ISA 315 Flashcards

1
Q

Risk Assessment Procedures and Related Activities:

A

Auditor shall perform risk assessment procedures to obtain understanding of Entity, and Internal control to
identify and assess the risk of material misstatement, at assertion level and financial statement level.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Benefits of obtaining understanding of entity and its internal control:

A

o To assess Inherent Risk and Control Risk (i.e. Risk of material misstatement)
o To identify Significant Risks (i.e. risks which require special audit considerations)
o To determine materiality
o To determine nature, timing and extent of further audit procedures
o To determine appropriateness of accounting policies and estimates

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Extent and Depth of understanding required:

A

Extent and depth of understanding to be obtained depends on professional judgment of auditor. It may be
less than that possessed by management but should be sufficient enough to identify and assess the risk of
material misstatement.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Extent and Depth of understanding required:

A

Extent and depth of understanding to be obtained depends on professional judgment of auditor. It may be
less than that possessed by management but should be sufficient enough to identify and assess the risk of
material misstatement.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Risk Assessment Procedures:

A

o Inquiries of management, internal audit function and others within the entity
o Observation, and Inspection
o Analytical procedures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Related Activities:

A

o Information obtained from client acceptance and continuance process
o Information obtained from other engagement for the entity
o Information obtained from previous audits
o Discussion among engagement team

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Inquiry of management

A

Much of the information obtained by the auditor’s inquiries is obtained from management and those
responsible for preparation of financial statements.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Inquiry of Internal audit function:

A

Auditor may inquire of chief internal audit executive or others within internal audit function to obtain
information about entity’s risk assessment process, control deficiencies, and matters raised with TCWG.
Auditor may also consider to reading reports of internal audit function.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

TCWG

A

To understand environment in which financial statements are prepared.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Employees

A

To understand process of initiation and recording of transactions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Marketing /Sales Personnel

A

To understand sales trends and contractual agreements with customers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

In-House Legal Counsel

A

To understand compliance with laws/regulations, litigation and fraud

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Production Department

A

To understand operations and productions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Risk management function

A

To obtain information about operational and regulatory risks affecting financial
statements.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Information system personnel

A

To obtain information about system changes, system or control failures or other
risks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Observation and Inspection

A

Observation and Inspection support inquiries and also provides further information about entity. Examples
include:
 Observation of Entity’s Premises and Plant facilities
 Observation of Entity’s operations
 Inspection of documents (e.g. Business Plans, Strategies, SOPs, Internal Controls, etc.)
 Inspection of Reports by Management (e.g. Interim financial statements and minutes of meetings)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Analytical Procedures:

A

Analytical procedures performed as risk assessment procedures identify Unusual or Unexpected
relationships and amounts which may indicate existence of error/fraud. Analytical procedures performed as
risk assessment procedures may include both financial and non-financial information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Information Obtained in Prior Periods:

A

nformation obtained in prior periods may also be relevant and may be used by auditor in current period e.g.
information about following matters:
 Use of risk assessment procedures performed last year
 Use of tests of controls performed last year
 Use of substantive procedures performed last year
ISA – 330 provides guidance on use of information obtained in prior periods.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Discussion among the Engagement Team:

A

Objectives/Benefits:
1. More experienced members share their insights based on their knowledge of the entity.
2. Team members exchange information about the business risks of entity and how financial
statements may be misstated.
3. Team members gain a better understanding of audit risk in specific areas assigned to them, and how
the results of their work can affect other aspects of audit.
4. Team members communicate and share new information obtained throughout the audit that may
affect the audit risk or audit procedures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What is discussed among engagement team

A

Business Risks, Audit Risks, Professional Skepticism, Fraud consideration, application of AFRF on entity, New
information during audit affecting risk and audit procedures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

When is discussed among engagement team

A

It also depends on professional judgment. Usually this discussion starts from planning phase and there may
be further discussions throughout the audit to exchange ongoing information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Who is involved in discussion among Engagement Team

A

It is a matter of professional judgment as to which members to include. Usually Key members of engagement
teams are included. All members are not necessary. Involvement of Expert and auditors of components is also
considered.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

The Entity and Its Environment:

A

Auditor is required to obtain understanding of entity. This understanding shall cover following:
1) Entity’s Environment
2) Nature of entity
3) Entity’s Selection and Application of Accounting Policies
4) Objectives, Strategies and related Business Risks
5) Measurement and Review of entity’s Financial Performance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Industry, Regulatory and Other External Factors:

