Notesale: Turn your study into money

Document Preview

Extracts from the notes are below, to see the PDF you'll receive please use the links above

---

UNIT 1
THE BENEFITS OF HAVING AN AUDIT
o

Improving the credibility of financial statements:
Published financial information is relied upon by more than just the shareholders
...


o

Government:
The audit is used for the collection of taxes
...


The fundamental principles of the theory of auditing that an audit will be based on
...

Internal control procedures reduce the possibility of errors and irregularities

-

The consistent application of GAAP/OFRS results in a reasonable account

-

In the absence of clear evidence to the contrary, what was true in the past will remain true
in the future
...


-

-

The professional status of the independent auditor implies certain professional
responsibilities
FOUR TYPES OF ENGAGEMENTS
I
...

• It provides Reasonable assurance
...


•

II
...


Review:
• The objective is to enable the auditor to state, based on procedures that do not
provide all the evidence of an audit, whether or not anything has come to the
auditor’s attention that may cause the auditor to believe the statements were no
prepared, in all material aspects, with the applicable financial reporting framework
...

The procedures do not include:
o Assessment of the accounting and internal control systems
o Testing of records and answers to enquiries
The procedures provide a lower level of assurance
...


Agreed-upon procedures:
• Auditor performs those procedures of an audit nature that the client, the auditor
and third parties agreed upon
...

• The distribution of the report is limited to those parties who have agreed on the
procedures to be performed
...


Compilation
• Accountant uses accounting expertise to collect, classify and summaries financial
information
...

• The user obtains some benefit because the word is done with professional skill
and care
...
The involvement of the auditors lends credibility to the event, as both the participants and
public:
❖ Regards auditors as independent

❖ Know that the auditor has both technical competence and integrity
2
...

3
...

4
...

The involvement of the auditor therefore lends a flavor of independence to the
competition
...

The directors of a company are responsible to prepare the financial statements
...

The auditor plays an important role to provide credibility to the published information
...

As to whether the financial statements fairly present
In all material respects
The financial position of the entity at a specific date

Express an opinion on whether the annual financial statements
Are prepared in all material respects in accordance with an
Applicable financial reporting framework
•
Responsibilities with regards to compliance with laws and regulations FOR
MANAGEMENT?

...

i
...


The implementation and maintenance of internal controls
...


iii
...


iv
...


v
...


vi
...

vii
...
Introducing an audit committee
Responsibilities with regards to compliance with laws and regulations FOR auditors?
i
...

ii
...

iii
...

iv
...

The auditor’s actions / procedures in terms of ISA 250 upon discovery of non-compliance?

iii)
iv)
v)
vi)
vii)
viii)
ix)
x)

1
...

2
...
Potential financial consequences
ii
...

Document the findings in the working papers and discuss them with management
...

Consider the effect on:
Other aspects of the audit
The auditor’s risk assessment; and
The reliability of management representations
...
Plan and perform the audit with an attitude of professional skepticism that
the audit may reveal non-compliance with laws and regulations
...
Obtain a general understanding of the entity’s legal framework and
compliance therewith, by means of:
0
...

1
...


2
...

3
...
Discussions with auditors of overseas subsidiaries about the legal
and regulatory framework
...
Perform procedures to detect non-compliance, for example:
5
...

6
...

iv
...

v
...

vi
...

The indicators of possible non-compliance
i
...

ii
...

iii
...

iv
...

v
...

vi
...

vii
...

viii
...

ix
...

x
...


UNIT 2
the two types of independence requirements that auditors should consider for assurance
engagements
Independence of mind
•

The state of mind that the auditor needs to have to

•
•

Reach a conclusion that is not affected by influences that compromise professional
judgement
Allowing an individual to act with integrity, and

•

Exercise objectivity and professional skepticism

Independence of appearance
•

Avoidance of facts and circumstances that are so significant

•

That a reasonable and informed third party having knowledge of all relevant
information, including safeguards applied

Would reasonably concludes a firm, or a member of the assurance team’s integrity, objectivity or
professional skepticism had been compromised
...
should take before accepting
the appointment as the new auditors
...
should take before accepting the
appointment as the new auditors
1
...
Addressing the matter
3
...
Documentation

what should be considered under the following steps of Section 360 of the CPC:
Addressing the matter
The professional accountant shall advise management or those charged with governance
to take appropriate and timely action, including:
- Rectify, remediate or mitigate the consequences of the non-compliance;
-

Prevent the non-compliance where it has not yet occurred; or

-

Disclose the matter to an appropriate authority where required to do so by law or were
considered to be in the public interest
...


