Assignment on Auditing

Md. Showkat Islam 4/24/23 REG:2021200387

 Ans to the question no-1

Before responding to the management of Angelic, my audit partner should consider the potential threat to
independence from Angelic Hotel Limited. Because the firm has close business and financial relationship
with Angelic, it impairs our and firm’s independence. Furthermore, as we frequently rent rooms, there
must but some credit transactions. According to the Company’s Act 1994, a person is not eligible to audit
a company if it has obligation to the company for more than 1,000 Taka. Partner of the firm should reject
the proposed auditor appointment on the ground that it creates threat to independence. Furthermore, firm
is ineligible to become auditor as per the regulation.

====THE END====
 Ans to the question no-2

Ahmed & Mushtaq took an Uber ride to transport their client working file but lost it for some time.
Although they recovered the working files but for few hours these audit documents were not within their
protection. These documents contain confidential information about the client. Leaking confidential
information would harm the client. So, when the files were not within their control, there were chances
that this confidential information has been breached. As professional Ahmed & Mushtaq should have
been more careful. Loosing audit files and creating opportunity for data breach shows lack of professional
behavior from Ahmed & Mushtaq. They should let the partner know about the incident and allow him
how to deal with the situation and inform the client about potential data breach.

====THE END====
 Ans to the question no-3

Key professional and ethical issues are as follows:

There exists a conflict between auditor's responsibility to maintain confidentiality and their statutory duty
to opine whether the financial statements give a true a fair view. Trade receivables from Q Fashion is
material. Hence the financial statements are materially misstated as trade receivables from Q Fashion
have been treated as unimpaired by GTex Limited. In this scenario issuing an unmodified audit opinion
may be misleading as the financial statements are known not to present a true and fair view of the
financial position of GTex as at 30 June 2021. Audit firm risk breaching statutory duty as per Companies
Act, 1994 and the Financial Reporting Act, 2015 in case a clean opinion is issued.
Informing management of GTex that trade receivables from Q Fashion are impaired due to financial
difficulties faced by the entity would tantamount to breach of confidentiality under the Code of Ethics.
Hence confidential information should not be disclosed outside the firm.
The audit senior of GTex and the manager of Q Fashion should immediately inform respective audit
engagement partners that confidential information about Q Fashion has been inadvertently leaked out to
the audit engagement team of GTex. This would enable the firm to take necessary steps to protect
confidential information.
Usual audit procedures recommended by ISA should be carried out for trade receivables by the audit
engagement team of GTex. Enquires and external confirmation procedures should be carried out to
corroborate audit evidence regarding trade receivables.

====THE END====
 Ans to the question no-4

Business risk: Business risk is any exposure a company or organization has to factor(s) that may lower its
profits or cause it to go bankrupt.

The sources of business risk are varied but can range from changes in consumer taste and demand, the
state of the overall economy, and government rules and regulations.

While companies may not be able to completely avoid business risk, they can take steps to mitigate its
impact, including the development of a strategic risk plan.

Control Environment: Control Environment is the set of standards, processes, and structures that provide
the basis for carrying out internal control across the organization. The board of directors and senior
management establish the tone at the top regarding the importance of internal control including expected
standards of conduct. Management reinforces expectations at the various levels of the organization. The
control environment comprises the integrity and ethical values of the organization; the parameters
enabling the board of directors to carry out its governance oversight responsibilities; the organizational
structure and assignment of authority and responsibility; the process for attracting, developing, and
retaining competent individuals; and the rigor around performance measures, incentives, and rewards to
drive accountability for performance. The resulting control environment has a pervasive impact on the
overall system of internal control.

Of all 17 principles, the Control Environment component has five (5) principles relating to it:

The organization demonstrates a commitment to integrity and ethical values.

The board of directors demonstrates independence from management and exercises oversight of the
development and performance of internal control.

Management establishes, with board oversight, structures, reporting lines, and appropriate authorities and
responsibilities in the pursuit of objectives.

The organization demonstrates a commitment to attract, develop, and retain competent individuals in
alignment with objectives.

The organization holds individuals accountable for their internal control responsibilities in the pursuit of
objectives.