A

Auditor shall consider following factors in obtaining understanding of entity’s environment:

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Industry Factors

A

*Market and Competition
*Seasonal activity
*Product technology
*Energy supply and cost

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Regulatory Factors

A

*Applicable legislation and regulation
*Taxation laws
*AFRF
*Industry specific practices
*Government policies (monetary
policy, fiscal policy, foreign
exchange policy)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Other External Factors

A

*General economic conditions
*Interest rates
*Inflation rates
*Availability of financing
*Currency revaluation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Nature of the Entity:

A

Examples of matters that the auditor may consider when obtaining an understanding of the nature of the
entity include:

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

IDENTIFYING AND ASSESSING THE RISKS OF MATERIAL MISSTATEMENT:

A

There are two levels of risk of material misstatement i.e. at Financial Statement Level and at Assertion Level.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Assessment of Risks of Material Misstatement at the Financial Statement Level

A

Risks at the financial statement level refer to risks that affect financial statements pervasively and potentially
affect many assertions.
Consideration of Risk at Financial Statement Level assists an auditor to:
 Determine overall Audit Strategy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Assessment of Risks of Material Misstatement at the Assertion Level

A

Risk at assertion level refers to risks that do not affect financial statements pervasively and affect only
specific identifiable assertions.
Consideration of Risk at Assertion Level assists an auditor to:
 Determine Audit Plan/Audit Program/Audit Procedures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Examples At Financial Statements Level

A

Due to
Inherent
Risk
-Adverse economic and competitive conditions
-Hi-tech, complex industry
-Liquidity or Going concern problem

Due to
Control Risk
-Weak control environment.
- High turnover of senior finance team members

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

Examples at Assertion level

A

Due to
Inherent
Risk
-Complex transactions and calculations
-Estimates, judgments, uncertainties in
account balance or classes of transactions

Due to
Control Risk
-Not preparing BRS
-Not sending monthly statements to
debtors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Examples at Assertion level

A

Due to
Inherent
Risk
-Complex transactions and calculations
-Estimates, judgments, uncertainties in
account balance or classes of transactions

Due to
Control Risk
-Not preparing BRS
-Not sending monthly statements to
debtors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q
A
  1. Existence i.e. recorded assets, liabilities, and equity actually exist.
  2. Rights and obligations i.e. entity holds or controls the rights to assets, and liabilities are obligations
    of entity.
  3. Accuracy, Valuation and allocation i.e. assets, liabilities, and equity are included in the financial
    statements at appropriate amounts; and adjustments relating to valuation/allocation have been
    recorded.
  4. Completeness i.e. all assets, liabilities and equity that should have been recorded, have been
    recorded.
  5. Classification i.e. assets, liabilities and equity have been recorded in the proper accounts.
  6. Presentation i.e. assets, liabilities and equity are appropriately aggregated or disaggregated, and
    disclosures are according to AFRF.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

Assertions about classes of transactions and events for the period:

A
  1. Occurrence i.e. all transactions and events, that have been recorded, have actually occurred and
    pertain to the entity (i.e. there is no overstatement).
  2. Accuracy i.e. amounts and other data relating to transactions and events have been recorded
    appropriately.
  3. Cutoff i.e. transactions and events have been recorded in correct accounting period.
  4. Completeness i.e. all transactions and events, that should have been recorded, have been recorded
    (i.e. there is no understatement).
  5. Classification i.e. transactions and events have been recorded in the proper accounts.
  6. Presentation i.e. transactions and events are appropriately aggregated or disaggregated, and
    disclosures are according to AFRF.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

Identifying Significant Risks:

A

“An identified and assessed risk of material misstatement that, in the auditor’s judgment, requires special
audit consideration.”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

Factors to consider in exercising judgment as to which risks are significant risks:

A

 Significant non-routine transactions
 Judgmental Matters
 Risk of material misstatement due to fraud
 Risk related to recent economic, accounting or other development
 Complexity of transactions
 Significant related parties’ Transactions
Significant risks are assessed before consideration of any mitigating controls so they are based on the
inherent risk only

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

Understanding Controls Related to Significant Risks:

A

Understanding Controls Related to Significant Risks:

40
Q

Risks for Which Substantive Procedures Alone Do Not Provide Sufficient Appropriate Audit
Evidence:

A

Example:
When there are numerous and significant transactions, with highly automated processing and little or no
manual intervention.
Auditor’s Procedures:
If substantive procedures alone do not provide sufficient appropriate audit evidence, auditor is also required
to test the entity’s controls over the completeness and accuracy of the recording.

