KIT Flashcards
outsourcing of the function
ISA 402 Audit Considerations Relating to an Entity Using a Service Organisation
1. obtain understanding of nature and significance of the services provided, their effect on the user entity’s internal controls relevant to audit
2. the nature and materiality of the transactions processed or accounts or fin reporting processes affected by serv org
3. the degree of interaction bn user entity and SO
4. the nature of relationship bn the user entity and the SO, incl relevant contractual terms
Key is whether SO’s services are limited to recording and processing transactions, ow they execute tr-s, therefore taking accountability
SO is providing credit control. Under-d whether SO make decision about adj-s which may be needed for irrevocable debt (tag that we will not get his $) or the level of allowance for AR, and the materiality of amounts involved
for that
1. review contract with SP
2. review reports by SO to determine effectiveness of Credit control function
3. document how the SO and client systems work together to understand how the credit control function impacts on client accounting records
procedures for holiday pay
the fact that manual records are being used and sometimes holidays aren’t recorded means that mng estimate may not be based on robust information. there is risk that accruals hasn’t been determined in Accordance with IAS 19 Employee Benefits - requires an obligation to be recognised on accumulating paid absences only. Employees are permitted to carry over a max of three days of holiday pay, thus this may not be reason for large increase
Procedures:
1. understand assumptions by discussing with mng methods used
2. confirm that estimation techniques are in acc with IAS 19
3. discuss and assess controls around who is responsible for calc the accrual and how this is reviewed and approved
4. discuss the source of inform-n which was used to develop estimate, confirming whether this is manual records
5. pay rises and changes in staffing table agree with HR records
6. agree staff numbers from payroll records to the holiday accrual schedule and confirm to the numbers inlc in mng accounts
7. develop point estimate based on:
- disc with HR on policy for holiday pay, whether it is accumulating or not
- review sample of contract - accum or not
- records on holiday leaves taken before the YE
- an estimate of holiday leave not taken by YE
8. Get Rep letter - whether sign assumptions in making acc est are reasonable
9. review the actual for pY accrual to verify how effective mng has been in PY in estimating
type 1 and 2 report
it is common for a report on the description and design of controls as a SO to be obtained
a type 1 report focuses on the description and design of controls. Type 2 also covers the operating effectiveness of controls. Type 2 report provides some assurance over the controls which should have operated at the SO. To understand level of competence of SO and whether it is independent of the audited company. This will impact RMM assessed for outsourced function
Anchoring bias
Using initial piece of information as an anchor against which subsequent information is inadequately assessed
Automation bias
Favouring automated output even when human reasoning or contradictory information raised questions whether it is reliable.pr fit for purpose
Availability bias
Placing more weight in events or experience that immediately come to mind or are readily available than those that are not
Availability bias
Placing more weight in events or experience that immediately come to mind or are readily available than those that are not
Confirmation bias
Placing more weight on events that corroborate an existing belief than information information that contradicts or casts doubt on that belief
Confirmation bias
Placing more weight on events that corroborate an existing belief than information information that contradicts or casts doubt on that belief
Groupthink
When a group of individuals reach a consensus without critical reasoning or consideration of alternatives
SO what to assess
- nature and significance of services provided, effect on internal controls
- materiality and nature of the transactions processed
- what is the degree of interaction
- contract
if credit control, understand how they impact receivables/irrecoverable debt or the level of allowance for receivables, and materiality of adj involves
procedures for the SO
- contract review
- reports by SO, eg. effectiveness of credit control function performed
- how SO and client systems linked, how it impacts acc entries
Further procedures
- obtain type 1 or tpe 2 report
- contact
visiting to obtain information on relevant controls at SO
- use another auditor to perform control
new business acquis
- reputational risk - if service or product standards are not replicated -> decrease sales
- clash in management styles and techniques -> conflict -> business strategy -> fin performance
- neglect of existing acitvities -> higher risk of new venture investment not satisf ROI
loan finance
higher BR to ensure that intl expansion is successful and covered wo detriment to existing business
risk of overtrading when many activities
corp governance principles -> riks of fines increases as they didn’t report
warehouse fire
- assess carrying amount of the fire damaged warehouse.