Further action referred to above may include:
-

Disclosing the matter to an appropriate authority even if not required to do so by law;
and

Withdrawing from the engagement
...

In deciding whether to make a disclosure, the professional accountant shall consider the
actual or potential harm that may be caused by the matter to stakeholders
...

o Whether robust and credible protection exist from civil, criminal, or professional
liability or retaliation; and
o Whether there are threats to the physical safety of any person
...


Lowballing
Lowballing refers to quoting a lower tariff than the previous or another auditor
It is not considered unethical to quote a lower fee when negotiating a professional appointment
But any threats to fundamental principles must be considered

A self-interest threat to professional competence and due care may be created if:
•

The fee quoted is to low that it is difficult to perform the engagement in accordance with
applicable technical and professional standards
Safeguards against the threat include:
•
•

Making the client aware of the terms of the engagement and
Basis on which fees are charges and which services are covered in the fee

•

Assigning appropriate time and qualifies staff to the task

Jaco is allowed to perform the audit at the lower fees provided he adheres to the above

Legal liability of the auditor:
An auditor will incur no liability to a client or a third party in respect of an opinion expressed or
statement/report given in the ordinary course of his duties, unless he acted:
• Negligently; or
• Maliciously
Regarding negligent performance of duties an auditor only incurs liability for financial loss to a
third party who has relied on a statement/report etc
...

The client would use such opinion/statement etc
...
, to act in some way,

•
•

Or represented to a third party that the statement/report etc
...

Andy’s registration with the Independent Regulatory Board for Auditor means that he is a
Registered Auditor (RA)
And is allowed to engage in public practice

Publicity, advertising and soliciting:
Direct mailing in terms of any services and products is permitted but:
• MAY NOT be pursued, except if so requested by the recipient
• Has to be discontinued of so requested
Solicitation per fax is permitted as it is regarded as direct mailing
Sending SMS is not in good taste, and therefore must not be used
Cold calling in terms of audit work (public practice) is not permitted
This includes:
•
•

Direct / indirect personal approach and
Telephonic approach
We would have to determine whether solicitation per e-mail is considered direct mailing
(permitted) or cold calling (not permitted)

Disciplinary rules, tax evasion
The auditors would be guilty of improper conduct of they helped the doctors to evade taxation
...
, we have to consider whether this is a reportable irregularity

UNIT 8 (legislation)

Reportable Irregularity in terms of the Auditing profession Act
...

By any person responsible for the management of the entity

The decision was made by a director and then supported further by the board of directors
who agreed with the decision
...

Material breach of fiduciary duty owned by the directors
All the above constitutes a breach of the fiduciary duties of the directors of Magic
...

❑ complied prescribed competency requirements
❑ This does not appear to be true as only 2/3 audit partners/directors have passed
all the board exams
...

resident of SA
As Kiyansanbo Thukili is not a South African citizen, but rather Swazi citizen, she will not
be permitted to be an audit partner or director of the audit firm
...


❑ To engage in public practice company requirements to be met:
❑ Incorporated & registered i
...
o Companies Act and have share capital
▪ There are no concerns here, as there is share capital and each shareholder hold
33
...

▪ The audit firm has been established as a (Pty) Ltd and this is incorrect as it must
be an Incorporated company
...

You can only be an RA once you have passed all your exams and met the minimum
requirements as set out by the APA
...

❑ Every director must be a shareholder = RAs
As Constance Magubane is not a RA, she cannot be a shareholder or a director of the
audit firm until such requirements have been met
...


Constance Magubane is in contravention of these rules as she has not yet passed the
final board exam and as such cannot be in PP as an RA
...
A practitioner:
• The professional accountant
• This would be CA(SA) RA
2
...
An intended user

•

The person for whom the assurance is intended
• This would be the members of THE COMPANY

List at least three other elements that must to exist in order for an engagement to
be an assurance engagement
...
Subject matter
2
...
Suitable appropriate audit evidence
4
...
Plan the audit
2
...
Respond to identified risks, for example
Setting materiality
Considering the appropriateness of accounting policies
Identifying special audit consideration areas e
...