41
Q

Revision of Risk Assessment:

A

During the audit, information may come to the auditor’s attention that differs significantly from the
information on which the risk assessment was based.
The auditor shall revise his assessment of risks of material misstatement, and shall modify the audit
procedures if there is additional evidence from further audit procedures which is inconsistent with the
evidence on which auditor based his original assessment e.g.
 In performing tests of those controls, the auditor may obtain audit evidence that they were not
operating effectively at relevant times during the audit.
 In performing substantive procedures, the auditor may detect misstatements in amounts or
frequency greater than original assessment

42
Q

DOCUMENTATION

A

Auditor shall document following:
 The discussion among the engagement team, and the significant decisions reached;
 Risk assessment procedures performed, and key elements of the understanding obtained regarding
each of the aspects of the entity and of each of the internal control components
 The identified risks at the financial statement level and at the assertion level.
 Significant risks and risks for which substantive procedures alone do not provide sufficient
appropriate audit evidence, and related controls.

43
Q

Occurrence of Sales:

A

Circumstances which increases risk:
 Unusual growth of sales
 Bonus on achievement of sale target

Evaluation of Risk
Revenue may be overstated to meet
expectations or targets.

Key Audit Procedures
 Perform tests of controls over recording of revenue.
 Checked sales recorded at year end and credit notes issued after the year
end, to assess whether these have been recorded in appropriate periods.
 For sales recorded during the year, select a sample of significant sales
recorded, and inspect sales orders, sales invoices, GDN and other underlying
documents.

44
Q

Completeness of Sales:

A

Circumstances which increases risk:
 Unusual decrease in sales

Evaluation of Risk
There is a risk that some of the goods
despatched may not have been
recorded.

Key Audit Procedures
 Select a sample of Goods Desptach Notes and check their recording in sales
account.
 Perform cut-off test on sales.
 Send confirmation letters to major debtors with low balance.

45
Q

Completeness of Sales:

A

Circumstances which increases risk:
 Unusual decrease in sales

Evaluation of Risk
There is a risk that some of the goods
despatched may not have been
recorded.

Key Audit Procedures
 Select a sample of Goods Desptach Notes and check their recording in sales
account.
 Perform cut-off test on sales.
 Send confirmation letters to major debtors with low balance.

46
Q

Accuracy of sales:

A

Income is received (or expense is paid) in advance:

Evaluation of Risk
Income may be recorded when cash is
received, instead of when risk and
rewards are transferred.

Key Audit Procedures:
 Perform tests of controls to ensure that cash received is recorded as
deferred revenue, and subsequently recorded as sales when risks and
rewards are transferred.
 Perform cut-off tests on sales.

47
Q

Valuation of inventory:

A

Circumstances which increases risk:
 Decrease in sales/demand (due to change in fashion/technology or launch of new products)
 Long-standing inventory/increase in inventory turnover ratio
 Defective goods in inventory
 Cost of production increases, or Sale price decreases.
 If product is malfunctioning,
 New products are launched by company or competitor.
 Contract of specialized inventory is cancelled or customer goes bankrupt.
 Defective goods returned by customers.

Evaluation of Risk
Due to ______, there is risk that NRV of
inventory may be lower than its cost.

Key Audit Procedures
 Inquire client about calculation of NRV of inventory, and check
reasonableness of the basis of calculations (e.g. subsequent sale price of
inventory).
 Obtain the aging analysis of inventory. Test its accuracy and identify any
slow-moving/obsolete inventory which needs to be written down to its
NRV.
 Compare NRV of each inventory item to its cost.
 Physical verification for damaged items.

48
Q

Existence of Inventory:

A

Circumstances which increases risk:
 Inventory is held at various locations or
 Inventory is held with third party or
Evaluation of Risk
It is difficult to verify existence and
completeness of inventory if ……………

Key Audit Procedures
 Select a sample of locations to be physically inspected by auditor.
Conduct simultaneous stock checking for selected locations.
 For locations not selected for stock-count, compare inventory level
with previous periods. Obtain working papers of internal auditors, if
relevant.

49
Q

Additions to fixed assets:

A

Circumstances which increases risk:
 Major fixed assets purchased during the year.
 Significant capital expenditures incurred during the year.

Evaluation of Risk
There may be misclassification
between capital and revenue
expenditure. Further, there may also be
implications on depreciation expense
because of this misclassification.