no INSURance relieves from impairment review! Carrying amount VS recoverable amount (higher of ViU and FV-cost to sell)
assess in its current condition!
joint arrangement
parties have joint control have rights to the net assets of the arrangement
IFRS 11 rewuires a jint venturer recognise its interest in a joint venture as an INVESTMENT and account for that investment using equity method! in accordance with IAS 28 Investments in Associates and Joint Ventures
control is considered to be joint if the investors in the venture have
equal shareholdings and equal representation on the board of directors.
W could have control if it had veto rights
the gross totals of all areas in Winberry Co’s
statement of financial position and profit or loss would be inflated by LPS Co being
incorrectly consolidated as a subsidiary undertaking.
cyber secutiry
- deficient internal controls
- audit committee is not appropriately fulfilling its responsibilities with regard to internal audit
- weakness in company’s corporate governance and increase in RMM
legal provision
- from given info is it material? but consider whether court gives rise to an OBLIGATIOn at the reporting date
According to IAS 37 Provisions, Contingent Liabilities and Contingent Assets, a provision
should be recognised as a liability if there is a present obligation as a result of past
events which gives rise to a probable outflow of economic benefit which can be reliably
measured. The warehouse fire is a known event, so if there has been harm brought
about to people in the local area as result of this, then it is feasible that there is a
liability as a result of a past event.
A risk of material misstatement therefore arises that if any necessary provision is not
recognised, liabilities and expenses will be understated. If there is a possible obligation
at the reporting date, then disclosure of the contingent liability should be made in the
notes to the financial statements.
A further risk is that any legal fees associated with the claim have not been accrued
within the financial statements. As the claim has arisen during the year, the expense
must be included in this year’s profit or loss account, even if the claim is still ongoing
at the year end.
The fact that the legal claim was not discussed at the meeting with the audit partner
may cast doubt on the overall integrity of senior management, and on the credibility
of the financial statements.
smth is not working well - eco-friendly vans
- is it material? IMPAIRMENT! as ability to deliver is reduces
compare carrying amount with recoverable amount (HIgher of ViU and FV-cost to sell)
ViU is lowered due to reduced ability to deliver goods efficiently. Fv-cost to sell impacted by delivery range. risk that PPE is overtated and impairment expense is understated
audit procedures on classification of investment
- legal docs and details on (no restriction on joint control, rights and obligation so to understand implications for the reporting, date of the investment, # of shares purchased and voting rights - understand control of venture, nature of access to JV’s assets, contact auditors of JV)
- understand business rationale - review BoD - and assess the amount of control/existence of joint control of the venture
- minutes of relevant meetings bn two! confirm control is shared, decision making process! anyone holds veto rights
- JV’s org structure to confirm tha tour company appointed members to its board
Auditor’s responsibilities in relation to an audit client’s compliance with laws and
regulations
must obtain evidence on compliance
assess evidence esp when non-compliance has impact on FS or will affect the entity’s ability to continue as its operation
Must understand legal and regul-ry framework where client operates! - Therefore, the auditor
should ensure they have a full knowledge and understanding of the data protection
regulations in order to evaluate the implications of non‐compliance by Winberry Co.
when non-compliance is known - understand nature of the act and circumstances in which it occurred and assess effect on FS
discuss - mng on how occurred, legal dep
“In the event that management or those charged with governance of
Winberry Co fail to make the necessary disclosures to the regulatory authorities,
Quince & Co should consider whether they should make the disclosure. This will
depend on matters including whether there is a legal duty to disclose or whether it is
considered to be in the public interest to do so.”
