Audit and assurance Flashcards
What is Audit
What its not?
Why is audit needed
AUDIT EXEMPTION THRESHOLD
- Audit in simple terms is an opinion based
on evidence. - Doesn’t give 100% assurance due to sample based and not a fraud investigations but helps detect it
- Information asymmetries solved
- Conflict of interest solved
- Trust of public increased
- To raised money from banks, investors
- To follow laws and regulations
TURNOVER <= 10.2M
NET ASSETS <= 5.1M
EMPLOYEES <= 50 EMPLOYEES
MEET 2 OUT OF 3
Expectation Gap
The gap between what the auditors believe their responsibilities to be and what the public believes their responsibilities are
It can be reduced by reducing public expectations (education) and increasing audit performance (Clearer audit reports and responsibilities)
What is Agency Theory?
How audit solves it
Theory that explains the conflicting relationship between owners (principals) and managers (agents) due to different goals and information asymmetries.
It checks if the financial statements are true and fair, helping owners trust the managers.
What is
Audit Risk
Business RIsk
Inherent risk
Control risk
Detection risk
Audit risk is the risk that the auditors gives an incorrect opinion on the financial statements.
Formula = Inherent risk x Control risk x Detection risk
Business Risk – The risk that a company may not meet its goals or may suffer losses due to changes in the business environment (like economy, competition, or regulations).
Inherent Risk – The risk of a mistake or fraud happening before considering any internal controls.
Control Risk – The risk that the company’s internal controls fail to detect or prevent the mistake or fraud.
Detection Risk – The risk that the auditor fails to detect the mistake or fraud during the audit.
Materiality levels
A significant amount that affects the user’s decision making or connection transactions makes it, material by nature or size
PBT, Operating profit, PBR -> 5%
Sales, expense - 1%
Assets, liabilities and equities - > 0.5% - 1%
What factors are assessed in client acceptance?
Integrity of client
Auditor Competency for job
Ethical requirements
Other considerations
The 3 Letters in Audit
Engagement letter:
- From Auditor → Client
- Sets out
1) Auditor & Management responsibilities
2) Fees & practical matters
3)Scope of audit
4) Limitations
Management Letter
- From Auditor → Client (& Audit Committe)
- Highlights weaknesses in internal controls
or other concerns
Management Representation Letter
From Client → Auditor
- Client confirms accuracy/completeness of
information provided
Objectives and purpose of internal controls
who is responsible for it
Internal controls are processes designed by management to provide reasonable assurance about the achievement of objectives relating to:
- operating effectiveness / efficiency
- reliability of financial reporting
- compliance with laws and regulations
Who is responsible for it
Senior Management
Audit committee
Internal auditors
STOP SPAM - Internal control activities
S Supervision Monitoring of employee actions; internal audits; ensures accountability.
T Authorisation and Approval Ensures only approved transactions occur; limits access to sensitive areas.
O Organisational Clear structure; charts show authority and information flow.
P Physical Controls Secures assets/records: locks, restricted access, safes, etc.
S Segregation of Duties Duties split across people: authorisation, recording, custody.
P Personnel Assign tasks only to competent and trustworthy employees.
A Arithmetical and Accounting Controls Reconciliations, cross-checks, control accounts, and document sequencing.
M Management Controls Setting policies, reviewing performance, and budgeting.
🚧 Limitations of Internal Controls
- 💸 Cost vs. benefit
- 👨💼 Management override
- 🧠 Human error
- 🤝 Collusion between staff
- 🔄 Only covers usual transactions (not rare cases)
- 🌍 Changes in environment
🧾 Internal Controls & The Audit Process
Step 1️⃣: Preliminary Risk Assessment
Understand and document the internal control system
Step 2️⃣: Test of Controls (Audit procedure that produces evidence that internal controls have operated effectively throughout)
Only done if controls seem strong
Step 3️⃣: Substantive Testing (Evidence that account balances, transaction classes and disclosures are materially misstated)
Done when controls are weak or not working
Benefits of IA
1) Strengthens control environment
2) Protects against self-review threat
3) Promotes ethical behaviour
4) Reduced cost of External audit
5 Ethical Safeguards
- Self-interest Threat
🔍 You or your firm could gain personally from the client (e.g. shares, fees, gifts, bonuses).
Safeguards:
No contingent fees (don’t get paid based on outcome).
Remove financial interests (sell shares, refuse audit).
Rotate staff to remove bias.
Only accept tiny gifts or none at all.
- Self-review Threat
🔍 You’re reviewing work that you or your firm previously did for the client (e.g. accounting work, then auditing it).
Safeguards:
Segregation of duties – different people for different tasks.
Use an independent reviewer.
Avoid giving non-audit services to audit clients.
Refuse the work if threats are too high.
- Advocacy Threat
🔍 You’re promoting or defending the client’s position (e.g. representing them in legal or tax matters).
Safeguards:
Refuse appointment or specific service.
Ensure independent judgment is not affected.
Communicate with audit committee if unavoidable.
Keep clear documentation of decision-making.
- Familiarity Threat
🔍 You’re too close with the client – maybe you’ve worked with them too long or have family ties.
Safeguards:
Rotate audit staff regularly (especially partners).
Remove team members with close personal or family ties.
Use an independent review partner.
Introduce cool-off periods (e.g. 2 years).
- Intimidation Threat
🔍 You feel pressured by the client or your boss (e.g. threat of job loss, or client being aggressive).
Safeguards:
Have strong internal controls and policies.
Train staff on how to handle pressure.
Get help from an ethics partner or support hotline.
Refuse or withdraw from the engagement if pressure is too high.
