ACCA

AUDIT AND ASSURANCE

BISC TRAINING CENTER

Mr. Giang Ha ACCA

www.bisc.edu.vn

085 8822 168

training@bisc.edu.vn

Audit and Assurance

REVISION

1
 MAIN CAPABILITIES

Audit framework and regulation (A)

Planning and risk assessment (B)

Employablility
and
Technology
Internal Control (C) Audit Evidence (D) skills (F)

Review and reporting (E)

EXAMINATION CONCEPT
COMPUTER-BASED EXAMS

Time: 3 hours + 10 mins extra to read the exam instructions.

Section A
Section A of the exam comprises three 10 mark case-based questions.
Each case has five objective test questions worth 2 marks each.

Section B
Section B of the exam comprises one 30 mark question and two 20 mark
questions.
Section B of the exam will predominantly examine one or more aspects of
audit and
assurance from planning and risk assessment, internal control or audit
evidence, although topics from other syllabus areas may also be included.

Total 100 marks

2
 EXAMINATION CONCEPT
INTELLECTUAL LEVEL
1 Define Give the meaning of
1 Explain Make clear
1 Describe Give the key features
Define two different terms, viewpoints or concepts on the basis of the differences
1 Distinguish
between them
Compare and Explain the similarities and differences between two different terms, viewpoints or
2
contrast concepts
2 Contrast Explain the differences between two different terms, viewpoints or concepts
2 Analyse Give reasons for the current situation or what has happened
2 Assess Determine the strengths/weaknesses/importance/ significance/ability to contribute
3 Examine Critically review in detail
3 Discuss Examine by using arguments for and against
3 Explore Examine or discuss in a wide-ranging manner
Present the weaknesses of/problems with the actions taken or viewpoint expressed,
3 Criticize
supported by evidence
Evaluate/critically Determine the value of in the light of the arguments for and against (critically evaluate
3
evaluate means weighting the answer towards criticisms/arguments against)
3 Construct the case Present the arguments in favour or against, supported by evidence
5
3 Recommend Advise the appropriate actions to pursue in terms the recipient will understand

AUDIT AND ASSURANCE

AUDIT ASSURANCE

PROCESS PRODUCT

The objective of an audit of financial statements is to enable the

auditor to express an opinion whether the financial statements are
prepared, in all material respects, in accordance with an identified
financial reporting framework”
<ISA 200 Overall Objectives of the Independent Auditor and the Conduct of an
Audit in Accordance with International Standards on Auditing>

3
 AUDIT AND ASSURANCE

AUDIT REPORT AUDITOR Communicate SHAREHOLDERS

Give opinion on the Truth and Fairness of FS.

True and fair: does True:

NOT mean  Information is factual and conforms with reality, not
absolutely correct. false.
 Information conforms with required standards and law
 The accounts have been correctly extracted from the
books and records.
Fair:
 Information is free from discrimination and bias
 Compliance with expected standards and rules
 The accounts should reflect the commercial substance of
the Company’s underlying transactions
7

AUDIT REPORT

Types of Audit Report

Unmodified Audit Report Modified Audit Report

Unqualified Qualified
opinion with audit
Adverse Disclaimer
Emphasis opinion
matter Except for …

4
 KEY CONCEPTS

 Has to be a member of a Recognized Supervisory Board (RSB)

WHO can be an
auditor?  Allowed by the rules to be an auditor
 Or someone authorized by the state

Who can  The members (shareholders) of the company

 Directors can appoint the first auditor and fill a ‘casual vacancy’,
APPOINT but needs members’ approval at next Annual General Meeting
auditors? (AGM).

PROCEDURES SHOULD BE CARRIED OUT WHEN BEING APPOINTED OR REMOVE?

KEY CONCEPTS

Client Screening to screen out potentially risky audit clients.

