the reporting period
(e.g. an event that indicates that the going concern assumption is not appropriate.)
What is the correct treatment of a contingent asset where the inflow of economic benefits is not probable?
No disclosure; no provision.
What is the correct accounting treatment of a contingent liability where the outflow of resources is probably not required?
Disclose but do not make a provision.
Define a contingent liability
a possible liability
(arising from past events…. existence confirmed by future events)
Is cut-off correct if an item is included in closing inventory, a sales despatch note has not been issued and no sales invoice has been issued.
This is correct and is the normal position for closing inventory.
Is cut-off correct if an item is not included in closing inventory, no goods received note has yet been issued, but a supplier invoice has been received and processed?
Cut-off is incorrect. If the item is not in inventory because it has not been received, it should not be in purchases and payables
Is cut-off correct if an item is included in closing inventory, if a goods received note has been issued, but no supplier invoice has been received or accrued for?
Cut-off is incorrect. If an item is included in closing inventory it needs to be accounted for in purchases. Therefore debit purchases and credit either payables or purchases reserve.
What are the two types of receivables circularisation?
Positive: where everyone should reply whether or not the balance is in agreement. Negative: where only those disagreeing with the balance should reply.
What are the audit assertions relating to presentation and disclosure?
The audit assertions relating to presentation and disclosure are: * Occurrence * Rights and obligations * Completeness * Classification and understandability * Accuracy * Valuation
What are the audit assertions relating to year end balances?
The audit assertions relating to year end balances are: * Existence * Rights and obligations * Completeness * Valuation * Allocation
What audit assertions relate to transactions?
The audit assertions relating to transactions are: * Occurrence * Completeness * Accuracy * Cut off * Classification
ISA 315 categorises audit assertions into three groupings. What are those groupings?
ISA 315, Audit evidence divides assertions into * Transactions and events * Account balances * Presentation and disclosure
To whom should the auditor report (a) significant control deficiencies and (b) other weaknesses?
(a) Significant deficiencies should be communicated to those charged with governance. Defined as: when a control is designed, implemented, or operated… is unable to prevent or detect misstatements on a timely basis, or such a control is missing (b) Other weaknesses should be communicated to management
What are the general methods for testing controls?
Enquiries, including management views, as to whether controls are operating Inspection eg of signatures on documents Observation eg watching goods received being counted Re-calculation and re-performance eg reperforming a bank reconciliation to ensure that it was properly carried out.
In an accounting system, all credit notes issues are authorised by the chief accountant. Is this an example of a control objective, a control procedure or a control test?
This is an example of a control procedure. The control objective is that credit notes are issued only for legitimate reasons; the test of control would be inspecting the credit notes for the manager’s signature.
In an ICQ does the answer ‘Yes’ imply that a control is present or absent?
In an ICQ the answer ‘Yes’ implies that a control is present. For example “Is all overtime authorised by a manager?” Answer = ‘Yes’ means overtime payments are controlled.
In an ICEQ does the answer ‘No’ imply that a control is present or absent?
In an ICEQ the answer ‘No’ implies that a control is present. For example “Can unauthorised overtime be paid?” Answer = ‘No’ means overtime payments are controlled.
What are the three methods that can be used to record and document accounting systems?
* Narrative notes, * Flowcharts, * Questionnaires (ICQs and ICEQs).
Auditors routinely report internal control matters to management in a management letter. What are the normal three headings (or columns) in such letters?
The nature of the weakness, the possible consequence of the weakness, how to fix the weakness.
What are the five inherent limitations to internal control?
* Human error * Collusion * Bypass of controls * Costs of control > benefits * Non-routine transactions for which no system has been developed.
In a computer system, what is meant by the term ‘standing data’?
Standing data (also known as reference data) does not change often. For example, wage rates or customer addresses. However, this data is often accessed and used, so an error in standing data can cause many other errors.
What are the two general classes of control found in computer systems?
General controls – development, prevention of unauthorised changes etc., backup. Can be classified as development and administrative controls. Application controls – initiation, recording, processing and recording transactions.
What are the five components of internal control?
* The control environment * Risk assessment process * Control activities * Information system * Monitoring controls
Under what conditions would substantive tests be carried out instead of tests of control?
- controls did not exist or were not operating effectively
- there were relatively few transactions so that substantive tests were more efficient
What aspects of a third party expert’s audit work should an auditor examine?
The auditor must examine the expert’s work with respect to: consistency with other evidence, assumptions made, use and accuracy of source data.
What qualities should the auditor look for in third parties who are carrying out some audit work?
The third parties should be: qualified, experienced, independent and professional
What matters should the auditor agree with third parties who are carrying out some audit work?
The auditor should agree the following in writing: * Nature, scope and objectives of work * Respective responsibilities * Nature, scope and timing of communications * That the expert observes confidentiality
What aspects of a client’s undertaking is computer test data used to test?
The operation of the client’s computer programs.
What aspects of a client’s undertaking do computer audit programs examine?
Computer audit programmes examine client data.
What affects non-sampling risk?