• Related party transactions
• The appropriateness of the going concern
• The business purpose of transactions
• Developing expectations for analytical review purposes
• Designing audit procedures (test of controls & substantive procedures)
•

Evaluating the sufficiency and appropriateness of audit
Evidence

the aspects that will be considered on obtaining and understanding of the entity
and its environment
1
...
Internal factors
Business operations

Investments
Financing
Financial reporting
3
...
This does not appear to
have been done as
No knowledge of the clients business was obtained or
updated, particularly not
by the new auditor, The previous auditor,
also did not documented his knowledge of the business

No understanding was obtained of the accounting
and internal controls (or it was not documented)
•

The audit risk associated with the engagement was not considered

• Materiality was not considered or quantified
• The audit approach was not formulated
Obtaining of audit evidence
Evaluating concluding and reporting
the quality control requirements as per ISA 220:
There are two levels of quality control:
• firm level; Ethical requirements and leadership responsibilities for quality
control
• and at audit level
the Pre-engagement activity procedures
Step 1: Perform a client investigation (client screening)
Consider: The independence of the auditor was not considered as evidenced by the
following:
Consider: The integrity of the client (risk of the client and management thereof) was not
considered as evidenced by the following:
Consider: Information obtained from communication with the predecessor auditor was not
considered as evidenced by the following:
Consider: Financial responsibility of the client was not considered as evidenced by the
following
Consider: The legal procedures in respect of the engagement was not considered as
evidenced by the following
Step 2: Determine the skills and competence requirements for the engagement
(auditor requirements

Consider: If the auditor has the capabilities, competence, time and resources to accept
an engagement for a new client was not considered as evidenced by the following
Step 3: Establish the terms of engagement
the engagement letter must be signed BEFORE commencement of the audit

engagement letter supplied
Possible errors
Recommendations
There is no letterhead included in the Ensure that the engagement letter is
engagement letter
placed on the audits firm’s letterhead
...

And
Incorrect to guarantee that the financial
statements will be a 100% free from
material misstatements
...


Ensure that a date is included
...

It is not correct to state that an audit does
not include assessing the accounting
principles used etc
It is not correct to say that we will simply
trust what management states owing to
the
fact
that
an
management
representation letter was issued
...

AND
Remove this statement

Replace this with ISAs

Remove these words

Replace does not with DOES, as it does
...


with

there

IS

an

It is not correct to say that auditors will Replace this with misstatements may
discover all misstatements
remain undiscovered
It is not correct to say that the auditor will Replace with we expect to provide you
not provide the client with a separate letter
regarding material weakness
...

It is not correct to say that it is the
responsibility of the auditor only to
prepare the AFS
It is not correct to say that the client must
not feel pressurized if documents cannot
be found
AND
That the auditor will simply select other
audit evidence that will make the testing
more applicable and to report
It is not correct to say that the fees will be
based on what suits the client’s budget
It is not correct to say that the audit letter
will be effective for future years and
That it may never need to be signed again
...
Leadership responsibilities of quality control within the firm
b
...
Engagement performance entailing:
i
...
Engagement quality control review
iii
...
Monitoring

i)

Do you agree with this statement, justify your answer?
ii)

No, I do not agree with this statement for the following reasons:

o as this behavior will not ensure that a quality audit is achieved
o all audit firms must adhere to strict quality control within their firms
as set out in terms of ISQC 1, which states that high risk client must
be quality reviewed by other partners
...

Obtain audit evidence through performance of audit procedures
Evaluation, concluding and reporting
Unit 4 PLANNING
Explain to the student what needs to be considered when obtaining an understanding of
the entity and its environment
...

o Product technology relating to the entity’s products
...

Regulatory environment
o Accounting principles and industry-specific practices
...

o Taxation
...

o Inflation and exchange rates
...

o Alliances / Joint ventures
...

o Key customers
...

o Investments and dispositions
...