Legal requirements

Based on Ethical considerations

Commercial considerations

LOW RISK HIGH RISK

Good long term prospects Poor recent or forecast performance
Well - financed Likely lack of finance
Strong internal control Significant control deficiencies
Conservative, prudent accounting policies Evidence of questionable integrity, doubtful accounting policies
Competent, honest management Lack of finance director
Few unusual transaction Significant related party or unexplained transaction
10

10

5
 KEY CONCEPTS
Code of Ethics THREAT AND SAFEGUARDS

THREATS SAFEGUARDS
<Possibilities may cause
<To Prevent>
violation on code of ethics>

Self Interest Self Review

Threats to
Objectivity
Intimidation Familiarity

Advocacy 11

11

KEY CONCEPTS

THREATS SAFEGUARDS
<Possibilities may cause
<To Prevent>
violation on code of ethics>

The ACCA Code of Ethics divides safeguards into two

broad categories:
 Safeguards created by the profession, legislation or
 Self interest regulation, these include: requirements for entry
 Self review into the profession, continuing professional
development, corporate governance, professional
 Advocacy
standards, monitoring and disciplinary procedures,
 Familiarity etc.
 Intimidation
 Safeguards created by the work environment, these
include: rotation/removal of relevant staff from the
engagement team, independent quality control
reviews, using separate teams, etc.

12

12

6
 Family and Other Personal relationships

Suggest a safeguard appropriate to each of the following situations:

1. A trainee’s uncle is a director of an assurance client
2. A Trainee’s girlfriends is the credit controller of an audit client.
3. An audit senior’s girlfriend is the credit controller of an audit client
4. A partner’s sister is a director of a company.

13

13

Undue Dependence

Comment and conclude on the following FOUR situations

1. Peter, a recently qualified member of ACCA, has decided to go into
practice as a sole practitioner. He already has a small private portfolio off
$450,000 gross fee income nut has now been approached by his cousin to
take over the audit of her company. The company’s last audit fee was
$250,000 and this will be by far Peter’s largest audit in his client portfolio.

 Comment:

 Conclusion

14

14

7
 ACCEPTING NEW AUDIT ENGAGEMENTS

Auditors must
ensure that
there are no
independence or
other ethical
problems

15

ACCEPTING NEW AUDIT ENGAGEMENTS

Ensure that the outgoing auditors' removal or resignation has

been properly conducted in accordance with national legislation.

Procedures
after accepting Ensure that the new auditors' appointment is valid.
nomination

Set up and submit a letter of engagement to the directors of the

company

16

8
 INTERNAL AUDIT

A function of an entity that performs assurance and consulting

Internal Audit
activities designed to evaluate and improve the effectiveness of the
Function entity's governance, risk management and internal control processes

Organization chart?

BOD

Audit commitee Internal Audit

17

INTERNAL AUDIT
Operational
Audit

Value for Money

Financial audit
<3Es>

INTERNAL AUDIT
ASSIGNMENT?

Project audit Best value

Audit of IT

18

9
 INTERNAL AUDIT

Internal audit External audit

Determined by management, Financial focus as determined

Scope
both operational and financial by legislation

Increasingly risk based; assess Increasingly risk based. Testing

Approach to risk. Evaluate and test systems underlying records and
work and recommend improvements to transactions that form the
management basis of financial statements

To advise management on To report to shareholders on

Responsibility internal control and corporate the truth and fairness of
governance financial statements

19

INTERNAL AUDIT

EXTERNAL AUDIT Using the work of internal audit

External auditors also use the work done by internal auditors. The extent
to which auditors can leverage output of internal auditors depending on
criteria that the internal auditor is being accessed:
 Qualified
 Experienced
 Independent, and
 Professional.
The work done by internal auditors, which is being used by external auditors
should be clearly examined in terms of:
 Nature, scopes and objectives of the internal audit work,
 Nature, scopes and timing of communications,
 Consistency with evidence,
 Use and accuracy of source data.

20

10
 AUDIT PROCESS & STANDARDS

Planning

Conducting

Reporting

21

PLANNING THE AUDIT

 assessing risk
 developing the audit strategy
 selecting the audit team
 assessing materiality
 selecting appropriate audit procedures.

22

11
 ASSESSING RISK
It’s all about risk

It is the assessment of risk which determines:

 the audit strategy
 who should be on the audit team
 the potential impact of fraud
 the nature of the procedures to be carried out
 how much evidence needs to be gathered

23

23

ASSESSING RISK
How do you assess risk?