Key Audit Procedures
 Check approval of fixed assets acquired purchased or capital
expenditure incurred during the year.
 Perform tests of details on additions to PPE, and perform physical
verification of PPE acquired.
 Select a sample of cost incurred, and check with supporting
documents to ensure expense has been properly classified.
 Inspected supporting documents to ensure it has been capitalized
from date when asset was ready for intended use.
 Assessed reasonableness of useful life of fixed asset.
 Tested calculation of depreciation expense.

50
Q

Revaluation of PPE:

A

Circumstances which increases risk:
 Revaluation policy adapted by management.

Evaluation of Risk
Process of valuation is a highly
complex and judgmental process which
involves assumptions and methods
affected by future economic and
market conditions.

Key Audit Procedures
 Assessed competence, capability and objectivity of expert.
 Obtained revaluation report from valuer and check source data,
assumptions and methodologies used, and conclusions.
 Ensured that revaluation is properly accounted for and disclosed in
financial statements

51
Q

Impairment of Machinery:

A

Circumstances which increases risk:
 Decrease in sales/demand of inventory
 Faults in production process (e.g. increase in scrap/wastage of inventory during production)
 Destroyed or Unused or Under-utilized Fixed Assets.

Evaluation of Risk
Due to ____, Value in use of asset may
have decreased which is an indication
of impairment.

Key Audit Procedures
 Ask management to carry out impairment review.
 Obtain working of client relating to impairment and review source data and
assumptions to check their reasonableness.
 Consider involving use of expert to verify working of impairment loss.

52
Q

Classification as Non-current assets held for sale under IFRS – 5:

A

Circumstances which increases risk:
 Closure of a factory

Evaluation of Risk
Due to closure of a factory, there may
be non-current assets held for sale.
This is a non-routine transaction,
involving significant management
judgments. Further, there are also
requirements regarding determination
of fair value, presentation and
disclosures relating to assets held for
sale.

Key Audit Procedures
 Read minutes of board meeting to check approval to sell assets.
 Review steps taken by management to sell the assets e.g. any
correspondence or agreement with prospective buyer.
 Check whether non-current assets held for sale are
o Measured at lower of carrying amount and fair value less costs to sell.
o Presented separately in balance sheet under Current Assets.
o No more depreciated.
 Obtain valuation report of expert to confirm fair value of assets.
 Check that discontinued operations are separately presented, and disclosed.

53
Q

Valuation of debtors:

A

Circumstances which increases risk:
 Increase in Debtors’ turnover ratio
 Increase in Debtors/Receivables
 Dispute with debtors

Evaluation of Risk
Receivables have become doubtful and
full recovery is not expected.

Key Audit Procedures
 Obtain understanding and test internal controls over debtors (e.g. approval
and review of credit limit, receivables’ aging report, and credit period).
 Checked subsequent receipts of cash.
 Assess appropriateness of provision for bad debts by comparing it with
previous years, with industry and with subsequent status.

54
Q

Valuation of Foreign Currency Receivables/Payables:

A

Circumstances which increases risk:
 Imports and Exports

Evaluation of Risk
Changes in rates of FCY at year end
may not be recorded, or may be
wrongly recorded in Purchases/Sales
instead of charging as income/expense
in P & L.

Key Audit Procedures
 If there are goods in transit at year end, inspect their respective purchase
orders and ensure that rights and rewards have been transferred in respect
of inventory.
 Perform tests of controls to ensure that appropriate exchange rates are used
in translation of foreign currency.
 Ensure that any gain/loss on closing balances of foreign currency are
correctly recognized as per IFRS.
 Review the insurance policies at year end to ensure they Goods-in-transit are
adequately covered.

55
Q

Completeness of creditors:

A

Circumstances which increases risk:
 Decrease in creditors’ ratio.
 Decrease in creditors

Evaluation of Risk
Decrease indicates understatement of
creditors.

Key Audit Procedures
 Send confirmation letters to major creditors having low balance.
 Perform cut-off test on purchases.
 Review pending Goods Received Note, to identify any purchase not
recorded.
 Review significant payments made after the year to identify if any payment
relates to current year.

56
Q

Provision for warranty:

A

Circumstances which increases risk:
 Company provides warranty to its customers.
 Increase in warranty period/complains.
 Malfunctioning of products
 Not in alignment with sales

Evaluation of Risk
Estimated expense for provision of
warranty may not be reasonable
considering warranty period, level of
sales, or complains by customers.

