Solution Assurance and Audit Practice Nov 2008
Solution Assurance and Audit Practice Nov 2008
Solution Assurance and Audit Practice Nov 2008
Inherent and control risk factors help the auditor in deciding his materiality levels for audit planning. These include:
The auditors knowledge of the business-inherent risk factors The auditors knowledge about the strength of the clients accounting system and internal controls for the particular transaction cycle or account balance The nature of assets being considered such as susceptibility to theft of cash The possible impact on profits such as closing stock The degree of judgement involved in determining the item e.g. provision for doubtful debts The nature and causes of misstatements discovered in prior audits, such as suspected fraud The competence and experience of client accounting personnel The nature of the items, for example whether required to be disclosed irrespective of the magnitude.
(b)
(1)
The design of the system determines the control structure, the accounting system which the control procedure designed to prevent, detect and correct misstatements in documents, accounting records and the financial statements arising from fraud and error. If the system is well designed it would encourage the auditors to decide greater reliance on it provided it is being implemented effectively.
(2)
Reliance on control requires evidence that the control procedures are being applied consistently to all relevant transactions. This evidence is obtained by performing test of controls on the operations of controls.
The less the deviation from control procedures revealed by the results of test of controls the higher the extent of reliance placed on such controls by the auditor.
(3)
Control environment effectiveness A prime requirement for reliance on controls is a strong control environment. No matter how effective the design of detailed control procedures, if they are subject to management override, performed by employees who are not properly aware of their responsibilities, supervised by inadequately qualified accounting officer or where pressure to get the accounts out on time overrides concern for accuracy, they will not be effective in operation.
Even though a strong control environment by itself will not guarantee the effective operation of internal controls, a strong control environment can significantly complement specific control procedures while a weak control environment will exacerbate weak control procedures.
The stronger the control environments e.g. one with tight budgetary control and effective internal audit function, the higher the auditors in internal controls and hence higher levels of reliance.
(4)
Some controls have an effect on specific audit objectives for example an internal audit programme of branch visits may enable auditors to reduce the number of branches visited or audit purposes. Other controls may be specific to a particular audit objective. In placing reliance on controls, both specific and general controls on each audit objective needs to be considered. The more relevant the internal controls to audit objectives the higher the extent of reliance.
Materiality of accounts balances and class of transactions auditors plan and conduct the audit to have reasonable expectation of detecting more material
misstatements. Where amounts are material less reliance is placed on internal controls and vice versa.
(c)
Embedded Audit Facility or Resident Audit Software: This can be described as an expert system. It consists of a module of a computer program written by the auditor which is incorporated into the clients computer system either temporarily or permanently.
Using this software the computer is instructed to tag all transactions meeting specified criteria such as purchases over 100m or employee salary increase above 20%. The software then traces the tagged transaction through the system and records each time the transaction is processed in a special audit file. With purchases over 100m, for example, the audit file will log the purchase being tested by each of the edit controls attached with purchase orders and goods inward rates entered in the purchase ledger and the relevant asset or expense account in the general ledger, entered into stock records, accumulated into total month and payment to the supplier and included in totals for management reports.
The technique allow tests to be made at the time the data is being processed. It is real time auditing. It is useful where audit trail is deficient so that historical audit work is difficult or where files are constantly being up-dated, for example in a real time or database system for later evaluation by the auditor.
The technique can be used for both compliance testing checking that transactions are being processed in the required way by the system. It can also be used for substantive testing by tagging and tracing all material or unusual transactions.
The auditor can use this software to accumulate audit evidence without being present during processing of transaction.
QUESTION 2 (a) To minimize risk, an audit firm should have the following features:
3
Proper recruitment and training of personnel Staff with appropriate ability to be allocated to particular audits Communication with staff to be two-way on matters of general concern and in connection with specific audits The work of the firm to be planned in such a way that each audit can be approached in a relaxed but disciplined way and timing problems can be accommodated Use of audit manuals which conform to the audit standards and guidelines Use of audit documentation which is comprehensive and yet which allows for special situations Use of budgeting and other techniques to ensure that audits are remunerative and yet risk-minimizing Use of precise and frequently updated letters of engagement Use of review techniques for all audits Existence of a technical section so that all new developments are rapidly incorporated into the firms actions (e.g. accounting, law audit procedures etc)
(b)
Procedures that an audit firm need to adopt to ensure that audits are performed to meet quality control standards include:
(i)
The firm should establish a suitable set of procedures and communicate these to all partners and staff. Printed manuals and/or verbal instructions could be employed There should be a procedure for evaluating prospective clients with consideration of the firms ability to meet the clients needs for making the decision on acceptance which may be made by a partner or by a committee. The integrity of the clients management may be considered There should be procedures to ensure that all partners and staff are aware of and adhere to the principles of independence, objectivity, integrity and confidentiality There should be procedures to have fully competent and skilled set of partners and staff including: (i) recruitment of only suitably qualified and expert staff. Staffing need being planned ahead.