There are two sources of information from which it is possible to assess risk:
 Knowledge of the business (KOB) which we will consider later in this
chapter.
 Analytical procedures which we will consider in the chapter on evidence.

24

24

12
 ASSESSING RISK
Risk and materiality

It follows that there is a relationship between risk and materiality in that:

 the greater the risk of material misstatement
 the lower the level of materiality.

Common measures are:

 1⁄2 – 1% of turnover
 5 – 10% of results
 1–2% of assets
 judgment of the auditor.
 Flexible

25

25

ASSESSING RISK
Tolerable Error

 The maximum error in a population that the auditor is willing to accept.

 This means that in the case of tests of control, the auditors will accept a
certain number of instances of a failure to apply a control procedure
and will still conclude that the procedure is operating properly.
 Tolerable error is considered during the planning stage, and for
substantive procedures, is related to the auditor's judgement about
materiality.

26

26

13
 AUDIT RISK
Audit risk is further defined by way of a formula

AUDIT RISK

ENTITY RISK DETECTION RISK

INHERENT RISK CONTROL RISK

27

27

AUDIT RISK

Constant Depend on
Audit Team
(Acceptable level) the entity

HOW TO RESPONSE?
28

28

14
 AUDIT RISK

Must be acceptable
If HIGH LOW level

 Increase sample size

AUDIT  Involve more experienced staff
RESPONSE  Design additional audit procedures
 Collect more reliable audit evidences
29

29

ASSESSING THE RISK

IAS 330: RESPONDING TO RISK ASSESSMENT

Responses to risk assessments
 Emphasizing to audit staff the need to maintain professional skepticism
 Using experts
 Providing more supervision on the audit
 Incorporating more unpredictability in the audit procedure
 Assigning additional or more experienced staff to the audit team

Substantive approach Combined approach

(Focusing on Substantive (Test of Control & Substantive
procedures) procedures)

Detail

30

30

15
 THE AUDIT STRATEGY

The audit strategy sets the overall approach of the audit and
covers:
 the scope
 the timing
 the direction of the audit.

31

31

THE AUDIT STRATEGY

SCOPE

What is the financial reporting framework for the financial

statements? International Accounting standards?

Are there industry specific or other special reporting requirements?

 National GAAP?
 Listed companies.
 Charities.
 Other regulated businesses such as banks and insurance companies.
Are there other factors which influence the overall approach to the
audit?
 Multiple locations
 Group audits

32

32

16
 THE AUDIT STRATEGY
TIMING

Deadline for:
Final reporting

Any interim report

Report to management

Reports to those charged with governance

The timing of:

Interim audit
Final audit visits to enable these deadlines to be met.

33

33

THE AUDIT STRATEGY

INTERIM FINAL AUDITS

The interim audit will normally The final audit can then focus on:
focus on:  balance sheet areas
 documenting systems  finalization of the financial
 evaluating controls statements and the audit
 some tests of details – usually report.
tests of income and
expenditure and, perhaps,
purchases and disposals of
fixed assets.

34

34

17
 THE AUDIT STRATEGY
DIRECTION

The ‘direction’ of the audit covers the overall approach and concerns such
issues as:
 preliminary assessment of materiality
 preliminary identification of high risk areas
 preliminary identification of material components and account balances.

Examples:
• Component – A division, branch, subsidiary, joint venture, associated
company or other entity whose financial information is included in financial
statements audited by the principal auditor.
• Decisions about whether assurance is expected to be derived from reliance
on controls or a fully substantive approach.
• The need for site visits and other logistical issues.
• The impact of recent developments at the client, in its industry, in regulatory
or financial reporting requirements.
35

35

THE AUDIT STRATEGY

Possible different strategies could be:

 Final audit only.