Financing

•

o Group structures
o Leasing of property
...

o Related parties
...

o Revenue recognition practices
o Accounting for fair values
...

o Key performance measures and incentive compensation policies
...
;
- Work is properly delegated to assistants and reviewed
...
Obtain knowledge of the entity and its environment
o Contact key directors and discuss with them:
▪ The new internal audit department
▪ Pending lawsuits against the company
▪ Possible cash flow problems
▪ Any other changes in the company
o Hold discussions with internal audit manager and review internal audit reports
...

Consider industry conditions: private hospitals have a monopoly, with virtually no
competition between the respective private hospital groups
...


o

Visit the client’s premises to obtain an understanding of the client’s operations
...

Perform analytical procedures to identify key ratios, trends, etc
...


o

Consider financial and related business risks:
▪ Development of eClaims was delayed
...
Obtain an understanding of the accounting and internal control system
o Enquiry into the systems implemented for claims
...

o Inspect system documentation
o Consider the reduction in risk stemming from an internal audit function by
evaluating internal audit as a control function
...

3
...


▪

legislation affecting the pricing of medicine in the industry
• Profitability will come under pressure due to failure of eClaims
systems
...

The group is involved in two legal cases for negligence by their staff
...


o

The overall audit risk appears to be on the high side
...
Setting materiality
▪ As audit risk is deemed to be high, materiality will be low
...

▪

▪
▪

A combination of indicators will be used as the group is building hospitals
and providing a service, therefore, both the SFP and SoCI will be of value
to shareholders
...

Materiality will thus be between R 200 000 and R 620 000

Indicator

%

Turnover
Gross Profit
Net Profit
Total Assets
Equity

½% - 1%
1% - 2%
5% - 10%
1% - 2%
2% - 5%

Interim
R ‘000
30 000
18 000
3 000
54 000
31 000

Annualised
R ‘000
40 000
24 000
4 000
54 000
31 000

Low range
R ‘000
200
240
200
540
620

High Range
R ‘000
400
480
400
1 080
1 550

Give the definition of audit risk and each of its components
...

Inherent risk is the susceptibility of an account balance or class of transactions to
misstatement that could be material, individually or when aggregated with
misstatements in other balances or classes of transactions, assuming that there are
no related internal controls
...

Detection risk is the risk that an auditor’s substantive procedures will not detect a
misstatement that exists in an account balance or class of transactions that could be
material, individually or when aggregated with other misstatements
...


Audit Risk (AR) = Inherent Risk (IR) x Control Risk (CR) x Detection Risk (DR)

-

The inherent and control risks stand independent from the audit, while the detection
risk is directly related to the auditor’s substantive procedures
...

Regardless of the levels of inherent and control risk, the auditor should always perform
some substantive procedures on material balances and classes or transaction
...

The lower the audit risk, the higher the amount of materiality could be set, because
the chance is small that material misstatements could occur and go undetected

Briefly discuss the nature, timing and extent of the further audit procedures to be
performed
o

As we have arrived at a favourable preliminary assessment of control risk, we will
probably follow a system-based audit approach involving tests of controls
...

A system-based approach would be possible as the company has sound
controls, competent management and accurate management accounts
...

▪ These would include both computerised and manual controls
...

▪ The assessment of computerised application controls may require the use
of systems based CAAT’s such as test data
...

▪ Testing of detail would be reduced and more reliance would be placed on
analytical review procedures
...


Because of the tight deadline and strong controls, we are likely to perform most
verification procedures before year-end and then perform roll forwards at year-end

o The services of a CAAT specialist may be required
...


-

In order to rely on the component auditor’s work the group auditor needs to
consider:
Component auditor’s membership to professional bodies
Independence of auditor
Competencies & Qualifications of auditor
He must communicate to the component auditor the use that will be made of his word
Must communicate the materiality figure to the component auditor
He must communicate the accounting, auditing and reporting requirements that will be
applied
He must communicate when the work must be completed
The need to agree on regular communication

The group auditor did not:
-

Provide the component auditor with his expectations of the work to be performed

-

He did not provide him with the materiality figure to be used but gave him instructions to
calculate it himself
He did not provide the component auditor with the accounting, auditing and reporting
requirements that need to be applied, but asked the component auditor what he wants to
use
...


-

-

The group auditor did:
-

Inform the component auditor of the independence declarations that need to be completed

-

He did provide the component auditor with the relevant deadlines for submission of
workpapers and for the audit report
...