Auditors should comply with the fundamental principle of confidentiality, if needed legal advise
if imminent breach of L&R, may need to disclose
IAS 36 Impairment of Assets,
at the end of each reporting period must assess whether there is indication that an asset or CGU may be impaired. If yes, estimate the recoverable amount of the asset
potential indicators = obsolescence and physical damage
The findings of the government inspector suggesting that the assets
are aging, lack modern safety features and are not properly maintained are all
indicators of impairment and as such management should prepare an impairment
review of the park’s rides.
impairment exists if Carrying value is higher than recoverable
risk that mngt does not conduct review or the inspector’s reviews is not taken into acc
Cash Revenue
- risk of unrecorded cash sales arising from theft of cash received - If this is the case, then revenues and cash may be
understated. - risk of overstated revenue - ideal environment for cash acquired through illegal activities to be legitimized by adding it to the cash paid genuinely
sale and leaseback
- value of buildings in FS is C, which is material
- when sale occurred ROUA recognised for the building replacing the previously held asset - measured at the proportion of previous carrying amount - PV pf lease is 934, it is 93% of Market value (934/1000). The proportion of previous Carrying amount id 93% *854 (per SFP)= 798 .
Legal cases
contingent
liabilities are disclosed in the notes to the financial statements, hence there is a risk of
insufficient disclosure which could be material by nature.
IAS 37 states that an entity must recognise a provision if, and only if:
– a present obligation (legal or constructive) has arisen as a result of a past event
(the obligating event),
– payment is probable (‘more likely than not’), and
– the amount can be estimated reliably.
The general provision does not appear to relate to a present obligation and, as such, is
not permitted. This could be a means by which the company reduces profits in order
to reduce the tax payable or a means of profit smoothing. As a result, it is likely that if
this provision remains, then liabilities are overstated and expenses overstated.
Owner transactions
HE is RP! so all transactions between him and his company must be disclosed!!!
Related party transactions are material by nature
There is a risk that appropriate disclosures are not made for all related party
transactions.
Payroll in cash
risk with employees paid in cash that incomplete deductions
have been made for employee taxes. This may give rise to further compliance risks and
liabilities for unpaid employee tax.
Mngt override
There is a lack of segregation of
duties and given that the management appears to have a disregard for certain laws
and regulations, this is likely to mean that the control environment is weak and there
is a resulting higher risk of fraud and error in the financial statements.
ML auditor responsibilities
- customer due diligence - identify and monitor business relationships and transactions
- MLRO - channels for internal reporting within the audit firm
- keep records for 5 years
4.aware of law on ML and terrorist finance and train how to spot and deal with trans-s which mb related to ML
5. up to date policy knowledge
avoid tipping off! MLRO will report incidents to relevant authorities
Acceptance procedures
- file evidence for conclusions in acceptance form!
- The form of due diligence to be
used and the basis for that decision should be included within the acceptance
documentation. - Assesses client integrity!
ISQM1 - requires auditors to consider whether it is competent to perform the engagement and has the capabilities, time and resources, comply with ethical req-s - PROVE identify of the company!!! and key
individuals including all directors and shareholders with more than 25% of the shares
or voting rights of the company. There should also be a section for the source of wealth
and funds of the business. - assess whether there are any potential areas of high risk for money laundering
client acceptance on Meadow
- What is objective?! obtain appropriate evidence regarding the organisation and the identity of its
owners in order to comply with the money laundering regulations.
- whether full understanding has been gained re ownership structure of the org-n
evidence re org’s activity and how it has been established
!! The professional clearance from the predecessor auditor should be received in writing
prior to acceptance. Where this is not received, the firm should document the
reasons why and whether they have reported this to their regulatory body.
Client identity would involve more people than just owner and wife! all woh have more than 25%. if high risk client, then more enhanced acceptance - driving license
partner level approval is required!
