December 2017 exam short form Qs Flashcards
External audit firms handle large volumes of client data and have a responsibility to put
internal controls in place to protect that data.
Requirement
List the consequences that could arise if an audit firm failed to meet this responsibility and
outline the internal controls that should be in place to mitigate the risk of failing to protect
client data.
(4 marks)
Failure to protect client data
Consequences
* Breach of legal requirements/confidentiality
* Reputational damage
* Loss of clients
* Litigation
* Fines
* Disciplinary procedures by professional body/loss of registered auditor status
* Increased insurance premiums
* Costs of reconstructing lost data
* Negative impact on cash flow/going concern
Internal controls
* Implement data security policy
* Procedures for reporting breaches of data security
* Monitoring of procedures
* Password protected laptops and files
* Passwords changed regularly
* Anti-malware/anti-virus software/firewalls
* Secure storage of files
* Staff training/disciplinary procedures.
Wharfe Golf Club (Wharfe) is unincorporated and is not legally required to have an external
audit. Wharfe’s main sources of income are membership fees and sales of food and golf
equipment.
Requirement
List the benefits for Wharfe of voluntarily undergoing an external audit.
(3 marks)
Benefits of a voluntary external audit
* Better discipline over maintaining accounting records which:
– reduces risks of material misstatement/errors
– identifies fraud
– reduces management bias
* May act as a deterrent to fraud:
– eg, theft of cash, food and golf equipment
* More reliable business information:
– leading to informed management decisions
* Enhances the credibility of the financial statements:
– giving reassurance to third parties
– eg, tax authorities, lenders and suppliers
* Business is scrutinised by a professional:
– reduces business risk
– improves controls/identies deficiencies
– improves efficiency/performance.
The risk of management override of internal controls is present in all organisations.
Requirement
List three procedures that should be included in external audit plans to address this risk.
(3 marks)
Audit procedures to address the risk of management override of internal controls
* Substantiate journal entries
* Investigate reconciling items
* Use of data analytics to identify exceptions
* Review significant accounting estimates and judgements for bias
* Investigate transactions outside the normal course of business
* Review ‘whistle-blowing’ arrangements
* Review internal audit reports
* Interview management to assess its attitude towards the control environment.
Swale Ltd’s (Swale) external auditor is proposing to express an adverse opinion on the
company’s financial statements for the year ended 30 September 20X7. This is due to
disagreement over a number of accounting policies applied in the preparation of the financial
statements. Swale has approached your firm and requested a second opinion on the auditor’s
report
Requirement
Identify and explain the ethical issues that may arise for your firm from this request and state
how your firm should deal with this request.
(3 marks)
Request to provide a second opinion on a proposed auditor’s report
Ethical issues
* Threat to professional behaviour
– discredit the profession
– may compromise/undermine the opinion of the existing auditor
* Client may be opinion shopping
– may indicate lack of management integrity
* Threat to professional competence and due care
– if firm is not in possession of all the facts
* Self-interest threat
– to objectivity
– firm may give the opinion the client desires to obtain future work
Response
* Obtain client’s permission to contact the existing auditor
* Notify the auditor of the work to be undertaken
* If client refuses permission, consider whether it is appropriate to accept the engagement
– must decline if ethical threats cannot be mitigated.
Your firm is the external auditor of Aire Ltd (Aire) which operates a chain of retail stores selling
household goods. Aire is wholly-owned by Sunwac Ltd (Sunwac) and is dependent on Sunwac
to provide finance to continue operating. The directors of Aire have provided your firm with an
email from Sunwac’s directors stating that Sunwac will continue to provide Aire with ongoing
financial support. No audit work has been performed in respect of the email. The directors of
Aire have prepared the financial statements on the going concern basis.
Requirement
Comment on the reliability of the email as audit evidence and outline any audit work that
should be undertaken in respect of the email confirmation.
(4 marks)
Reliability of an email as audit evidence and audit work that should be undertaken
Reliability
* The email:
– should not be accepted at face value/must be critically challenged
– does not provide sufficient evidence to support the going concern status
◦ Sunwac may not have the funds to support Aire
◦ Sunwac has not provided a timeframe for funding
– was not sent directly to the auditors
– could be forged
– is not reliable
– is not legally binding
Audit work that should be undertaken
* Request that a signed letter/direct confirmation/copy of Sunwac board minute pledging
support is sent directly to auditors
* Consider whether Sunwac has the financial backing/resources to finance Aire
– request access to and review the financial statements of Sunwac/undertake a credit
check on Sunwac
– request access to and review Sunwac’s budgets/forecasts
– confirm period of funding is for at least 12 months from the date the financial statements
are approved.
Sue Ure is the engagement partner responsible for the external audit of Nidd plc (Nidd), a
listed company. Sue is due to be removed from the audit team as she has been the
engagement partner for the last five years. However, because of a recent major change in the
structure of Nidd’s business following the acquisition of a competitor, the audit committee has
requested that Sue continues as engagement partner.
Requirement
State, with reasons, how Sue’s firm should respond to the audit committee’s request.
(3 marks)
Request that an engagement partner continues beyond rotation threshold
* Sue may continue as engagement partner:
– to maintain audit quality
* ES permits when there are unexpected changes in the structure of the client’s business:
– such as the acquisition of competing business
– only for an additional 2 years/no longer than 7 years
* Expanded review of audit work required:
– to mitigate the familiarity threat
* Facts and reasons to be disclosed to:
– shareholders
– those charged with governance
* If no disclosure, should refuse the request
* Ethics partner should be consulted.