Key Audit Procedures
 Review warranty claims after the year.
 Review client’s working for warranty provision, and check appropriateness
of assumptions in the current situations.
 Consider need to engage an expert to calculate warranty provision

57
Q

Provision for restructuring/ staff termination:

A

Circumstances which increases risk:
 Closure of a factory.
Evaluation of Risk Key Audit Procedures
Due to announcement of closure of a
factory before year-end, there is a risk
that restructuring provision is not
appropriately recorded in respect of
employees who were made redundant.
 Obtain working papers prepared by client for restructuring provision.
 Obtain list of redundant employees and ensure all of them are included in
calculation.
 Inquire from terminated employees/labour union regarding agreed
termination payments.
 Inspect appointment letters

58
Q

Provision for Onerous contracts:

A

Circumstances which increases risk:
 Loss making non-cancellable contracts

Evaluation of Risk
Management may not have recorded
appropriate amount of loss on noncancellable contract.

Key Audit Procedures
 Review the sale agreement to confirm sale price.
 Review purchase agreement and other components of cost to confirm the
purchase price.
 Ensure cost exceeds sale price.
 Review sale agreement to confirm if there is any right to cancel the
agreement and any penalty clause.

59
Q

Provision for Legal cases:

A

Circumstances which increases risk:
 unfair dismissal of staff
 serious accident damaging environment or injuring people
 malfunctioning of product

Evaluation of Risk
There is judgment involved to assess
the outcome (i.e. level of provisions
and disclosures) of pending litigations.
Complete provision or disclosure may
not have been recorded by client.

Key Audit Procedures
 Circularize confirmation to company’s external legal consultants for their
views on pending litigations, and discussed the rationale and justification of
their views.
 Use our own legal expert to consider the level of provision required
considering nature of case, legal precedents, and company’s
correspondence with opponents.
 Analyze significant changes from prior period.
 Assess the adequacy of disclosures related to pending litigations in notes to
the accounts.

60
Q

Existence and Valuation of Goodwill:

A

Circumstances which increases risk:
 Business purchased during the year.Circumstances which increases risk:
 Business purchased during the year.

Evaluation of Risk
Goodwill may not have been
recognized and measured at
appropriate amount.
Further, annual testing of impairment
of goodwill is a highly complex and
judgmental process
For recognition:

Key Audit Procedures
 Inspect the sale agreement and agree cost of acquisition paid to cash book
and bank statement, and
 Inspect due-diligence report for the acquisition, and ensure that all
identifiable assets have been included and are reasonably valued.
For impairment testing:
 Evaluate appropriateness of assumptions (e.g. sales volume, prices,
operating cost, growth rates) by comparing with our own assessment based
on our knowledge of client and industry.
Evaluation of Risk Key Audit Procedures
Goodwill may not have been
recognized and measured at
appropriate amount.
Further, annual testing of impairment
of goodwill is a highly complex and
judgmental process
For recognition:
 Inspect the sale agreement and agree cost of acquisition paid to cash book
and bank statement, and
 Inspect due-diligence report for the acquisition, and ensure that all
identifiable assets have been included and are reasonably valued.
For impairment testing:
 Evaluate appropriateness of assumptions (e.g. sales volume, prices,
operating cost, growth rates) by comparing with our own assessment based
on our knowledge of client and industry.

61
Q

Recognition of Development Cost:

A

Circumstances which increases risk:
 Product developed/launched during the year.

Evaluation of Risk
There may be misclassification
between Research and Development
costs. Further, development cost may
not have met recognition criteria.

Key Audit Procedures
 Ensure that development cost is recognized only if criteria is met as
required by IAS – 38.
 Discuss the project with management to assess the feasibility of the project,
and obtain representation from management regarding intention to
complete the project.
 For a sample of costs, inspect supporting documents e.g. development
contracts, billing and timesheets
 Review development cost to verify that cost is appropriately classified and
does not include research expenses.

62
Q

YOU ARE APPOINTED THIS YEAR (FIRST YEAR OF AUDIT)

A

Risk (What) and Explanation (Why)
Opening Balances:
There may be misstatements in
opening balances, and balances may
not be correctly brought forward.
Further, accounting policies may not be
consistently applied.

Key Audit Procedures (How)
 Review predecessor auditor’s working papers (if applicable).
 Evaluate whether audit procedures performed in current year provide
evidence about opening balances.
 Perform specific procedures to verify opening balances (e.g. review of
previous period’s accounting records).