Initial audit eng-t
- arrangement with predecessor auditor - access to WPs; help in planning - highlight matters important for audit of OB or assess G’s accounting policies - previous RP transactions!
any modifications to report! - any ethical issues in KYC on audit strategy - the need for an
independent partner review of the audit, especially given the recent meeting with the
company’s management and their request for a non‐audit service to be performed
For example, the accounting treatment applied
to construction contracts may have been discussed given that this is a significant
accounting policy applied in the company’s financial statements.
special attention to audit of OB. whether OB reflect application of appropriate acc policies and whether PY OB correctly brought forward
develop underst of legal and regulatory framework - help to identify and plan the use of auditor’s experts,
Revenue when several POs
- revenue should be allocated to the performance obligations in the contract by
reference to their relative standalone selling prices. There is an audit risk that Gruber Co is not disaggregating the contract revenue
between the obligation relating to the supply and installation of the machine and the
provision of the support service. This could result in revenue being overstated if the
revenue relating to the support service is recognised at the same time as the rest of
the revenue.
LT IFRS 15
- measure progress toward satisfaction of a PO - completion of contract
- Output method: determine stage of completion of the PO in accordance with value to customer transferred to date relative to remaining goods/services
- input method - on basis of entity’s efforts to the satisfaction of PO
Output - based on work certified, 4m out of contract of 6m =67% completed*Profit Overtted by 730 when M is 700
The accounting
treatment could be an indication of management bias, and the desire of Martin Gruber
to overstate profit for the year. CONSIDER OTHER CONTRACTS
IAS 40 - Inv property
When the fair value model is used, gains or
losses arising from changes in the fair value of investment property must be included
in net profit or loss for the period in which it arises. The
property was only purchased at the start of financial year, and an increase in fair value
of 13.3% in a twelve‐month period is significant
whenever new client and family owned
- OB misstatemnt is possible
- RP transactipons!
Client acceptance
- evidence and justify the type of customer DD: nature of client risk, the form of DD to be used, basis for decision
2.Assess client integrity! - req-t of ISQM - whether the audit firm is competent to perform the engagement
- beneficial owners and control structure of the company - all those with >25% of shareholding
- any ML risk areas
On other company doc-n
1. WHat is the objective!
2. references on the client
3. whether the person the company is dealing with is authorised to engage with auditors - STEPS to prove it
4. partner assigned
Initial audit engagement procedures
- Review predecessor auditor’s WP - highlight key matters for the audit of OB of Acc policies are ok
- if AR was modified and reasons
- any ethical matters raised during client acceptance - any need for indepen partner
- consider major issues discussed with mngt
- procedures to determine - whether OB reflect application of appr acc policies; correct brought forward
- understand business: legal and regulatory - to plan use of experts
non-audit service - dd
CoI is related to objectivity! not compromise professional judgement by undue influence, bias or conflict of interest
1. make full disclosure to both parties and ask permission for service
Safeguard the threat by
- separate engagement teams - clear policies on confidentiality
- reviewer who is not involved with either service to the 2 clients; key judgements and conclusions are approp?
- confidentiality agreements signed
- ensure separation of confidential information
Valuation service = Advocacy threat - promotes interest of client in sale prices, thus impacting objectivity -> Safeguard:
- separate teams for audit and valuation
- independent second partner
it could also mean that the firm is assuming management service!
Self review threat if they are subsequent auditors of the group - audit own valuation!
audit team may lack objectivity and professional SCEPTICISM and over rely on the valuation performed by colleagues
Audit risks
- NEW client - increased detection risk - more difficult to detect MM; Risk that OB and comparative mb not correct - plan it well; +specialized industry where the firm doesn’t have experience
- Corporate governance - not listed, not required, but good practice to establish audit committee as it is seeking market flotation. IA scope is limited due to insufficient resources - implications on controls over fin reporting, which could be deficient and increased control risk
- pressure on results - existing and new shareholders will look for ROI; pressure to show good FIn perf + ambitious expansion plans. mb operating expenses are understated.
- going concern - despite projected increase in revenue and profit, indicators are destroyed plantation and industrial action; reputational damage by legal claims, fin problems by lack of cash and results might be worse than mngt projected - in the note to FS discuss any material uncertainties
government grants
IAS 20 - accounting for gov grants and disclosure - RECOGNISE in PL on SYSTEMATIC BASIS over the periods in which the entity recognises expenses for the related costs for which grants are intended to compensate!