====THE END====
 Ans to the question no-5

AUDIT COMMITTEE TERMS OF REFERENCE

1. MEMBERSHIP
1.1 The committee shall comprise at least three members, all of whom shall be independent nonexecutive
directors. At least one member shall have recent and relevant financial experience and the committee as a
whole shall have competence relevant to the sector in which the company operates. The chair of the board
shall not be a member of the committee.
1.2 Members of the committee shall be appointed by the board, on the recommendation of the nomination
committee in consultation with the chair of the audit committee. Appointments shall be for a period of up
to three years which may be extended for up to two additional three-year periods, provided members
continue to be independent.
1.3 Only members of the committee have the right to attend committee meetings. However, the finance
director, head of internal audit and external audit lead partner will be invited to attend meetings of the
committee on a regular basis and other individuals may be invited to attend all or part of any meeting as
and when appropriate.
1.4 The board shall appoint the committee chair. In the absence of the committee chair and/or an
appointed deputy at a committee meeting, the remaining members present shall elect one of themselves to
chair the meeting.

2. SECRETARY
2.1 The company secretary, or their nominee, shall act as the secretary of the committee and will ensure
that the committee receives information and papers in a timely manner to enable full and proper
consideration to be given to issues.

3. QUORUM
3.1. The quorum necessary for the transaction of business shall be two members.

4. FREQUENCY OF MEETINGS
4.1 The Committee shall meet at least three times a year at appropriate intervals in the operational and
reporting cycle of the Company and otherwise as required.
4.2 Outside of the formal meeting programmer, the Committee Chair will maintain a dialogue with key
individuals involved in the Company's governance, including the board chair, the chief executive, the
finance director, the external audit lead partner and the head of internal audit.

5. NOTICE OF MEETINGS
5.1 Meetings of the Committee shall be called by the Secretary of the Committee at the request of the
Committee Chair or any of its members, or at the request of the external audit lead partner or head of
internal audit if they consider it necessary.
5.2 Unless otherwise agreed, notice of each meeting confirming the venue, time and date, together with an
agenda of items to be discussed, shall be forwarded to each member of the Committee and any other
person required to attend no later than five working days before the date of the meeting. Supporting
papers shall be sent to Committee members and to other attendees, as appropriate, at the same time.

6. MINUTES OF MEETINGS
6.1 The Company Secretary shall minute the proceedings and decisions of all Committee meetings,
including recording the names of those present and in attendance.
6.2 Draft minutes of Committee meetings shall be circulated to all members of the Committee. Once
approved, minutes should be circulated to all other members of the board and the company secretary
unless, exceptionally, it would be inappropriate to do so.

7. ENGAGEMENT WITH SHAREHOLDERS

7.1 The committee chair should attend the annual general meeting to answer any shareholder questions on
the committee’s activities. In addition, the committee chair should seek engagement with shareholders on
significant matters related to the committee’s areas of responsibility.

8. DUTIES
8.1 The committee should have oversight of the group as a whole and, unless required otherwise by
regulation, carry out the duties below for the parent company, major subsidiary undertakings and the
group as a whole, as appropriate.

8.2 Financial reporting

8.2.1 The committee shall monitor the integrity of the financial statements of the company, including its
annual and half-yearly reports, preliminary announcements and any other formal statements relating to its
financial performance, and review and report to the board on significant financial reporting issues and
judgements which those statements contain having regard to matters communicated to it by the auditor.
8.2.2 In particular, the committee shall review and challenge where necessary:
(i) the application of significant accounting policies and any changes to them,
(ii) the methods used to account for significant or unusual transactions where different approaches are
possible,
(iii) whether the company has adopted appropriate accounting policies and made appropriate estimates
and judgements, taking into account the external auditor’s views on the financial statements,
(iv) the clarity and completeness of disclosures in the financial statements and the context in which
statements are made, and
(v) all material information presented with the financial statements, including the strategic report and the
corporate governance statements relating to the audit and to risk management.
8.2.3 The committee shall review any other statements requiring board approval which contain financial
information first, where to carry out a review prior to board approval would be practicable and consistent
with any prompt reporting requirements under any law or regulation including the Listing Rules,
Prospectus Rules and Disclosure Guidance and Transparency Rules sourcebook.
8.2.4 Where the committee is not satisfied with any aspect of the proposed financial reporting by the
company, it shall report its views to the board.
8.3 Narrative reporting
Where requested by the board, the committee should review the content of the annual report and accounts
and advise the board on whether, taken as a whole, it is fair, balanced and understandable and provides
the information necessary for shareholders to assess the company’s performance, business model and
strategy and whether it informs the board’s statement in the annual report on these matters that is required
under the Code.