4
(ii)
(iii) (iv)
(ii)
all partners and staff should be encouraged to learn, and to keep up-todate with technical matters. The firm could provide literature, maintain a technical library, send people on courses and hold courses themselves. Opportunities should be provided for staff to have adequate experience on a range of clients as on-the-job training. Evaluate performance of staff and discuss with those concerned.
(iii)
(v) (vi)
Decisions on problem areas should be taken on consultation with others, especially experts concerned Suitable procedures should be introduced to ensure that all procedures are working adequately.
QUESTION 3 (a) An audit trail is the means by which an individual transaction can be traced sequentially through the system from source to completion, and its loss will mean that normal audit techniques will break down.
The original concept of an audit trail was to print out data at all stages of processing so that an auditor could follow transactions stage-by-stage through a system to ensure that they had been processed correctly. Computer auditing methods have not cut out much of this laborious, time-consuming stage-by-stage working, and make use of:
a more limited audit trail efficient control totals enquiry facilities audit packages; and file dumps
An audit trail should ideally be provided so that every transaction on a file contains a unique reference back to the original source of the input (for example a sales system transaction record should hold a reference to the customer order, delivery note and invoice). Where master file records are updated several times, or from several sources, the provision of a satisfactory audit trail is more difficult, but some attempt should nevertheless be made to provide one. Typical audit problems that arise as audit trails move further away from the hard copy trail include: (i) testing computer generated totals when no detailed analysis is available;
5
(ii)
Traditionally, the ways in which an auditor could approach the audit of computer based systems fell into the following two categories: (i) (ii) the round the computer approach; and the through the computer approach
A few years ago it was widely considered that accountants could discharge their duties as auditors of a company with computer-based systems without having any detailed knowledge of such systems. The auditors would commonly audit round the computer by ignoring the procedures which take place within the computer programs and concentrating solely on the input and corresponding output. Audit procedures would include checking authorisation, coding and control totals of input and checking the output with source documents and clerical control totals. This view is now frowned upon and it is recognised that one of the principal problems facing the auditors is that of acquiring an understanding of the workings of the EDP department and of computer itself. It is now customary for auditors to audit through the computer. This involves an examination of the detailed processing routines of the computer to determine whether the control in the system are adequate to ensure complete and correct processing of all data. With the advent of embedded audit facilities we are increasingly seeing the introduction of auditing from within the computer. One of the major reasons why the round the computer audit approach is no longer considered adequate is that as the complexity of computer systems has increased there has been a corresponding loss of audit trail. The audit techniques used to audit through the machine are as follows: .. Audit software comprises computer programs used by the auditors to examine an enterprises computer file. It may consist of package programs or utility programs which are usually run independently of the enterprises computer-based accounting system. It includes interrogation facilities available at the enterprise. The features of the main types of audit software are as follows: (i) Package programs - consist of prepared generalised programs for which the auditors will specify their detailed requirements by means of parameters, and sometimes by supplementary program code. Purpose-written programs - involve the auditors satisfying their detailed requirements by means of program code specifically written for the purpose. Utility programs consist of programs available for performing simple functions, such as sorting and printing data files.
(ii) (iii)
(b)
Analytical procedures are substantive procedures which can be useful at most stages of the audit. As well as confirming figures directly (such as the PAYE due on salaries for a period), they may also be used to give additional comfort where other audit tests and other figures are also available. This is the case where there is a loss of audit trail.
The analytical procedures will not guarantee that certain transactions have been processed, but they will give some assurance that the records are accurate and complete.
Analytical procedures compare figures, trends and ratios to one another, to prior periods and to budgeted or forecast figures. Where variations occur from what is expected then investigations can be made to establish the reasons.
(c)
The auditors can use audit software for analytical procedures in the following ways:
(i)
It can read computer files and extract data, such as account balances, agreeing analyses for stock and debtors and so on.
(ii)
If the relevant information is on the computer, the audit software can compare current results to prior year or to budget. This would include producing absolute and percentage variances.
(iii)
Other computational aspects would be the calculation of days sales in debtors or days purchases in stock and creditors. This would help in the detection of doubtful debts, obsolete stock and so forth.