- grant require partial or complete repayment if gold standard is not satisifed - evaluate whether terms are likely to be met, if not recognise provision - can we measure it reliably and outflow is probable. RISK OF UNDERSTATEMENT
legal case
risk of understated liabilities or inadequate disclosures
matter of significant judgments
reduction in FV of the plantation
is 90% of the total assets, highly material
there is risk that mngt will not recognise the loss in full
risk that expert’s valuation is not appropriate
he considered only value of trees destroyed, not any other impact
inventory should be recognised at lower of cost and NRV - if exports won’t go through, they may not be able to sell to other clients
contingent fee
separate engagement letter + separate charge
self interest threat! fin interest of the firm to give favourable audit opinion
the code prohibits, but they are allowed
for other types of work, depending on factors such as the nature of the engagement
and the range of possible fee outcomes.
competence
anything to comply with - i.e. Gold Standard accreditation - given X and Y it is questionable whether the firm can do
Audit risk
RMM (non-compliance to IFRS, + control risk) + detection risk (auditor fails to detect the mat misst-s (first time audit or tight deadline)
Extended External Reporting (EER) - risks and how to mitigate
part of strategic report,
national reps, stakeholders (pension funds), voluntary (for compet advant, prone to mngt bias as no reporting requirement)
IR - integrated reporting - fin and non-fin
CONs (challenges)
even within same industry sust and env indicators mb reported in diff ways.
Comparison challenges
- lack of single reporting basis
- rapid change in EER req-s and discl principles
- diversity of subject matter
- risk of mngt bias due to subjective nature of measurement
over 20-0 KPIs in OECD - vary by region, ind, company
What is being reported upon and WHY (legislative or commercial reasons?)
HOW the information is obtained, reconciled and presented (table or narrative presentation - comparison is impossible) - diffs in how metrics are qunatified and disclosed
Planning for ESG assurance
fundamentals of audit standards
Risks:
Expectation gap - as users may expect all information to be audited. Safeguard: clearly state in engagement letter and in AUDITOR’s report on FS the LIMITATIONS of their assurance work
Review of contents of the AR:
Risk: material inconsistency bn FS and the other information. - consider all auditing standards
- ISA 540 - Estimates.
Mngt Bias - in calc and disclosure, esp if voluntary
Appropr-ss of methods of calc-n and basis are reasonable - issue if no industry stand measurements - ISA 250 - consider-n of laws and regulations
- if legal re- penalties or rep issues
- if breach of reg-n (fines or penalties may be substantial enough to significantly impact the cash flow of an entity.)
ISA 315 - identifying and assessing RMM
- industry/subject matter knowledge and experience - mb specifialies
- indep extperts mb required to assist in the assessment of specialist criteria, for example, greenhouse gas emissions, chemical levels in waste etc. or using an EER expert to manage the assurance process.
- whether industry standard measurements used or their criteria are widely recognised, GHG
- internal controls of client - whether we can rely? Is it internally or externlly generated?
- Infor from third parties - these could include environmental bodies (governmental or private) and the reliance which can be placed on this information.
ISA 450 Eval of miss identified on EER report
- the impact of interruption due to pollution, env-al damage or industrial action (env protesters)
- Consideration of whether the omission of such information may affect the users of the financial statements.
Supply chain miles - how far the product travels before reaching its destination. (influence choice of suppliers, not just reduce carbon footprint, but costs as well)
How to evaluate measurement of sustainability performance
how well businesses are embedding ‘sustainability’ in org’s performance meas-t systems.
- What is being measured? What measures are chosen?
- to what extent sustainability is already covered in org’s perf meas system? Are measures of sust-ty included?
- to what extent chosen indicators enable mngt to measure perf from sustainability meas-s?
- are they most approp-te ones for this org-n?