8.4 Internal controls and risk management systems

8.4.1 The Committee shall keep under review the company’s internal financial controls systems that
identify, assess, manage and monitor financial risks, and other internal control and risk management
systems.
8.4.2 The Committee shall review and approve the statements to be included in the annual report
concerning internal control, risk management, including the assessment of principal risks and emerging
risks, and the viability statement.

8.5 Compliance, speaking-up and fraud

The committee shall:
8.5.1 Review the adequacy and security of the company’s arrangements for its employees, contractors and
external parties to raise concerns, in confidence, about possible wrongdoing in financial reporting or other
matters. The committee shall ensure that these arrangements allow proportionate and independent
investigation of such matters and appropriate follow up action.
8.5.2 Review the company’s procedures for detecting fraud.
8.5.3 Review the company’s systems and controls for the prevention of bribery and receive reports on
non-compliance.
8.5.4 Review regular reports from the Money Laundering Reporting Officer and the adequacy and
effectiveness of the company’s anti-money laundering systems and controls.
8.5.5 Review regular reports from the Compliance Officer and keep under review the adequacy and
effectiveness of the company’s compliance function.

8.6 ESG
The committee shall:
8.6.1 Review the effectiveness of risk management and internal control policies in relation to ESG
matters.
8.6.2 Oversee ESG reporting and climate change risk-related disclosures.
8.6.3 Review internal audit reports on ESG matters and assess the management response to any findings.
Monitor the role and effectiveness of the internal audit function in relation to ESG matters and monitor
the development of the capability and capacity of the internal audit function to perform its role with
regards to the assurance of ESG matters.
8.6.4 Review regularly the requirement for independent assurance of ESG matters, and as may be deemed
necessary, appoint independent third parties to carry out assurance of the effectiveness of ESG-related
policies, processes and initiatives and the accuracy of the reporting of ESG matters.
8.7 Internal audit
The committee shall:
8.7.1 Approve the appointment or termination of appointment of the head of internal audit.
8.7.2 Review and approve the role and mandate of internal audit, monitor and review the effectiveness of
its work, and annually approve the internal audit charter ensuring it is appropriate for the current needs of
the organization.
8.7.3 Review and approve the annual internal audit plan to ensure it is aligned to the key risks of the
business, and receive regular reports on work carried out.
8.7.4 Ensure internal audit has unrestricted scope, the necessary resources and access to information to
enable it to fulfil its mandate, ensure there is open communication between different functions and that
the internal audit function evaluates the effectiveness of these functions as part of its internal audit plan,
and ensure that the internal audit function is equipped to perform in accordance with appropriate
professional standards for internal auditors.
8.7.5 Ensure the internal auditor has direct access to the board chair and to the committee chair, providing
independence from the executive and accountability to the committee.
8.7.6 Carry out an annual assessment of the effectiveness of the internal audit function and as part of this
assessment.
8.7.7 Meet with the head of internal audit without the presence of management to discuss the
effectiveness of the function.
8.7.8 Review and assess the annual internal audit work plan.
8.7.9 Receive a report on the results of the internal auditor’s work.
8.7.10 Determine whether it is satisfied that the quality, experience and expertise of internal audit is
appropriate for the business.
8.7.11 Review the actions taken by management to implement the recommendations of internal audit and
to support the effective working of the internal audit function.
8.7.12 Monitor and assess the role and effectiveness of the internal audit function in the overall context of
the company’s risk management system and the work of compliance, finance and the external auditor.
8.7.13 Consider whether an independent, third party review of processes is appropriate.