-

UNIT 5 COMPUTORS
PAYROLL APPLICATION SYSTEM
- Requests for changes/ corrections to the system should be promptly and completely
carried out

- Only authorized changes should be made
- Compliance with standards - Controls over program changes
- Testing and final approval
- Changes are made to test versions and not live versions of the programs
- Changes to the system should be fully documented and all systems documentation
should be modified accordingly
- Changes to production programs should be backed up and stored in the program
library
- Training of users in respect of the use of updated programs
- Post-implementation review
B)
– Risk of unauthorized access to data and programs or changes to data and programs
- Lack of visible transaction trails - Data is only available for a short time or only
available in electronic format - Data could be intercepted, lost, duplicated, corrupted,
or manipulated during transmission - Programming errors could result in processing
errors - Programmed internal controls exercise automatic and consistent controls
C)
Password control
- Passwords should be unique to each individual, as opposed to group identification
- Passwords should be 5/6 characters long and should not be obvious to anyone
...

- Password should be changed frequently dependent upon the number of users,
application sensitivity and the rate of turnover of job responsibility
- Terminals should be ‘disconnected, by the system after a limited (specified) number
of unsuccessful attempts at using a password
...

Password controls
I
...

Passwords should be of five or six characters and should not be “obvious” e
...

Users birthdate should not be used
...


Passwords should be changed frequently dependent upon the number of users,
application sensitivity and the rate of turnover of job responsibility

IV
...


VI
...

VIII
...


X
...

XII
...


Passwords should be chosen by users to ensure that only the user knows his/her
password
The computer file of passwords should be protected by the system from access by
unauthorised persons and should be encrypted
Passwords should not be displayed on the terminal at any time, neither should they
appear on any reports or logs
Hard copy listings of the user and his/her password should not be printed unless
absolutely necessary, any such listings should be kept locked away
The system should monitor (log) unsuccessful attempts to gain access because of
incorrect passwords and these should be followed up
Terminals should be “disconnected” by the system after a limited (specified)
number of unsuccessful attempts at using a password
The name of the user should be displayed on the terminal screen for the duration
of an on-line session
...


Passwords are most effective when used in combination with some other identification
technique e
...
magnetic strip card, this means that a person intending to gain
unauthorised access will need to steal the card and discover the password (e
...
at an
ATM)

the different methods of System computer-assisted audit techniques that you
could use to obtain audit evidence
TEST DATA
o
o
o

Creation of fictitious data by the auditor
Captured onto client’s computer system for processing
Results of processing checked by auditor against his results

CONTROL AND REPROCESSING
o
o

Processing of selected transactions under auditor’s supervision
Processing is aimed at testing the functioning of the programmed controls

PROGRAMME CODE ANALYSIS
o
o

Comprises investigation of the programmed coding to
Ensure that necessary programmed controls are present

o

Programmed is coded correctly

SIMULATION

▪

Involves processing client data on the auditor’s simulated programmed
Comparing his own results with the clients results
on-line system

▪
▪
▪
▪

The characteristics:
On –line (direct) entry of data
Authorization of input by the system through validation tests
On-line access to the system by users
Absence of visible audit trails

o

Advantages:
▪
▪
▪
▪

Files are up to date
Entries are accurate
Risk of non-recording of transactions is small
Data processing is fast

Program development and implementation controls:
1
...
Authorisation of purchase of package:
Authorisation of purchase by Ms Seatle – Maitse and the cashier based on results of
feasibility study

3
...
)
o
-

Control over the conversion by the data control group:
Supervision by competent senior management
The auditors should also be involved

UNIT 6

number
1
...

The company may not comply
with all the listing
requirements
...

The company may not comply
with all the IFRS requirements
...


Bonuses based on
performance

3
...
e
...


5
...


Financial Manager resigned
during the year

7
...


8
...


INVENTORY CONTROLLER

10
...

The AFS may be materially
misstated as the going concern
assumption might not be
properly accounted for and/or
disclosed
...

- There may be a breakdown in
internal controls as no
reconciliations were
conducted
...

Changes in accounting
software during the year and
staff have not been trained yet
...

The AFS may be materially
misstated as there might
be errors occurring in the
preparation of financial
records
...
For instance
JSE regulations,
Environmental Laws,
Labours Laws, etc

---