(iv)
The audit software can calculate any amount of variances, trends and ratios, but the auditor must be wary. The auditors must still analyse what the software produces, which will involve them using professional judgement in analysing the figures.
(d)
(i)
Sales Debtors A decrease in debtors turnover means that debtors have risen faster than sales (or fallen more slowly). There could be one or several reasons for this and each of the following should be investigated. (1) (2) (3) (4) (5) Changes in sales mix (major new lines). Changes in credit terms, perhaps more generous due to increased competition. . Changes in credit control department staffing or procedures. Changes in customers.
Further substantive procedures would be required if an explanation was forthcoming. Testing may be necessary in some form to check the explanations received.
(ii)Decrease in stock turnover Stock turnover is calculated as: Cost of sale Stock As in (i) above, the auditors will need to find reasons for the decrease in stock turnover. The following possible reasons should be investigated. (1) (2) (3) (4) (5) (6) A new method of valuing stock may have been adopted Sales may have declined suddenly Cut-off errors Increase in stock quantities, perhaps due to bulk buying to obtain discounts Stock values (and amounts) incorrectly calculated Changes in types of stock held due to change in sales mix
Once again, if no explanations are forthcoming then the auditors must test for errors and/or fraud.
8
QUESTION 4 MOULDINGS HOLDING PLC (a) Reasons for reviewing the work of other auditors The principal consideration which concerns the audit of all group accounts is that holding companys auditor (the primary auditor) is responsible to the members of that company for the audit opinion on the whole of the group accounts.
It may be stated (in notes to the financial statements) that the financial statements of certain subsidiaries have been audited by other firms, but this does not absolve the primary auditor from any of his responsibilities.
These responsibilities are imposed by statute. Companies Code requires the auditors of a holding company to report to its members on the truth and fairness of the view given by the financial statements of the company and its subsidiaries dealt with in the group accounts. Furthermore, the Act provides the primary auditor with powers to obtain such information and explanations as he reasonably requires from the subsidiary companies and their auditors in order that he can discharge his responsibilities as holding company auditor.
The auditing Guideline Group financial statements reliance on the work of other auditors clarifies how the primary auditor can carry out a review of the audits of subsidiaries in order to satisfy himself that, with the inclusion of figures not audited by himself, the group accounts give a true and fair view.
The scope, standard and independence of the work carried out by the auditors of subsidiary companies (the secondary auditors) are the principal matters which, according to the guideline, need to be examined by the primary auditors before relying on financial statements not audited by them. The primary auditors need to be satisfied that all material areas of the financial statements of subsidiaries have been audited satisfactorily and in a manner compatible with that of the primary auditors themselves.
(b)
Work to be carried out by primary auditors in reviewing the secondary auditors work
(i)
Send a questionnaire to all secondary auditors requesting detailed information on their work, including:
an explanation of their general approach (in order to make an assessment of the standards of their work); details of the accounting policies of major subsidiaries (to ensure that these are compatible within the group); the secondary auditors opinion of the subsidiaries overall level of internal control, and the reliability of their accounting records; any limitations placed on the scope of the auditors work; any qualifications, and the reasons for them, made or likely to be made to their audit reports.
(ii)
Carrying out a detailed review of the secondary auditors working papers on each subsidiary whose results materially affect the view given by the group financial statements. This review will enable the primary auditor to ascertain whether (inter alia);
an up to date permanent file exists with details of the nature of the subsidiarys business, its staff organisation, its accounting records, previous years financial statements and copies of important legal documents; the systems examination has been properly completed, documented and reported on to management after discussion; ..; all other working papers are comprehensive and explicit; the overall review of financial statements has been adequately carried out, adequate use of analytical review procedures has been made throughout the audit; the financial statements agree in all respects with the accounting records and comply with all relevant legal requirements and accounting standards; minutes of board and general meetings have been scrutinised and important matters noted; the audit work has been carried out in accordance with approved Auditing Standards;
10
the financial statements agree in all respect with the accounting records and comply with all relevant legal and professional requirements; the audit work has been properly reviewed with the firm of auditors and any laid down quality control procedures adhered to; any points requiring discussion with the holding companys management have been noted and brought to the primary auditors attention (including any matters which might warrant a qualification in the audit report on the subsidiary companys financial statements); adequate audit evidence has been obtained to form a basis for the audit opinion or both the subsidiaries financial statements and those of the group.