8.8 External audit

The committee shall:
8.8.1 Consider and make recommendations to the board, to be put to shareholders for approval at the
AGM, in relation to the appointment, re-appointment and removal of the company’s external auditor.
8.8.2 Develop and oversee the selection procedure for the appointment of the audit firm in accordance
with applicable Code and regulatory requirements, ensuring that all tendering firms have access to all
necessary information and individuals during the tendering process.
8.8.3 If an external auditor resigns, investigate the issues leading to this and decide whether any action is
required.
8.8.4 Oversee the relationship with the external auditor. In this context the committee shall:
(i) approve their remuneration, including both fees for audit and non- audit services, and ensure that the
level of fees is appropriate to enable an effective and high-quality audit to be conducted, and
(ii) approve their terms of engagement, including any engagement letter issued at the start of each audit
and the scope of the audit.
8.8.5 Assess annually the external auditor’s independence and objectivity taking into account relevant
law, regulation, the Ethical Standard and other professional requirements and the group’s relationship
with the auditor as a whole, including any threats to the auditor’s independence and the safeguards
applied to mitigate those threats including the provision of any non-audit services.
8.8.6 Satisfy itself that there are no relationships between the auditor and the company (other than in the
ordinary course of business) which could adversely affect the auditor’s independence and objectivity.
8.8.7 Agree with the board a policy on the employment of former employees of the company’s auditor,
taking into account the Ethical Standard and legal requirements, and monitor the application of this
policy.
8.8.8 Monitor the auditor’s processes for maintaining independence, its compliance with relevant law,
regulation, other professional requirements and the Ethical Standard, including the guidance on the
rotation of audit partner and staff.
8.8.9 Monitor the level of fees paid by the company to the external auditor compared to the overall fee
income of the firm, office and partner and assess these in the context of relevant legal, professional and
regulatory requirements, guidance and the Ethical Standard.
8.8.10 Assess annually the qualifications, expertise and resources, and independence of the external
auditor and the effectiveness of the external audit process, which shall include a report from the external
auditor on their own internal quality procedures.
8.8.11 Seek to ensure coordination of the external audit with the activities of the internal audit function.
8.8.12 Evaluate the risks to the quality and effectiveness of the financial reporting process in the light of
the external auditor’s communications with the committee.
8.8.13 Develop and recommend to the board the company’s formal policy on the provision of non-audit
services by the auditor, including prior approval of non-audit services by the committee and specifying
the types of non-audit service to be preapproved, and assessment of whether non-audit services have a
direct or material effect on the audited financial statements. The policy should include consideration of
the following matters:
(i) threats to the independence and objectivity of the external auditor and any safeguards in place,
(ii) the nature of the non-audit services,
(iii) whether the external audit firm is the most suitable supplier of the nonaudit service,
(iv) the fees for the non-audit services, both individually and in aggregate, relative to the audit fee, and
(v) the criteria governing compensation.
8.8.14 Meet regularly with the external auditor (including once at the planning stage before the audit and
once after the audit at the reporting stage) and, at least once a year, meet with the external auditor without
management being present, to discuss the auditor’s remit and any issues arising from the audit.
8.8.15 Discuss with the external auditor the factors that could affect audit quality and review and approve
the annual audit plan, ensuring it is consistent with the scope of the audit engagement, having regard to
the seniority, expertise and experience of the audit team.
8.8.16 Review the findings of the audit with the external auditor. This shall include but not be limited to,
the following:
(i) a discussion of any major issues which arose during the audit,
(ii) the auditor’s explanation of how the risks to audit quality were addressed,
(iii) key accounting and audit judgements
(iv) the auditor’s view of their interactions with senior management, and (v) levels of errors identified
during the audit.
8.8.17 Review any representation letter(s) requested by the external auditor before it is (they are) signed
by management.
8.8.18 Review the management letter and management’s response to the auditor’s findings and
recommendations.
8.8.19 Review the effectiveness of the audit process, including an assessment of the quality of the audit,
the handling of key judgements by the auditor, and the auditor’s response to questions from the
committee.