This risk is affected by the experience and ability of the auditor, supervision and planning.
(Non-sampling risk does not depend on sample size)
List six types of sampling:
* Random selection, * Systematic selection, * Haphazard selection, * Sequence/block selection, * Monetary unit sampling, * Stratified sampling.
What are the sources or procedures for obtaining of audit evidence?
Analytical procedures, enquiry, confirmation, inspection, observation, recalculation and reperformance
ISA500 states that auditors must obtain xxxxxxxxxxxxx xxxxxxxxxxxxx audit evidence to be able to draw reasonable conclusions on which to base an audit opinion. What words are represented by xxxxxxxxxxxxx xxxxxxxxxxxxx ?
Sufficient appropriate
What are the audit assertions as represented by ‘ACCA COVER’?
Accuracy Completeness Cut off Allocation Classification and understandability Occurrence Valuation Existence Rights & obligations (ownership)
What are the two types of audit file?
Current audit file (detail’s this year’s work) and permanent audit file (holds more permanent information such as organisation charts, letters of engagement etc).
What are auditors’ duties with respect to fraud?
Managers, not auditors, are responsible for the prevention or detection of fraud. However, auditors should be aware of material misstatement due to fraud. Once discovered, fraud should be reported to appropriate management.
What is performance materiality?
Materiality relates to financial statements as a whole. Additionally, a lesser amount is set when designing audit procedures to reduce the risk that misstatements in aggregate exceed FS materiality. This is performance materiality.
Define ‘materiality’
A matter is material if it omission or misstatement would reasonably influence the economic decisions users.
What are the six objectives of audit planning?
(A CHIEF)
Attention to important areas
Coordinate with other parties
Help with the proper staffing and work assignment
Ensur work is completed expeditiously
Identify potential problems
Facilitate review
A common element of analytical procedures is ratio analysis. Name three sources of comparison for any ratios calculated.
Previous years’ ratios
Budget ratios
Industry standard ratios
What is a three party relationship?
The relationship involving;
(RIP)
responsible party (e.g. directors)
intended users (stakeholders)
practitioner
Define ‘Substantive’
Having a firm basis in reality and so important, meaningful, or considerable (e.g. there is no substantive evidence)
Define Scope
the extent of the area or subject matter that something deals with or to which it is relevant “we widened the scope of our investigation”
What 2 ways can an auditor express an unmodified opinion in the ‘opinion’ paragraph on the auditor’s report?
- The financial statements are prepared, in all material respects, in accordance with [the applicable financial reporting framework] 2. The financial statements give a true and fair view, in accordance with [the applicable financial reporting framework]
Pervasiveness is a term used to describe the effects or possible effects on the financial statements of misstatements or undetected misstatements (due to an inability to obtain sufficient appropriate audit evidence) What are the three types of pervasive effect?
– Those that are not confined to specific elements, accounts or items in the financial statements – Those that are confined to specific elements, accounts or items in the financial statements and represent or could represent a substantial portion of the financial statements – Those that relate to disclosures which are fundamental to users’ understanding of the financial statements
What is a provision?
a liability of uncertain timing or amount
When should contingent assets & liabilities be recongnised?
These should never be recognised.
(However, if it becomes probable that an outflow of future economic benefits will be required for a previous contingent liability, a provision should be recognised.
A contingent asset should not be accounted for unless its realisation is virtually certain; if an inflow of economic benefits has become probable, the asset should be disclosed)
Give examples of ‘Subject Matter’
- Financial performance
- Non-financial performance, for example the key indicators of efficiency and effectiveness.
- Physical characteristics, for example, the capacity of a facility.
- Systems and processes, for example, an entity’s internal control or IT system.
- Behaviour, for example, corporate governance, compliance with regulation.
Define ‘Suitable Criteria’
benchmarks used to evaluate or measure the subject matter.
e.g.
- When reporting on financial statements, The International Financial Reporting Standards.
- When reporting on internal control, the criteria may be an established internal control framework.
- When reporting on compliance, the criteria may be the applicable law, regulation or contract.
What are the characteristics of ‘Suitable Criteria’?
- Relevance
- Completness
- Reliability
- Neutrality
- Understandability
What are the 2 forms of assurance engagement?
Reasonable Assurance Engagement (Possitive Assurance)
Limited Assurance Enagement (Negative Assurance)
What is the role of the audit committe?
Over see external audit: Appoint & assist external auditors
Oversee internal audit: Review the internal audit reports & the system of internal control
Explain the ‘Remuneration’ principal (part of LEARR) under the Corporate Governace Code
- Fair remuneration
- Aligned incentives
- No director should decide his own remuneration
Explain the ‘Relations with Shareholders’ principal (part of LEARR) under the Corporate Governace Code
The board should use the AGM to communicate with investors & encourage their participation
What are the auditors rights in the UK?
- Analytical procedures 2. tests of detail
These are the 2 categories of…
What are the two categories of substantive test?
Fill in the table
Inherent risk and control risk
contribute to the risk of…
What two risks contribute to the risk of material misstatement in the financial statements?