If the primary auditors are not satisfied as a result of the above review, they should arrange for further audit work to be carried out either by the secondary auditors on the behalf, or jointly with them. The secondary auditors are fully responsible for their own work; any additional tests are those required for the purpose of the audit of the group financial statements. (c) (i) (ii) (iii) As a result of take-over: The holding company may insist that then auditors act jointly with those of the new subsidiary. Locational problems: A company operating from widely dispersed locations may find it convenient to have joint auditors. Political problems: Overseas subsidiary may need to engage a local auditor to satisfy the laws of the country in which they operate. It is sometimes found that these local auditors act jointly with those of the holding company. Some companies want to use their local accountants while at the same time enjoying the wide range of services of provided by a large international firm. Size of the client company.
(iv) (v)
QUESTION 5 (a) Matters to be considered in reviewing the accounting policies, calculation of the profit forecast and procedures followed in preparation of profit forecast include the following:
(i)
Ascertain whether the profit forecast under review is based on forecast regularly prepared for the purpose of management or whether it has been prepared separately for a special purpose. Whether the profit forecast has a high degree of accuracy and reliability.
(ii)
11
(iii)
Whether the profit forecast under review represents managements best estimates of results which they reasonably believe can and will be achieved as . from targets which management has set as desirable. The extent to which profit forecast results for previous periods are supported by reliable interim accounts. The details of the procedures followed to generate the profit forecast and the extent to which it is built up from detailed profit forecast of activity. The extent to which profits are derived from activities having approved and consistent trend and those of . irregular, volatile and nature. How the profit forecast takes account of any material extra ordinary items and prior year adjustments, their nature, and how they are presented. Whether adequate provision is made for foreseeable losses and contingencies and how the profit forecast takes account of factors which may cause it to be subject to high degree of risk , or which may invalidate the underlying assumptions. The arithmetical accuracy of the profit forecast and the supporting information.
(ix)
(b)
Procedures which Winners and Associates Chartered Accountants will undertake to provide a report on the forecast Balance Sheet for June 2007 are as follows:
(i) (ii)
Perform analytical review comparing key ratios and including Gearing, ROCE, Current ratio based on the forecast information in December 2006. Determine the way in which the balance for intangible assets has been calculated. Assets relating to business which will be discontinued due to the restructuring exercise will be written off. Check and agree proposed additions to assets to Capital Expenditure budgets. Ensure assumptions underlying depreciation are consistent with profit forecast. Check and agree cash balance to other forecast information e.g. cash flow. Determine the level of provision made in respect of activities and assets whether they seem reasonable. Compare projected movement in loans to cash flow. Analyse movement on surplus. Ensure that movement on income surplus equal profit forecast, if not, check what other movement represent.
(c)
Briefing by the client followed by a letter of engagement detailing the initial scope of work. Communicate with other parties involved. This can include the internal auditors, audit committee or the clients accounting staff. Determine the extent of fraud. The accuracy with which this can be determined depends on the type of Fraud, the area of responsibility of the known perpetrator and the extent to which he provides information about the fraud. Interview the defrauder. This should happen at an early stage of the investigation if possible. It may be useful to ask the person to ask the defrauder to prepare a statement indicating exactly what he has done and explaining his actions. Investigate the know area with detailed audit tests. It is to conduct exhaustive checks concentrating, perhaps on the larger items first and then the smaller ones, in the area under review. When the investigator believes that all possible units under the area being investigated have been covered to a suitable extent he should report to management on his findings.
(iv)
(v)
(vi)
the circumstances which led to the investigation; the frauds which have been discovered and their extent; the identity of the defrauder; effects on the reported profits of past periods; effect on the financial statements of the current periods internal control weaknesses which recommendation for eliminating them. allowed the fraud, and
Report of any interviews with the defrauder, including any offers of restitution which may be relevant to management in deciding what action to take, if any. (d) The three types of audit planning are:
(i) (ii)
(iii)
Strategic Plant sets the framework for the work of the audit entity over a along term often over a period of five years or can be over three years or ten years. It sets the coverage of the audit entity, outlines the proposed activities for each of the period/year of the plan, the planned allocation of resources and matches the available resources to the volume of work planned. The strategic plan is normally considered as a working document.
The Annual Plan is prepared from the strategic plan frame work. The annual plan shows the resources e.g. staff, cash etc and training of each audit assignment agreed with the audit committee.
Individual Audit Plan Best audit practice demands that all audit assignment should be properly planned in order to detect material weaknesses and errors in financial and operational system. A sound accounting planning function assist in effective allocation of audit resource. The assignment plan covers determination of the audit scope
15