9. REPORTING RESPONSIBILITIES
9.1 The committee chair shall report formally to the board on its proceedings after each meeting on all
matters within its duties and responsibilities and shall also formally report to the board on how it has
discharged its responsibilities. This report shall include:
9.1.1 the significant issues that it considered in relation to the financial statements (required under
paragraph 8.2.1) and how these were addressed,
9.1.2 its assessment of the effectiveness of the external audit process (required under paragraph 8.8.10),
the approach taken to the appointment or reappointment of the external auditor, length of tenure of audit
firm, when a tender was last conducted and advance notice of any retendering plans, and
9.1.3 any other issues on which the board has requested the committee’s opinion.
9.2 The committee shall make whatever recommendations to the board it deems appropriate on any area
within its remit where action or improvement is needed.
9.3 The committee shall compile a report on its activities to be included in the company’s annual report.
The report should describe the work of the audit committee, including:
9.3.1 the significant issues that the committee considered in relation to the financial statements and how
these issues were addressed,
9.3.2 an explanation of how the committee has assessed the independence and effectiveness of the
external audit process and the approach taken to the appointment or reappointment of the external auditor,
information on the length of tenure of the current audit firm, when a tender was last conducted and
advance notice of any retendering plans, and
9.3.3 an explanation of how auditor independence and objectivity are safeguarded if the external auditor
provides non-audit services, having regard to matters communicated to it by the auditor and all other
information requirements set out in the Code.
9.4 In compiling the reports referred to in 9.1 and 9.3, the committee should exercise judgement in
deciding which of the issues it considers in relation to the financial statements are significant, but should
include at least those matters that have informed the board’s assessment of whether the company is a
going concern and the inputs to the board’s viability statement. The report to shareholders need not repeat
information disclosed elsewhere in the annual report and accounts but could provide cross-references to
that information.

10. OTHER MATTERS

The committee shall:
10.1 Have access to sufficient resources in order to carry out its duties, including access to the company
secretariat for advice and assistance as required.
10.2 Be provided with appropriate and timely training, both in the form of an induction programmer for
new members and on an ongoing basis for all members.
10.3 Give due consideration to all relevant laws and regulations, the provisions of the Code and published
guidance, the requirements of the FCA’s Listing Rules, Prospectus Rules and Disclosure Guidance and
Transparency Rules sourcebook and any other applicable rules, as appropriate.
10.4 Be responsible for oversight of the coordination of the internal and external auditors.
10.5 Oversee any investigation of activities which are within its terms of reference.
10.6 Work and liaise as necessary with all other board committees ensuring interaction between
committees and with the board is reviewed regularly, taking particular account of the impact of risk
management and internal controls being delegated to different committees.
10.7 Ensure that a periodic evaluation of the committee’s performance is carried out.
10.8 At least annually, review its constitution and terms of reference to ensure it is operating at maximum
effectiveness and recommend any changes it considers necessary to the board for approval.

11. AUTHORITY
The committee is authorized to:
11.1 Seek any information it requires from any employee of the company in order to perform its duties.
11.2 Obtain, at the company’s expense, independent legal, accounting or other professional advice on any
matter if it believes it necessary to do so.
11.3 Call any employee to be questioned at a meeting of the committee as and when required.
11.4 Have the right to publish in the company’s annual report, details of any issues that cannot be
resolved between the committee and the board. If the board has not accepted the committee’s
recommendation on the external auditor appointment, reappointment or removal, the annual report should
include a statement explaining the committee’s recommendation and the reasons why the board has taken
a different position.

====THE END====
 Ans to the question no -6

ISA 450 also requires that ‘The auditor shall communicate on a timely basis all misstatements
accumulated during the audit with the appropriate level of management, unless prohibited by law or
regulation. The auditor shall request management to correct those misstatements.’

Simply put, this means that the auditor keeps a note of all misstatements (other than those which are
clearly trivial), raises them with management and asks for the misstatements to be corrected in the
financial statements. It is useful, when evaluating misstatements and in making requests to management
for misstatements to be corrected, to consider and apply the framework as laid out in ISA 450, which
categorizes misstatements as follows:

• Factual misstatements are misstatements about which there is no doubt. An example would be a
clear breach of an IFRS requirement meaning that the financial statements are incorrect, for
instance if a necessary disclosure is missing – for example, non-disclosure of EPS for a listed
company.

• Judgmental misstatements are differences arising from the judgments of management

concerning accounting estimates that the auditor considers unreasonable, or the selection or
application of accounting policies that the auditor considers inappropriate. There are of course
many examples of using judgement in financial reporting, for instance, when determining the fair
value of non-current assets, the level of disclosure necessary in relation to a contingent liability,
or the recoverability of receivables.

• Projected misstatements are the auditor’s best estimate of misstatements in populations,

involving the projection of misstatements identified in audit samples to the entire populations
from which the samples were drawn.