 Interim and final.
 Reliance on controls with reduced reliance on substantive procedures.
 Reliance on substantive procedures rather than on internal controls.
 Heavy reliance on analytical procedures rather than tests of details

36

36

18
 PRACTICE – AUDIT RISK - GUIDELINE
Should NOT: give answer from business perspective INSTEAD OF audit perspective
Audit risk  risk  FS materially misstated.
Identify risk, refer to account balance/ disclosures (FS level: PPE, Inventory…) and possible
misstatement (assertion level: completeness, existence/ occurrence…) (based on IAS + assertions +
What could go wrong? + Audit formular: Audit risk = Inherent risk x control risk x detection risk 
affect the possibility of misstatement incur)
Auditor’s response: describe auditor’s approach to assess whether balance/ transactions were
materially misstated  3 key responses (~ audit procedures: 8 methods + context -> documents?
Inquiry whom? Discuss about what? + 2 General Procedures i.e. ARP/ Casting, reconciling GL & sub-
ledger + Increased Sample size/ more experienced audit staff) + Describe the adjustment need to be
done
Step1: Nature? (BS or PL; BS: asset or liabilities?; PL: income or expense?)
Step 2: Risk gắn với assertion? Assertion nào cần focus (dựa vào nature để suy ra)
Step 3: Design audit procedures (các phương pháp thu thập bằng chứng + tên bằng chứng phù hợp)
37

37

PRACTICE – AUDIT RISK - GUIDELINE

Identify and explain the related risks (2 marks)

During the year the company has spent $2.2 million on developing several new
products. Some of these are in the early stages of development whilst others are
nearing completion. The finance director has confirmed that all projects are likely to
be successful and so he is intending to capitalise the full $2.2 million.

38

38

19
 PRACTICE – AUDIT RISK - GUIDELINE

Identify and explain 2 associated risks with the scenario (4 marks)

In order to fund the development of new products, Abrahams Co has restructured
its finance and raised $1 million through issuing shares at a premium and $2.5
million through a long-term loan. There are bank covenants attached to the loan,
the main one relating to a minimum level of total assets. If these covenants are
breached then the loan becomes immediately repayable. The company has a policy
of revaluing land and buildings, and the finance director has announced that all land
and buildings will be revalued as at the year end.

39

39

AUDIT PROCEDURES

8 METHODS CONTEXT
Inquiry Bank & Cash
Observation
Inventory
Confirmation

Inspection of Documents PPE

Inspection of tangible assets Sales & AR

Recalculation
Purchase & AP
Reperformance

Analytical Procedures Payroll

40

40

20
 PRACTICE – AUDIT RISK - GUIDELINE

Pineapple Beach Hotel Co (Pineapple) operates a hotel providing accommodation,

leisure facilities and restaurants. Its year end was 30 April 2012. You are the audit
senior of Berry & Co and are currently preparing the audit programmes for the year
end audit of Pineapple. You are reviewing the notes of last week’s meeting between
the audit manager and finance director where two material issues were discussed.
Depreciation
Pineapple incurred significant capital expenditure during the year on updating the
leisure facilities for the hotel. The finance director has proposed that the new leisure
equipment should be depreciated over 10 years using the straight-line method.
Required:
Describe substantive procedures to obtain sufficient and appropriate audit
evidence in relation to the above two issues. (4 marks)

41

41

PRACTICE – AUDIT RISK - GUIDELINE

Inventory valuation
Your firm attended the year-end inventory count for Elounda Co and ascertained
that the process for recording work in progress (WIP) and finished goods was
acceptable.
Both WIP and finished goods are material to the financial statements and
the quantity and stage of completion of all ongoing production was recorded
accurately
during the count.
During the inventory count, the count supervisor noted that a consignment
of finished goods, compound E243, with a value of $720,000, was defective in that
the chemical mix was incorrect. The finance director believes that compound E243
can still be sold at a discounted sum of $400,000.
Describe substantive procedures you should perform to obtain
sufficient, appropriate audit evidence in relation to the above three matters.
(6 marks)

42

42

21
 PRACTICE – AUDIT RISK - GUIDELINE

Inventory count
Andromeda’s raw materials and finished goods inventory are stored in
12 warehouses across the country. Each of these warehouses is expected to
contain material levels of inventory at the year-end. It is expected that there will be
no significant work in progress held at any of the sites. Each count will be
supervised by a member of Andromeda’s internal audit department and the counts
will all take place on 31 December, when all movements of goods in and out of the
warehouses will cease.
Require:
Describe audit procedures you would perform during the audit of Andromeda
Industries Co BEFORE and DURING the inventory counts (8 marks)

43

43

INTERNAL CONTROL SYSTEM

5 Components of an Internal
control system

Control Risk assessment

Information system
environment process

Control activities Monitoring

44

44

22
 INTERNAL CONTROL SYSTEM
Control Activities

Control activities are those policies and procedures that help ensure
that management directives are carried out.