63
Q

Going Concern Uncertainty:

A

Circumstances which increases risk:
 Loss during the year,
 Bankruptcy of major customer.
 Adverse key financial ratios (e.g. Current ratio, Quick-asset ratio, Debt-equity ratio)
 Ceased substantial manufacturing activities
 Serious accident damaging environment or injuring people

Evaluation of Risk
There is a risk that entity may not be
able to continue as a going concern.

Key Audit Procedures
 Inquire management about its plan to resolve the liquidity issues.
 Review management’s plan and analyze the assumptions used by
management to ensure their reasonableness.
 Ensure proper disclosure in management regarding material
uncertainty.

64
Q

RISK OF FRAUD

A

Risk of Overstatement of Revenue/ Understatement of expenses:
Circumstances which increases risk:
 Issue of Shares is planned.
 Sale of business is planned.
 Contingent remuneration of CFO/CEO.
 Other fraud risk factors

Evaluation of Risk
Company may be inclined to show
better results to ………….

Key Audit Procedures
 Perform analytical review of income and expenses.
 Perform cut-off test to ensure transactions have been recorded in correct
period.
 Review accounting estimates for reasonableness.
 Evaluate selection and application of accounting policies, particularly those
related to subjective measurements..
 Check transactions outside the normal course of business.

65
Q

Tax litigation/Contingencies:

A

Risk (What) and Explanation (Why)
There are judgments involved to assess
the outcome (i.e. level of provisions
and disclosures) of tax litigations.

Key Audit Procedures (How)
 Circularize confirmation to company’s external tax consultants for their
views on tax assessment, and discussed the rationale and justification of
their views.
 Use our own tax specialist to consider the level of provision required
considering nature of case, legal precedents, and company’s
correspondence with the tax authorities.
 Analyze significant changes from prior period.
 Assess the adequacy of disclosures related to tax contingencies in notes to
the accounts.
 Review calculation.

66
Q

Deferred tax assets:

A

Circumstances which increases risk:
 Deferred tax recognized.

Evaluation of Risk
Recognition of deferred tax is a highly
complex and judgmental area which
involves assumptions about future.
Further, it may be difficult for to
generate future taxable profits to
utilize deferred tax asset.

Key Audit Procedures
 Performed substantive procedures on calculation of deferred tax balances,
based on tax regulations.
 Performed analysis of recoverability of deferred tax assets, and evaluated
company’s assumptions and estimates in generating sufficient future
taxable profits.
 Used an internal tax specialist to support us in these procedures

67
Q

CUSTOMER LOYALTY PROGRAMS

A

Risk (What) and Explanation (Why)
Improper recognition and
measurement of Revenue &
Provision:
Due to customer loyalty points, there is
risk that provision for loyalty points
may not be estimated and recorded
correctly as per IFRS 15.

Key Audit Procedures (How)
 Obtain understanding of management’s process to record revenue and
related liability.
 Evaluate reasonableness of management assumption regarding redemption
of points.
 Obtain valuation report of expert to confirm amount of liability relating to loyalty points.

68
Q

Risk of Non-compliance with laws and regulations:

A

Circumstances which increases risk:
 New accounting or legal regulations/guidelines.
 Implementation of new IT system)
 Change in accounting policies

Risk (What) and Explanation (Why)
Changes in reporting and legal
requirements may not be appropriately
met by financial reporting system.
Further, non-compliance may result in
misstatement or penalties.

Key Audit Procedures (How)
 Review the accounting and reporting requirements according to
new/changed accounting policy or regulatory requirements.
 Ensured appropriateness of accounting treatment and disclosures made.

69
Q

Risk of Non-compliance with laws and regulations:

A

Risk (What) and Explanation (Why)
Ineffective Governance Structure:
Management decisions are not
overseen by directors, therefore,
governance structure is likely to be
ineffective.

Key Audit Procedures (How)
 Obtain minutes of BOD meeting and audit committee meetings to evaluate
their involvement and role in decision making process.
 Inquire about the competencies, skills, knowledge and experience of the
board of directors.

70
Q

BANK LOAN

A

Evaluation of Risk
There may be misclassification of loan,
incorrect recording of interest or
inadequate disclosures.
Further, there may be breaches of debtcovenants requirements.

Key Audit Procedures
 Ensure proper classification of borrowings between current and noncurrent portion by reviewing loan agreement.
 Send confirmation letter to confirm outstanding amounts and other
terms and conditions.
 Test calculation of markup.
 Assess adequacy of compliance with debt-covenant requirements.
 Assess adequacy of disclosures in financial statements.