- do the chosen measures provide balanced picture of performance (rather than, for example, just focusing on areas which the organisation is doing well)?
Q-a on reliability
- How is performance measured (eg inputs; activities; outputs), and can the data be reliably captured?
- any benchmarks or comparators against which performance can be assessed?
- are perf-ce measures clearly defined so they can be consistently and reliably measured?
- is information presented in a way which maximises its usefulness to its audience?
However, for any trend to be meaningful, the indicators need to be measured consistently – over time, and across different parts of a business (and potentially between businesses).
when detection risk increases
when time for procedures is not sufficient;
team members not experienced
AUDIT quality will be compromised
for audit to be effective and maintain public trust, ensure that AR are appropriate in circumstances per legal and prof standards
when EQR is required (always mention!!!)
- listed companies
- when required by law or reg-s
- when EQR is approp-te to address quality risks
- (high level of complexity with subject matter as GHE)
- significant issues: material restatements of comparatives
- unusual circumstances identified during acceptance and continuance as disagreement with pY auditor
- when reporting or FS will be included in reg-ry findings, which may contain high degree of judgement (listing prospectus)
- no prior experience
- the use of EQR to mitigate ethical threats identified
who can be an EQR
- not ET member. EQR must consider whether. team has applied appropriate professional scepticism. A two-year cooling off period is required before an audit engagement partner can act as a reviewer for their former client.
- competent (firm policies rel to eng-t+ legal and prof framework knowledge) + knowledge of industry. exp i nsimilar eng-s and udnerstand responsibilities
- approp-te authority to challenge the partner. his views are treated with respect and not subject to infl or pressure from EP
- comply with ethical req-s
- mb external or member of the firm
responsibilities of EQR
- review signif judgements
- assess whether audit doc-n supports judgement and conclusions are approp-te + whether they exercised prof scepticism!
what EQR is required to evalaute
- EPs determination that indep requirements are fulfilled
- consultations taken DPP
- ## ET has suffic and approp involvement on ET to assess judgements and concl-s‘stand back’ - AR cannot be dated before the reviewer determines so
SoQM
System of Quality Management - SoQM
1. Firm’s risk assessment process - it must be designed to set quality objectives and identifies risks; ensure threats to independence are fully identified and safeguards are enacted
2. Governance and leadership - tone at the top; firms must create environment which demonstrates Commitment to quality through its culture! Instead of focusing on clint retention
Managing partner is responsible and accountability for SoQM
System should reward commitment to Quality! To allow partner to challenge client
3. Relevant ethical requirements - SoQM should be aligned with
IESBA International Code of Ethics for Professional Accountants (the Code)
SoQM include objectives and policies to ensure fulfillment of ethical requirements - ensure any component auditor also complies with ethical requirements FIRMS must have mitigations for the ethical risks for the firm not client specific 4. Acceptance and continuance of client relationships a. Assess integrity and ethical values of the client and its management b. Whether firm is able to perform the engagement within legal and prof req-s c. Decision should be Solely on ability to provide QUALITY audit and not fin and oper priorities d. Reassess each relationship (fresh identity checks, new independence declarations, re-evaluate competence, and CoI) e. Assess if new information had it been on acceptance level would prevent from taking the client 5. Engagement Performance a. Per Code partner should be sufficiently and appropriately involved b. Team members must understand their responsibilities for ensuring a quality audit c. PROFESSIONAL SCEPTICISM and judgement be exercised 6. Resources Appropriate resources (competence, training, capabilities) on a timely manner + consider using independent experts where firm does not have appr personnel 7. Information and communication - of policies and information within the firm on; with EQR or bn group and component. TCWG comms - Ethical requirements - Policies on ethics - Training materials - Registers of training undertaken - IDs Client acceptance and continuation - Risk assessment documented - Client identity documents obtained and stored! - Engagement letter issued Eng performance Role assignments and delegations 8. Monitoring and remediation process Process of monitoring SoQM effectiveness