What are the component risks of ‘Audit risk’
Audit risk = Risk of material misstatement + Detection risk
(Audit risk = Inherent risk + Control risk + Detection risk
Risk of material misstatement = Inherent risk + Control risk)
Give examples of inherent risk
Complex transactions
Inexperienced staff
cash-based business
pressure to perform
Give examples of Control risk
Control environment
Design of internal control
Operation of internal control
What are the components of Detection risk
Detection risk = sampling risk + non-sampling risk
Define Non-sampling risk
is the risk that the auditor reaches an erroneous conclusion for any reason not related to sampling risk; for example, the use of inappropriate audit procedures, or misinterpretation of audit evidence and failure to recognise a misstatement or deviation
Draw the next level of the flow chart
Draw the next level of the flow chart
Draw the next level of the flow chart
Draw the next level of the flow chart
Draw the next 2 levels of the flow chart
Draw the next level of the flow chart
(IF SSAM)
Intimidation
Familiarity
Self-interest
Self-review
Advocacy
Management
What six threats can relate to objectivity, integrity and independence?
(3WESS)
3 party relationship
Written assurance report
Evidence (sufficient, appropriate evidence to support the conclusion)
Subject matter
Suitable criteria
What are the five elements of an assurance engagement?
(ICOPP)
Integrity
Confidentiality
Objectivity
Professional competence and due care
Professional behaviour
What are the five fundamental principles of the ACCA’s ethical code?
What is meant by integrity
Honest & upfront
What is meant by ‘Professional competence and due care’
Keep up to date with the law & recent developements
What is meant by Confidentiality
Should not disclose information unless a legal or professional right or duty
What is meant by ‘Professional behaviour’
Comply with law
Don’t discredit other professionals
What is meant by ‘Objectivity’
Avoid;
bias
conflict of interest
undue influence
List ‘Self-interest’ threats
Financial gain
Family/close relationships to client
Loans from client
Overdue fees (e.g. auditors may want to avoid triggering a liquidation)
Contingent fees (e.g. a bonus paid for an unmodified opinion)
High % of fees (15% max from a listed company)
Low-balling (loss making on the audit to win other business)
Gifts & hospitality
What gives rise to the ‘Self-review’ threat
The audit team must not have supplied other accountancy services to the entity
(a seperate team may supply the services though)
What is the ACCA’s safe guard to the ‘Familiarity threat’
Lead partner is changed every 5 years
Other partners changed every 7 years
What is the ‘Advocacy’ threat?
What is the safeguard?
Advocacy is where the assurance or audit firm promotes a point of view or opinion to the extent the subsequent objectivity is compromised.
(e.g. the audit firm promotes the shares in a listed company or supports the company in some sort of dispute)
As always, the audit firm should weigh up the risks to its objectivity, integrity and independence and should withdraw from performing further work if those risks are too high.
What is the ‘Intimidation’ threat
threatened litigation, blackmail, physical harm
List the elements of the audit report
Title
Addressee
Opinion paragraph
Basis for opinion
Emphasis of matter paragraph (if one)
Material uncertainty relating to going concern (if one)
Key audit matters
Other matters (if any)
Managements responsibilities
Auditor’s responsibiities
Date, address, signature
What is the ‘Key Audit Matters’ section in the Auditors report for
Those matters that were of most significance in the audit
(e.g. areas of higher risk, significant management judgements, effect of significan events or transactions)
What is the ‘Material uncertainty related to going concern’ paragraph of the auditors report for
is a material uncertainty related to the going concern of the company
(Such a paragraph is not a modification of the audit opinion – provided the uncertainty has been adequately disclosed by the directors in the notes to the financial statements)
What is the ‘other matters’ paragraph of the auditors report for
This paragraph is used, if necessary, to communicate a matter that is not required to be presented or disclosed in the financial statements which is relevant to the user’s understanding of the audit, the auditor’s responsibilities or the auditor’s report.
(e.g. the directors report conflicts with the FS)
What are the typical signs that the entity is not a going concern?
(i.e. accounts should be prepared on on a ‘break-up’ basis)
Negative operating cashflows
Inability to pay suppliers
Operating losses
Borrowing facilities not agreed
Loss of key staff/customers
Technology changes
Legislative changes
Non-compliance with regulations
What are the possible effects on the audit report if going concern is in doubt
If disclosed: emphasis of matter statement
if not disclosed: limitation in scope (thus, disclaimer of opinion or adverse opinion)
What are the ‘acceptance procedures’ auditors must undertake to ensure they are clear to act for the client
Ensure they are professionally qualified to act (legal/ethical)
Adequate resources (enough staff)
Obtain references (investigate directors)
Communicate with present auditors
What shoudl the engagement letter contain
Objective of the audit
Auditors responsibilities
Managements responsibilities
Applicable financial framework
Draw the flow chart showing the stages of an audit
What are the 2 major categories of risk
Audit risk
Business risk
Give examples of detection risk
Auditor’s experience
New client
Time pressure
Poor planning
Industry knowledge
What is a management threat
the auditor performs managerial functions for the client