71
Q

RELATED PARTY TRANSACTIONS

A

Evaluation of Risk
There is inherent risk in related party
transactions due to its nature and
significance.

Key Audit Procedures
 Obtained understanding of controls over identification, recording and
disclosure of related party transactions. Also, tested such controls.
 Inspected minutes of BOD meetings and shareholders’ meetings to
understand nature and approval of transactions.
 On a sample basis, compared transactions with related parties with
underlying supporting documents and agreements.
 Obtained confirmation (on sample basis) from related parties for
transactions and balances.
 Assessed the adequacy of disclosures related to related parties in notes to
the accounts.

72
Q

Risk of incorrect recording of transactions:

A

Circumstances which increases risk:
 Few/overburdened staff in accounting and finance department.
 Finance department is working without financial controller (or IT department working without IT manager).
 Introduction of new IT system.
Evaluation of Risk Key Audit Procedures
There is a risk of errors due to lack of
segregation of duties/supervision, or
due to inexperienced staff.
 Auditor shall place less reliance on internal controls and shall
increase substantive testing.

73
Q

OTHER RISKS

A

Circumstances which increases risk:
 Company deals in large number of products (Segment Reporting)
 Recording contingent asset as receivable.
 Weak internal controls: e.g. Reconciliations not being prepared (in bank, debtors, creditors, inventory)
 Predecessor auditor did not wish to be reappointed (This is an indication of disagreement and/or inappropriate
scope limitation.)
 Restricted time schedule for audit (Audit team may not have time to obtain sufficient appropriate audit
evidence.)
 Predecessor auditor expressed modified opinion.
Tips:
One information may lead to many risks

74
Q

 Monitoring of Controls

A

Monitoring of controls is a process to assess the effectiveness of internal control performance and taking
necessary remedial actions.
The auditor shall obtain an understanding of the major activities used by entity to monitor internal control
over financial reporting and how the entity initiates remedial actions to deficiencies in its controls.
If the entity has an internal audit function, auditor shall obtain an understanding of:
 Objectivity of Internal Audit Function (evaluating its organizational status)
 Nature (i.e. objectives and scope) of the work of internal audit function
 Activities performed by internal audit function

75
Q

IT General Controls:

A

General Controls are those controls that operate at financial statement level and relate to all or many
applications. General Controls help to ensure the effective functioning of application controls.

76
Q

Application controls:

A

Application controls are those controls that operate at assertion level and relate to the processing of
transactions in individual applications. Application controls help to ensure that transactions are
properly authorized, accurately processed and timely distributed.

77
Q

Controls in these Control Activities could be:

A
  1. Preventative (e.g. Authorization for stock issue)
  2. Detective (e.g. physical verification of stock)
  3. Corrective (e.g. follow up of exceptions)
78
Q

Control Activities Relevant to the Audit

A

Control activities are the policies and procedures that help ensure that management directives are carried
out. Auditor shall obtain an understanding of control activities/procedures relevant to audit (including
control activities on risks arising from I.T.) to assess risk at assertion level.
Controls Activities/Procedures may be categorized as follows:
 Authorization (e.g. Authorization of Expenses)
 Physical controls (e.g. physical security measures for assets and periodic verification)
 Performance Reviews (e.g. Variance Analysis with budget/last year)
 Information Processing Controls (e.g. IT General Controls and IT Application Controls)
 Segregation of duties (e.g. separating receiving, recording and custodian functions)

79
Q

The Information System, Including Related Business Processes, Relevant to Financial Reporting, and
Communication

A

Relevant Information system means methods and processes by which entity obtains, record and presents
transactions. This system could be manual as well as IT.
Relevant Information system means methods and processes by which entity obtains, record and presents
transactions. This system could be manual as well as IT.

80
Q

The Entity’s Risk Assessment Process

A

Entities identify business risks by following risk assessment process:
a) Identifying business risks;
b) Determine significance of risks;
c) Determine likelihood of their occurrence; and
d) Determine whether any action should be taken to address those risks.
Auditor shall obtain an understanding of whether or not entity has a Business/Entity Risk Assessment
Process:
 If entity has no Risk Assessment Process or there is ad-hoc process, auditor shall:
o discuss how management identifies and address business risks.
o determine whether absence of process is appropriate or not.
 If entity has a Risk Assessment Process, auditor shall obtain understanding of it. If auditor identifies a
risk which was not identified by entity’s risk assessment process, auditor shall consider whether
entity’s process is appropriate or deficient.