For the auditor it is important to distinguish between these types of misstatements in order to properly
discuss them with management, and ask for the necessary corrections, where relevant, to be made. For
example, with a factual misstatement, there is little room for negotiation with management, as the item
has simply been treated incorrectly in the financial statements. With judgmental misstatement there is
likely to be more discussion with management. The auditor will need to present their conclusion based on
robust audit evidence, in order to explain the misstatement which has been uncovered, and justify a
recommended correction of the misstatement.

With projected misstatements, because these are based on extrapolations of audit evidence, it is normally
not appropriate for management to be asked to correct the misstatement. Instead, a projected misstatement
should be evaluated to consider whether further audit testing is appropriate.
Evaluating the Effect of Uncorrected Misstatements

The auditor is required to determine whether uncorrected misstatements are material, individually or in
aggregate. At this point the auditor should also reassess materiality to confirm whether it remains
appropriate in the context of the entity’s actual financial results. This is to ensure that the materiality is
based on up-to-date financial information, bearing in mind that when materiality is initially determined at
the planning stage of the audit, it is based on projected or draft financial statements. By the time the
auditor is evaluating uncorrected misstatements at the completion stage of the audit, there may have been
many changes made to the financial statements, so ensuring the materiality level remains appropriate is
very important.

Some misstatements may be evaluated as material, individually or when considered together with other
misstatements accumulated during the audit, even if they are lower than materiality for the financial
statements as a whole. Examples include, but are not restricted to the following:

• Misstatements which affect compliance with regulatory requirements

• Misstatements which impact on debt covenants or other financing or contractual arrangements

• Misstatements which obscure a change in earnings or other trends

• Misstatements which affect ratios used to evaluate the entity’s financial position, results of
operations or cash flows

• Misstatements which increase management compensation

• Misstatements which relate to misapplication of an accounting policy where the impact is

immaterial in the context of the current period financial statements, but may become material in
future periods

====THE END====
 Ans to the question no-7

A management representation letter is a form letter written by a company's external auditors, which
is signed by senior company management. The letter attests to the accuracy of the financial
statements that the company has submitted to the auditors for their analysis. The CEO and the most
senior accounting person (such as the CFO) are usually required to sign the letter. The letter is
signed following the completion of audit fieldwork, and before the financial statements are issued
along with the auditor's opinion.

In essence, the letter states that all of the information submitted is accurate, and that all material
information has been disclosed to the auditors. The auditors use this letter as part of their audit
evidence. The letter also shifts some blame to management, if it turns out that some elements of the
audited financial statements do not fairly represent the financial results, financial position, or cash
flows of the business. For this reason, the statements that the auditor includes in the letter are quite
broad ranging, encompassing every possible area in which management's failings could lead to the
issuance of inaccurate or misleading financial statements.

An auditor typically will not issue an opinion on a company's financial statements without first
receiving a signed management representation letter.

The Public Company Accounting Oversight Board provides considerable detail regarding the
content of a management representation letter in its AU Section 333.

Contents of a Management Representation Letter

Following is a sample of the representations that may be included in the management representation
letter:

• Management is responsible for the proper presentation of the financial statements in

accordance with the applicable accounting framework
• All financial records have been made available to the auditors
• All board of directors minutes are complete
• Management has made available all letters from regulatory agencies regarding financial
reporting noncompliance
• There are no unrecorded transactions
• The net effect of all uncorrected misstatements is immaterial
• The management team acknowledges its responsibility for the system of financial controls
• All related party transactions have been disclosed
 • All contingent liabilities have been disclosed
• All unasserted claims or assessments have been disclosed
• The company has disclosed all liens and other encumbrances on its assets
• All material transactions have been properly recorded
• Management is responsible for systems designed to detect and prevent fraud
• Management has no knowledge of fraud within the company
• The financial statements conform to the applicable accounting framework

Auditors typically do not allow management to make any changes to the content of this letter before
signing it, since this would effectively reduce the liability of management.

In case management is reluctant to provide representation/internal confirmations:

ISA 580 states that when management refuses to provide necessary representations, the auditor
should qualify or disclaim his or her opinion. The refusal to provide written representations implies
management's unwillingness to accept responsibility and accountability for the financial statements.

====THE END====