ISA 315 refers to five types of control activity:

 Authorization;
 Performance reviews;
 Information processing;
 Physical controls;
 Segregation of duties.
 IT Controls (ITGC)

45

45

INTERNAL CONTROL SYSTEM

Exam questions 1. Identify & Explain Control Deficiencies/ Strength

guideline 2. Recommendation

Similar to write Management Letter

 Sales & AR HOW TO ANSWERS

 Purchase & AP
 Inventory 1. Findings:…………………………………………
2. Impact: …………………………………………...
 Cash & Bank
3. Recommendations: …………………………
 Payroll

46

46

23
 INTERNAL CONTROL SYSTEM

Exam questions 1. Identify & Explain Control Deficiencies/ Strength

guideline 2. Recommendation

Checklist (Xem có hoạt động kiểm soát gì?)

Performance Review? (Có nghiệp vụ rà soát/ so sánh số liệu thông tin hay ko?)
Information processing? (có nghiệp vụ check tính toán đúng sai hay không, valid thông tin đầu vào đầu ra không?)
Physical Controls? (security, restriced access) (có bảo vệ? camera, vân tay, nhận diện…)
Segregation of duties? (maker vs checker vs recorder vs custody)
Authorizations? (có người phê duyệt không, có phân quyền riêng biệt hay không, ai được duyệt đến bao nhiêu, phạm vi
duyệt là gì…)
IT (General/ Application control) (Quản lý thay đổi, quản lý đăng nhạp hệ thống, tính toán số liệu, input – process –
output…)
Đặt thêm câu hỏi, thiếu component gì hoặc component nào có vấn đề không? (control environment, control activities,
risk assessment, information system, monitoring?)
Kết hợp với mục tiêu kiểm soát để nhận diện điểm mạnh điểm yếu:
Đúng (Valid/Accurate): đúng giá trị, đúng tài khoản
Đủ (Completeness): đánh số liên tục….
Authorization: được phê duyệt (đảm bảo đúng đối tượng, chính sách…)
Mục tiêu operation khác: đảm bảo hiệu quả, tiết giảm chi phí..
Test of Control Procedures: Inspect docmuents/ Inquiry/ Observation/ Recalculate/ Reperformance
Recommendation: dựa vào deficiencies để thiết kế tương ứng (dựa trên checklist nêu trên) 47

47

PRACTICE – INTERNAL CONTROL

Cherry Blossom Co (Cherry) manufactures custom made furniture and its year end is 30 April. The company
purchases its raw materials from a wide range of suppliers. Below is a description of Cherry’s purchasing
system.
When production supervisors require raw materials, they complete a requisition form and this is submitted to
the purchase ordering department. Requisition forms do not require authorisation and no reference is made to
the current inventory levels of the materials being requested. Staff in the purchase ordering department use the
requisitions to raise sequentially numbered purchase orders based on the approved suppliers list, which was last
updated 24 months ago. The purchasing director authorizes the orders prior to these being sent to the suppliers.
When the goods are received, the warehouse department verifies the quantity to the suppliers despatch note
and checks that the quality of the goods received are satisfactory. They complete a sequentially numbered
goods received note (GRN) and send a copy of the GRN to the finance department.
Purchase invoices are sent directly to the purchase ledger clerk, who stores them in a manual file until the end
of each week. He then inputs them into the purchase ledger using batch controls and gives each invoice a
unique number based on the supplier code. The invoices are reviewed and authorised for payment by the
finance director, but the actual payment is only made 60 days after the invoice is input into the system.
Required: In respect of the purchasing system of Cherry Blossom Co:
(i) Identify and explain FIVE deficiencies; and
(ii) Recommend a control to address each of these deficiencies. 48

48

24
 FINAL REVIEW-SUBSEQUENT EVENT

Accounting IAS 10 – Events after Reporting date

Auditing ISA 560 – Subsequent Events

Audit field work

Balance F/S authorized Auditor’s report F/S issued

sheet date for issue issued

Consider all material events Ask for Amended F/S Ask for New F/S & A.R
Ask for Amended F/S If not Modify A.R (+ EoM para)
If not Modify A.R
(if not released) If not Resign/legal
Resign/legal advice advice
(if released)

49

49

SUBSEQUENT EVENT
Subsequent event audit procedures

 Enquiring into management procedures/systems for the identification of

subsequent events.
 Reading minutes of members’ and directors’ meetings and of audit and executive
committee meetings.
 Reviewing accounting records including budgets, forecasts and interim
information.
 Making enquiries of directors to ask if they are aware of any subsequent events,
adjusting or non-adjusting, that have not yet been included or disclosed in the
financial statements.
 ‘Normal’ post balance sheet work performed in order to verify yearend balances:
 checking after date receipts from receivables
 verifying the value of accrued expenses by checking invoices when received
 checking inventory valuations are at lower cost and net realisable value by
testing to eventual selling prices.
 Obtaining, from management, a letter of representation.

50

50

25
 GOING CONCERN
Recall Accounting Knowledge
<Going Concern Assumption>

Going concern assumption: an entity is ordinarily viewed as continuing in business

for the foreseeable future with neither the intention nor the necessity of
liquidation, ceasing trading or seeking protection from its creditors.
 Prepare the financial statements on the going concern basis if business is
expected to continue for the foreseeable future.
 Otherwise use the break-up basis.
 Audit questions may test going concern at any stage of the audit.

Going Concern Break-up

51

51

GOING CONCERN
Risk of going concern

In a company where profits are high, cash flows are positive, finance is in place,
and there is no obvious exposure to large losses, going concern procedures are
likely to be minimal.

Where any doubts regarding going concern exist, procedures are more
extensive

When companies go out of business, it is more likely to be due to a lack of cash

than a lack of profits. However, in the long term, profits are of course essential
for survival.

The auditor should remain alert for evidence of events or conditions which may
cast significant doubt on the entity’s ability to continue as a going concern, both
in the planning stage and throughout the audit.

52

52

26
 GOING CONCERN
Risk of going concern

Financial
 Net liabilities
 Fixed term borrowing approaching maturity without realistic prospect of
renewal/repayment
 Negative operating cash flows
 Adverse financial ratios
 Substantial operation losses
 Inability to pay creditors
 Inability to finance new products
Operating
 Loss of key management/ markets/ franchise
 Labor difficulties supply shortage
Other
 Major legal proceedings/non-compliance

53

53

GOING CONCERN
Evaluation

Process used by directors

Assumptions used

Plans for future action

54

54

27
 GOING CONCERN
Audit Procedures

Review management’s plans for future actions based on its going concern basis

Seek written representation from management regarding its plans for future
action
Obtain information from company bankers regarding continuance of loan
facilities
Review receivables ageing analysis to determine whether there is an increase in
days – which may also indicate cash flow problems. Review future orders
coming in
Look at cash flow forecasts for the twelve months to identify if they have
enough cash to trade
Review long term contracts for loss of business when the contracts come up for
tender

55

55

GOING CONCERN
Audit Procedures

Look at articles on and negative press, which would have an impact on the
goodwill of the company and therefore potentially create a going concern issue.
Review legislation that the company has to comply with and ensure they are
complying

Discuss with the lawyers the possible outcome and expected costs

56

56

28
 GOING CONCERN
Audit Procedures

Reporting questions Affect Audit Opinion

What have directors done? What do auditors think? Audit opinion

Used going concern basis Disagree Adverse opinion
Used break up basis Agree Unqualified opinion with
emphasis of matter
Used going concern basis Going concern status If adequately disclosed:
uncertain (significant  Unqualified opinion
uncertainty)
 With emphasis of matter
If not adequately disclosed
 Material disagreement 
Except for opinion

57

57

HOW TO ANSWER CONSTRUCTED

QUESTIONS?

Type 1: Theory question

Type 2: Risk assessment

Type 3: Internal Control

Type 4: Audit Procedures

Type 5: Others (Ethics, Audit opinion)

58

58

29
59

30