81
Q

Control Environment

A

Control environment includes awareness and actions of TCWG and management regarding entity’s
internal control and its importance in the entity. It provides an atmosphere in which people conduct their
activities and carry out their control responsibilities

82
Q

Elements of Control Environment and how they can be evaluated:

A

refer notes

83
Q

Nature and Extent of the Understanding of Relevant Controls:

A

In obtaining understanding of controls, auditor shall evaluate whether controls have been DESIGNED and
IMPLEMENTED.
Understanding of Internal Control means evaluating design (i.e. whether it is able to prevent/detect/correct
misstatements) and implementation (i.e. whether control exists and entity is using it) of internal control.
Evaluating operating effectiveness is NOT part of understanding controls. It is called Test of Controls

84
Q

Controls Relevant to the Audit:

A

Following are general rules used by auditors in determining which controls are relevant:
1) Usually controls related to financial reporting are relevant to audit, however not all controls related
to financial reporting are relevant.
2) Controls relating to operations and compliance objectives may be relevant when they relate to the
data which auditor uses in audit procedures (e.g. in Analytical Procedures)
3) Controls related to completeness and accuracy of information produced by entity may be relevant if
auditor intends to use them in further audit procedures (e.g. related parties information)

85
Q

The Entity’s Internal Control:

A

Auditor is required to obtain understanding of Internal Control (relevant to audit).

86
Q

Purpose of Internal Control:

A

“Internal Control means policies and procedures designed, implemented and operated by management
and TCWG (to address business risks) to provide reasonable assurance about achievement of entity’s
objectives with regard to:
o Reliability of the entity’s financial reporting
o Effectiveness and efficiency of its operations
o Compliance with applicable laws and regulation

87
Q

Limitations of Internal Control

A

Internal control cannot provide absolute assurance because of following inherent limitations:
o Breakdowns caused by human errors
o Cost-benefit trade off may not justify a control
o Segregation of duties in smaller entities not possible.
o Often Judgments are involved in risk assessment, and implementation of control which can be
faulty
o Management may also override the controls
o Circumvented intentionally through collusion

88
Q

Benefits in IT system:

A

An IT system can have many benefits (e.g. Performing complex calculation, Accuracy and Timeliness of
information, Facilitates additional analysis, Handles large volume of transactions, Facilitates monitoring).

89
Q

Risks in IT system:

A

However there are specific risks which IT poses to system (e.g. Failure to make changes when required,
Unauthorized changes to data or programs, IT personnel gaining more than necessary privileges and
breaking segregation of duties, Potential loss of data, Inability to access data, Unauthorized access to data,
Inaccurate processing in system).

90
Q

Controls in IT system:

A

Controls in an IT system could be classified into Manual Controls and Automated Controls. A programmed
control is performed by computer software (e.g. validation checks). A manual control is performed by
people (e.g. Authorization, Review, Reconciliations).

91
Q

Manual system is better in following circumstances:

A

 Large, unusual or non-recurring transactions
 When errors are difficult to define and anticipate
 Changing circumstances requiring extra controls
 In monitoring the effectiveness of automated controls

92
Q

Automated system is better in following circumstances:

A

 High volume or Recurring transactions
 Where automation of controls is possible
Controls in an IT system could be classified into General Controls, and Application Controls (to be
explained in component of control activities).

93
Q

Measurement and Review of the Entity’s Financial Performance:

A

Following are different ways used to measure and review entity’s performance by management and external
parties (e.g. analysts and credit rating agencies):
i. Key Performance Indicators (e.g. Sales, Profit, Assets, Number of branches/customers)
ii. Ratios (e.g. EPS, G.P. ratio, N.P. ratio etc.)
iii. Performance/Variance Analysis (prior year, with budget, with industry average)
Reason of understanding:
Performance measures create pressure on management and in turn management may be motivated to
improve the performance or misstate the financial performance particularly when there is some
pressure/incentive to meet such unrealistic targets e.g. an unusual growth/profitability indicate a risk of
misstatement in financial statements particularly when there are contingent compensations or requirements
of a debt-covenant

94
Q

The Entity’s Selection and Application of Accounting Policies:

A

It is auditor’s responsibility to evaluate that selection and application of accounting policies is in accordance
with AFRF and Industry.
Particular focus should be on:
 Accounting policies for significant, controversial or unusual areas e.g. for derivative securities
 Change in accounting policies
 Newly adopted or to-be-adopted accounting standards, laws and regulations

95
Q

Objectives and Strategies and Related Business Risks:

A

Objectives and Strategies and Related Business Risks: