Topic outline

  • UNIT 1 :FUNDAMENTAL CONCEPTS IN AUDITING

    Key unit competence: To be able to explain the fundamental concepts 

    in auditing

    Introductory activity

    MUKESHIMANA decided to set up a business for selling flowers after S6 
    Accounting. She got up early in the morning, visited the market, and then 
    set up a stall by the side of the road. She started selling different kinds of 
    flowers. She was able to sell and gain some income from the business. For 

    the first year, everything went well.

    However, MUKESHIMANA thought that she could sell more flowers if she 
    was able to transport more to the place where she would sell them. She 
    also knew that there were several other roads nearby where she could sell 
    flowers.To achieve her ambition of selling more flowers; she needed to buy 
    a van and recruit more employees to transport flowers to different selling 

    points. 

    MUKESHIMANA realized the need for more money to expand her business. 
    Therefore, she requested her rich friend Alex to invest in the business.

    Alex found out the potential of MUKESHIMANA’s business and decided 
    to invest in it, but he did not want to be involved in the management of the 

    business and bear liablities in case of failure its failure (bankruptcy).

    He therefore suggested the following to MUKESHIMANA:
    • To establish a limited liability company;
    • To be the major shareholders (over 51%) and be entitled for more 
    dividends

    • Mukeshimana to be the managing director of the company

    At the end of the first year of trading as a limited liability company, Alex 
    received a copy of the financial statements. He noticed that the profit of 
    the company was lower than expected, and this lowered significantly his 

    dividends.

    He knew that MUKESHIMANA is being paid salary and she might not give 
    much attention to the performance of the company (making profit for the 

    company). 

    To have proper understanding of the performance of the business, there 
    was a strong need of Alex to engage the third parties to provide annual 

    assurance services on financial statements of the company. 

    Referring to the passage above, answer the following questions:

    1. How do you call the work done by the third parties appointed?
    2. What do you think about the work done by the third parties and the 
    work performed by MUKESHIMANA as managing Director?
    3. What are the advantages that Alex will obtain from the work performed 
    by the third parties?
    4. Differentiate the work of MUKESHIMANA from the work performed 

    by the third parties.

    1.1. Key terms applied in auditing 

    Learning activity 1.1

    c

    Analyze the photos above and answer the questions below:

    1. Who is the auditor?

    2. How do you call the work performed by the auditor?

    3. What are main principles of audit?


    1.1.1. Meaning of key terms

    a) Audit

    An audit is an official independent examination of the accounts or accounting 

    systems of an entity.

    Audit is defined as an independent examination of books of accounts and 
    vouchers of business with view of forming an opinion/ judgment as to whether 
    these have been kept properly according to the company’s Act and as to whether 
    or not the statements present a true and fair view of the financial position of a 

    business.

    An audit is an exercise that auditors carry out in order to be able to give the 

    statutory opinion whether financial statements give a true and fair view. 

    An audit is an independent examination and expression of an opinion on a set 

    of financial statements.

    b) Assurance

    The International Standards on Auditing (ISA) give a definition of an assurance 
    engagement as “ one in which a practitioner expresses a conclusion designed 
    to enhance the degree of confidence of the intended users other than the 
    responsible party about the outcome of the evaluation or measurement of a 

    subject matter against criteria. “

    Assurance means confidence. In an assurance engagement, an ‘assurance 
    firm’ is engaged by one party to give an opinion on a piece of information that 

    has been prepared by another party. 

    The opinion is an expression of assurance about the information that has been 
    reviewed. It gives assurance to the party that hired the assurance firm that the 

    information can be relied on.

    c) Auditor

    An auditor is a person who conducts an audit. An auditor is a person authorized 
    to examine and verify the books of account of an organization.
    An auditor is a qualified accountant appointed by the shareholders, government, 

    or management of a company to examine independently the financial information.

    d) Auditing

    Auditing may be defined as the examination of financial statements covering 
    the transactions over a period and ascertaining the financial position of an 
    organization on a certain date in order that the auditor may issue a report on 
    them. It means that the auditing is the application of auditing principles and 

    methods as may be considered as necessary by an auditor.

    e) Integrity 
    An auditor should be straightforward, honest and sincere in his/her approach to 

    his/her professional work.

    f) Objectivity
    Is not to allow bias, conflict of interest or undue influence of others to override 

    professional or business judgments

    g) Professional Independence
    The auditor is an agent/watchdog for the shareholders and must be independent 
    of directors and management who look after the interests of shareholders in a 

    company or of the government.

    The profession requires the auditor to be independent so as to be able to 
    express a balanced opinion on the accounts presented by the directors to the 

    shareholders whose company he has audited.

    h) Professional competence and due care
    To maintain professional knowledge and skils at the level required to ensure 
    that a client or employer receives competent professional services based on 
    current developments in practice, legislation and techniques and act diligently 

    in accordance with applicable techniques.

    i) Confidentiality
    The state of keeping or being kept secret or private, the auditor should not 

    disclose any information to the third party.

    j) Professional behavior
    Auditor should comply with laws and avoid any actions, which discredit the 

    profession.

    k) Planning
    Planning is the process of thinking regarding the activities required to achieve 

    a desired goal

    l) Impartiality
     Is the principle holding that decisions are based on objective evidence obtained 
    during audit, not on the basis of bias or prejudice caused by influence of different 

    interests of individuals or other involved parties.

    m) Evidence
    During the audit, the auditor can collect the evidence through the working 

    papers. He/she can surround his/her opinion on the audit evidence. 

    n) Consistency
    The consistency principle states that once you decide on an accounting method 
    or principle to use in your business, you need to stick with and follow this method 

    or principle consistently throughout your accounting periods.

    o) Legal Frame Work 
    The business activities may run within the rules and legal formalities. To protect 

    the rights of the interested party, rules must be applied/followed. 

    p) Working papers preparation
    Audit working papers are documents which contain all information gathered 
    from the company audited and show all evidences to help the auditor to prepare 

    the final report and to form his/her opinion.

    q) Internal Control 

    The auditor will examine the accounting system and internal control in operation. 

    r) Report
    Report is the end product of the external audit process or of the performed audit 

    work. 

    s) Professional skepticism
    Professional skepticism is defined in the ISAs as an attitude that includes a 
    questioning mind, being alert to conditions, which may indicate possible 

    misstatement due to error or fraud, and a critical assessment of audit evidence.

    Application activity 1.1

    1. What is the meaning of assurance in auditing?

    2. Briefly explain the following terms.

                       a. Integrity

                       b. Objectivity

    Learning activity 1.2

    1.2. Objectives, advantages and disadvantages of auditing


    1. Is it important to know the objectives of audit?

    2. What are the objectives of audit you know?

    1.2.1. Objectives of auditing

    The objectives of audit may be classified into two categories:

    a) Primary or principal objectives of auditing

    • To determine the accuracy of financial statements or accounts;
    • To prove the true and fair view of the company’s financial state of affairs;
    • To confirm that the proper books of accounts are being kept or not;
    • To prepare audit report;

    • To confirm the exactitude of final accounts.

    b) Secondary or subsidiary objectives of an auditing
    • To detect errors;
    • To detec frauds;
    • To prevent errors; 
    • To prevent frauds ;
    • To assist the client to improve their accounting systems;
    • To find out whether the internal control system is working properly or not;

    • To advice the management.

    1.2.2. Advantages and disadvantages of auditing
    a) Advantages of audit
    For the shareholders:
    • Shareholders are assured that directors and management are acting to 
    the best of their interests ;
    • They use audited accounts to determine amount to be paid to dead 
    partner;
    • They use audit report to admit a new partner by examining his/her 
    business;

    • Audit ensures that regulations and statutory requirements are followed.

    For the employees: 
    • Audit keeps accounting staff vigilant and careful in their work;
    • Employees ensure their job security and continuity of good remuneration 
    by the audited company;

    • Act as a detective and preventive measure against errors and frauds.

    For the state: 
    • Audited companies ensure the accomplishment of fiscal duties 
    regarding companies (payment of taxes and social contributions);
    • The government is assured that public funds are being well used;
    • The government ensures continuity of business for the purpose of 
    general interests of the people;
    • The state ensures that books of accounts are maintained according to 

    legal requirements and companies Act.

    For the management of an enterprise and third parties in general: 
    • Audit provides assurance and credibility to the accounts for interested 
    parties;
    • Third parties not taking active part in the organization are protected;
    • Audited accounts minimize disputes between parties;
    • Audited accounts are acceptable as the basis of ascertaining tax 
    liability;
    • The auditor promotes general management efficiency by advising 

    management.

    b) Disadvantages of auditing
    • If the auditor has many clients, planning and personnel problems lead to 
    inefficient audit, leaving errors and frauds undetected. Thus, increasing 
    auditor’s liability to third parties.
    • It is expensive and third parties may not be able to afford it.
    • The audit report provides information that may otherwise be confidential 
    to competitors.
    • A qualified report may affect the company’s credibility with third parties.
    • An audit can disrupt the client’s (audited company) work.
    • Audited figures may be altered (changed) leading to inaccurate opinion.
    • May prompt trade unions to demand for higher wages for their 
    employees e.g. in cases of unreasonable reserves.
    • An audit can lead to conflict between the internal auditor and 
    management in cases where the internal auditor co-operates with the 
    external auditor.
    • Revelations of weaknesses in the management letter or letter of 
    weaknesses may make managers to resign. Thus, leading to apathy in 

    the organization.

    Application activity 1.2

    1. Explain the advantages of audited accounts to shareholders.

    2. What are the primary or main objectives of auditing?

    1.3. Types of Audits according to the different classifications

    Learning activity 1.3

    G&P Partners is an auditing firm, registered in Rwanda to provide an audit 
    and advisory services since 2010. For the year ended 31st December 2021, 

    G&P Partners received the assignement from different clients as follows:

    1. On 05th January 2021, G&P Partners singed an engagement 
    letter with Sika Ltd for providing the audit opinion on their financial 
    statements and compliance with company’s procedures manuals, 
    rules and regulations. Sika Ltd agreed with auditor also to conduct 

    its audit in every 3 months until the end of the year. 

    2. On 20th March 2021, during the annual general meeting, Bwiza Ltd 
    appointed G&P Partners as a new auditor to conduct an audit of 

    their annual accounts. 

    3. On 01st April 2021, G&P Partners signed an engagement letter with 
    office of auditor general to conduct an audit for one of government 
    projects to evaluate whether the project objectives were attained or 
    not and to evaluate whether the transcations passed by the project 

    coordinator were made in economic, efficient and effective manner. 

    Question 

    From the above assignment received by G&P Partners, List the types of 

    audits that will be conducted.

    1.3.1. Forms of organizations

    a) Auditing of a sole proprietorship
    This is a form of audit of the accounts of a private individual or sole trader. An 
    auditor is asked to audit the accounts of a private individual or a sole trader. He/
    she must get clear instructions in writing from his/her client as to what he/she is 
    expected to do i.e. his/her duties, nature of work, scope of work etc and will be 

    clearly defined in the engagement letter. 

    Advantages of auditing of the accounts of sole trader are:
    • Assured that his/her accounts are properly kept or not;
    • Audited accounts are helpful in confirming that the profit or loss has 
    been made;
    • Sole trader agents are kept vigilant (in the case of consignment);
    • Taxes are assessed and paid very well;

    • Audited accounts are basis for obtaining bank loans and public markets.

    b) Auditing of partnership
    The scope and conduct of auditing and rights and duties of the auditors 
    are determined on the basis of the agreement between the firm and auditor 
    (engagement letter). While conducting auditing of partnership firm, the auditor 

    must also consider the partnership Deed.

    Advantages of auditing of partnership
    • Avoids any financial dispute among partners.
    • Third parties are assured that there are no frauds.
    • Helps in the valuation of goodwill of a dead partner and incoming 
    partner.
    • Expertise of audit contributes to increase profit, better management 

    and compliance with tax laws.

    Distinction between auditing of partnership firm and auditing of a 

    limited lability company


    c) Audit of limited company

    An audit of a limited liability company is an examination of the financial statements 
    of a company, such as the income statement, cash flow statement, and balance 
    sheet. Audit provides to investors and regulators the confidence in the accuracy 

    of a corporation’s financial reporting.

    During the audit of a limited liablty company, it is clarified whether the financial 

    statements are fairly presented and free from material misstatements.

    The auditor’s role is to examine annual final accounts of the company and make 

    sure they are correct and reliable but not to manage those accounts. 

    1.3.2. According to the nature of work

    a) Private Audit

    Private or voluntary audit is that audit which is not legally required. It is conducted 
    in line with the agreement between the auditor and the client (audited company), 

    and is not governed by any particular law.

    This audit is conducted to obtain an audit report for the use by different users of 
    the financial statements( management for an organization, investors, employees 

    etc...).

    The private audit includes the audit of sole trader, and audit of partnership. 
    The contract (engagemennt) between auditor and his/her clients is important 
    because: 
    • It defines the scope of audit; 
    • It is the basis of charging the audit fees;
    • It is the basis of the information to include in the report;
    • It serves as an evidence;
    • It protects both parties;
    • It prevents misunderstanding between parties;
    • It is legal binding;
    • It specifies the rights and duties of both parties;
    • It can be used to solve disputes between parties;
    • It minimizes risks;

    • It outlines expectation for both parties.

    b) Statutory Audit
    Statutory audit is the audit conducted under the provisions of the companies 

    Act.

    Similarities between statutory and private audits 
    • In both audits, the auditor’s duties and scope of work can be increased 
    by the client. 
    • In both audits, the auditor earns the audit fee.
    • Both audits are conducted at the end of the year when the records 
    have been balanced and closed off.
    • In both audits, the auditors apply similar techniques and audit tests. 
    • Both auditors might be the members of professional accountants’ body 
    like ICPAR, ACCA, and IFAC.
    • In both audits, valuable advice is provided to the client at the end of 
    audit work. 
    • Both audits are used as basis for decision-making.
    • Both safeguard company’s assets.
    • In both audits, the auditors issue audit reports. 
    • Both audits are concerned with the review of the activities of the 
    company.
    • They are concerned with the preventive measures against errors and 
    frauds.

    • They are concerned with the strength of the ICS.

    c) Internal Audit
    Internal auditing is an independent, objective assurance and consulting activity 
    designed to add value and improve an organization’s operations. It helps an 
    organization to accomplish its objectives by bringing a systematic, disciplined 
    approach to evaluate and improve the effectiveness of risk management, control, 

    and governance processes.

    The report of internal audit is used by the management for the improvement of 

    internal control system. 

    The internal auditor carries out checking work throughout the year. Although, 
    he/she is an employee of the organization, he/she is given some form of 

    independence in order to perform his/her duties as required.

    d) External Audit
    An external audit is an objective examination by an auditor to examine the 
    company’s books of accounts and determine if the company’s financial 
    statements are fair and true. An auditor also determines if the company follows 
    accounting standards and systems. An independent auditor reviews the 
    accounts and provides the reassurance and transparency to the company›s 
    shareholders about the correctness of the accounts.It makes the company and 

    its financial statements more credible and respected.

    External audit is conducted by an independent auditor who is not an employee 
    of the organization.The external auditor is appointed by owners of a business 

    andby the shareholdres in a case of a limited company.

    The main purpose of external audit is to provide an audit report on financial 
    statements audited. The audit report is used by the shareholders and third 

    parties like bank managers, creditors, and income tax authorities.

    Differences between Internal Audit and External Audit

    Differences between an internal Auditor and External Auditor



    1.3.3. According to the time 

    a) Final audit (periodic/Detailed/Complete Audits)

    It is conducted at the end of the financial period when accounts have been 

    closed off, and financial statements have been prepared and approved.

    Advantages of final Audit

    • Chances of figures being changed are minimal.
    • It is flexible as the auditor can prepare good programme to cover all 
    areas well.
    • It is very ideal for small business whose transactions are few and can 
    be audited at one sitting.
    • It is not expensive.
    • This audit does not interrupt the client’s work.
    • It eliminates notes taking which are a phenomenon of other audits.

    Disadvantages of final audit
    • The delays may occur if there is large volume of work.
    • The frauds and errors are discovered after the close of the year. 
    Sometimes, it is too late to rectify or take preventive measures.
    • As the financial periods of most of the clients end on the same date , it 

    becomes difficult for the auditor to deploy audit staff adequately.

    b) Interim Audit
    Interim audit is conducted to a particular date within the accounting period. 
    It is conducted within the accounting period usually half yearly. It is a kind of 
    audit which is conduted between the two periods or during transitional period. 
    It is aimed at assessing the company’s performance in order to pay interim 

    dividends.

    Advantages of interim audit

    • It facilitates completion of the final audit.
    • Errors and frauds can be more quickly found and detected during the 
    course of the year.
    • It is ideal for situations under which the company is required to publish 
    figures for purposes of paying interim devidend.
    • It is less expensive than continuous audits because the auditor will 
    spend less time in the company in interim audit.
    • It has a moral effect on the staff of the client in that they will be upto 

    date .

    Disadvantages of Interim audit

    Figures already audited can be changed/altered after this audit.
    • It will interrupt the client’s work as his/her books will be taken away for 
    the purpose of audit.
    • It involves a lot of notes taking.
    • The client’s staff may develop the habits of depending upon the audit’s 
    staff to solve their accounting problems.
    • Since it is aimed at the declaration of interim dividends, the management 
    may manipulate the accounts to show more profits so as to declare 
    better dividend which will amount to a big fraud.

    • This means additional work.

    c) Continuous Audit
    It is that audit which involves detailed examination of the books of accounts at 
    regular intervals of 1, 2 or 3 months. Continuous audit is applied where:
    • Financial businesses whose transactions must be up to date to prevent 
    errors and frauds;
    • The number of transactions are too numerous to audit at the end of the 
    year;
    • There are no satisfactory internal control systems; in risky businesses 
    where decision making has to be made timely and accurately;
    • It is desired to present the accounts just after the end of the financial 
    year for example in banks;
    • The statement of accounts is required to be presented to the 
    management after every month or each quarter;

    • There is no satisfactory internal control system in operation.

    Advantages of continuous audit
    • Easy and quick discovery of errors.
    • Quick presentation of accounts.
    • Moral check on staff.
    • Keeps client’s staff regular.
    • Audit staff can be kept regular.

    • Efficient audit.

    Disdvantages of continuous audit
    • Alteration of figures.
    • Altered by dishorest clerk.
    • Dislocation of client’s work.
    • This method is expensive.

    • It involves extensive note taking so as to avoid alteration of figures.

    Distinction between continuous audit and Interim audit.

    1.3.4. According to the method of approach

    According to the method of approach ,various types of audits are:

    a) Procedural audit
    A procedural audit is an examination and review of the internal procedures and 
    records of an organization in order to ascertain their accuracy and reliability.The 
    main purpose of this audit is to ascertain whether the internal procedures are 

    reliable or not.

    Advantages of procedural audit
    • This audit will provide a feedback to the management.
    • The audit will reveal which procedures are outof dated and uneconomical 
    and which calls for replacement.
    • It will identify the strength or weakness in ICS.
    • It will reveal the management weakness in supervising the company’s 
    operations.
    • It will ensure co-ordination of the company’s operations which may 
    boost its profitability.
    • It will reveal whether procedures in accounting department are working 

    propely or not.

    Disadvantages of procedural audit 
    • It may be a very expensive audit.
    • It may be frustrated for the management.
    • It may mean duplication of effort if the same procedures are examined 
    in the final audit. 
    • This type of audit may be tedious in particular if the company has 

    numeruos procedures.

    b) Management audit
    Management audit is an independent and systematic analysis and evaluation 
    of a company’s overall activities and performance. It is a valuable tool used to 
    detremine the efficiency,functions,accomplishments and achievements of the 

    company.

    The purpose of this audit is to prepare a report on the effectiveness of the 
    management from the point of view of the profitability and efficient running of 

    the business.

    Advantages of management audit 
    • It will improve the quality of the management in the business.
    • It will identify how decisions are made in a business.
    • It will reveal the weaknesses of the management.

    • It will reveal the efficiency of budgetary system and its management.

    Disadvantages of management audit
    • It may lower the morale of top management.
    • It is not possible for the mangement and audit staff to reveal their 
    inefficiencies during the auditor’s presence and this may lead to a 

    biased report.

    c) Vouching Audit
    Vouching audit is that audit where the auditor checks each and every transaction 
    right from the origin in the books of prime entry till they are posted and the final 

    accounts are prepared from the amounts posted.

    d) Balance sheet audit
    The term balance sheet audit means verification of the value of assets,liabilities,the 
    balances of reserves and provisions and the amount of profit earned or loss 
    incurred by a business during the year.
    The balance sheet items are verified by checking the following;
    • Description
    • Ownership (recording of items)
    • Net Book Value (NBV=cost less totaldepreciation) 

    • Existence (physical existence of the asset)

    Advantages of a balance sheet audit 
    • Less expensive because it only checks the balance sheet items.
    • Results in a balanced opinion because the balance sheet contains the 
    most important items the auditor’s report is based on.

    • Chances of changing figures after the audit are minimal.

    Disadvantages of a balance sheet audit 
    • It is partial audit and not therefore suitable to limited companies.
    • It is only applicable to companies with a strong internal control system.
    • If undertaken for a limited company, it may increase the auditor’s 

    liabilities because it covers a limited area.

    e) Standard audit 
    This is a type of audit, which is conducted to ascertain whether the client 
    accounting system complies with the required levels of standards set by the 

    professional bodies. 

    These may include: 
    • Statement of standards of accounting practices (SSAP);
    • International Accounting Standards (IAS);

    • Generally Accepted Accounting Principles (GAAPs).

    1.3.5. According to the public sector’s audit
    Main Objective

    The main objective of public sector’s audit is to provide assurance to parliament, 
    the government and the public that government departments, ministries and 
    agencies are operating and accounting for their performance in accordance 

    with the Act of Parliament, the relevant regulations and public interests.

    The three main types of public sector’s audits 

    a) Financial audit

    It focuses on determining whether an entity’s financial information is presented 
    in accordance with the applicable financial reporting and regulatory framework. 

    This is accomplished by obtaining sufficient and appropriate audit evidence to 
    enable the auditor to express an opinion as to whether the financial information 

    is free from material misstatement due to fraud or error. 

    b) Performance audit 
    It focuses on whether interventions, programs and institutions are performing in 
    accordance with the principles of the economy, efficiency and effectiveness and 
    whether there is room for improvement. 

    Performance audit is executed against suitable criteria, and the causes of 

    deviations from those criteria or other problems are analyzed. 

    The aim is to answer key audit questions and to provide recommendations for 

    improvement. 

    c) Compliance audit 
    It focuses on whether a particular subject matter is in compliance with identified 
    criteria obtained from laws and regulations. Compliance auditing is performed 
    by assessing whether activities, financial transactions and information are, 
    in all material respects, in compliance with the existing laws and regulations 

    governing the audited entity.

    Application activity 1.3
    1. Explain the following types of audits according to the time factor.
     a. Final audit
     b. Interim audit
     c. Continuous audit

    2. Give the advantages and disadvantages of procedural audit.

    1.4. Investigation

    Learning activity 1.4

    Analyze the photos above and answer the follow questions: 

    1. What do you see on the image above? 

    2. Differentiate these persons according to their work

    1.4.1. The difference between auditing and investigation

    a) The meaning of investigation

    Investigation is an act that involves the examination of accounts and the use 
    of accounting procedures to discover financial irregularities and to follow the 
    movement of funds and assets in and out of organisations.
    Investigation is an inquiry commissioned by a client for some purpose. 
    Investigating is a kind of special audit with a limited or extended scope according 

    to the purpose for which it is conducted. 

    b) Difference between auditing and investigation

    1.4.2. Characteristics and reasons of investigation
    a) Characteristics of investigation
    • Investigation is an enquiry.
    • Investigation implies systematic and critical examination of accounts 
    and records of a business enterprise for a specific purpose.
    • It is conducted for a specific purpose (suspicion).
    • Its specific purpose may be evaluated of state of affairs or establishment 
    of a fact.
    • Conducted for a non-fixed period (any time) and any person (police, 

    lawyers, consultants, etc.) and describes a fact not an opinion.

    b) Reasons for investigation

    Investigation is carried out due to the following reasons:

    Purchase of a company
    When an individual is interested to purchase a business, he/she can appoint an 
    accountant of his/her choice to carry out investigation in respect of business 
    which he/she wants to purchase. The main purpose of this investigation is to 
    find out the details about this purchase. If the investigation report is in favor of 

    this business, then it can be purchased.

    Admission of a new partner
    An investigation may arise, either on behalf of a person intending to bring capital 
    in order to become a partner, or for the existing proprietors who intend to take 
    in a partner. If the investigation is arranged by the prospective partner. The main 
    purpose will be to ascertain whether to become a partner is beneficial or not. In 

    this case, investigation will be similar as in the case of a purchase of a business.

    Fusion of the companies (Acquisition of a Merger)
    Mergers mean to convert two or more business enterprises into one unit. In 
    this case, one business enterprise can acquire the assets or shares of another 
    enterprise. The most important term that must be negotiated in a merger 
    arrangement is the price the acquiring firm will pay for the acquired business. In 
    mergers or fusions, a larger firm generally takes over a small one and assumes 

    all management control. 

    Before the merger of two or more business enterprises, investigations are carried 

    out through some accountants by the firm, which intends to acquire other firms. 

    The main purpose of these investigations is to find out the details about financial 

    position of the other businesses.

    Prospecting of the investments (Prospective investment)
    Some individuals or firms might be interested to make some investments in 
    the form of shares or debentures of other companies. In order to make their 
    decisions, they want to know the details about the financial standing of those 
    companies. For this purpose, they can arrange some investigations through 

    some accountants. 

    Prospecting of a loan or investigations on request for loans (Prospective 
    lending)

    Some banks carry out some investigation before advancing loans to some 
    business enterprises. Similarly, some suppliers need independent investigation’s 

    reports before granting credit facilities to their clients. 

    Suspicion of fraud or fraud investigation (Fraud)
    Investigations are carried out on the instructions of management to detect fraud 
    if the behavior of some employee is suspicious. If the fraud is concerned only 
    with the section of the work e.g. the entry of dummy workmen on a wages sheet 
    by one clerk, the extent of the investigation should be restricted to that one 

    section. 

    On the other hand, if misapplication of cash is the result of collusion between 
    two or more employees then the investigation can be extended to various 

    sections or departments of the organization.

    Legal or statutory investigation
    Investigation conducted to satisfy some legal requirements. The following cases 
    indicate when a legal investigation can be conducted:
    • An investigation by the liquidator of a company where directors are 
    suspected of fraud regarding the affairs of the company;
    • An investigation by a trustee in a bankruptcy where the bankrupt is 

    suspected of having acted fraudulently in the past.

    c) Steps of investigation
    • Determine the scope/objectives of investigation.
    • Planning the investigation (Formulate investigation program).
    • Establishment of the fields of application (by examining or studying 
    various records).
    • Analysis and interpretation of findings/results. 
    • Preparation of the investigation’s report/writing of the investigation 

    report.

    d) Report of investigation.
    On the completion of investigation, the report is submitted to concerned parties. 
    The report submitted in respect of an investigation should cover the following 
    points:
    • Reference to instruction given by the client;
    • Reference to basic documents covering information obtained;
    • General outline of the work done;
    • Summary of information obtained;

    • Recommendations in accordance with information obtained. 

    Application activity 1.4

    1. The scope of investigation is very large than the scope of accounting.
    State some areas in which investigation should be applied.

    2. What are the steps of investigation?

    1.5. Auditing and acccounting

    Learning activity 1.5

    1. Observe carefully the pictures above and establish the difference 

    among them.

    1.5.1. Difference between auditing and accounting

    1.5.2. Benefits and limitations of an audit

    a) Benefits of an audit
    • The shareholders of a company are given an independent opinion as 
    to the true and fair view of the accounts that have been prepared by 

    management. 

    The use made by third parties such as suppliers and banks adds 
    confidence in the performance of a company. 
    • While not responsible for detecting fraud, the very fact that an audit 
    is carried out and may uncover evidence of fraud, can help to mitigate 

    against such risks. 

    b) Limitations of an audit
    • Every item is not checked. In fact, only test checks are carried out by 
    auditors. 
    • Auditors depend on representations from management and staff. 
    • Evidence gathered is persuasive rather than conclusive. 
    • Auditing is not purely an objective exercise. Judgments have to be 
    made in a number of areas. 
    • The timing of an audit. 
    • An unqualified audit opinion is not a guarantee of a company’s future 
    viability, the effectiveness and efficiency of management, nor that fraud 

    has not occurred in the company. 

    Application activity 1.5

    1. You are a shareholder in AKARABO Co.Ltd. What are the benefits 
    could you get from an audit?

    2. Explain the limitations of an audit

    Skills lab activity 1
    Using two learning groups, one being as an accountant and another as 
    an auditor. Students visit library and pairs exchange roles as the teacher 
    supports accordingly. Let students present their views on the similarities 

    between auditing and accounting.

    End unit 1 assessment
    1. Write short notes on the following:
    a. Statutory Audit
    b. Private Audit
    c. Interim Audit
    2. Explain the term continuous audit and outline its advantages and 
    disadvantages.
    3. What are the types of audits according to the time factor?
    4. Give the difference between Auditing and Accounting
    5. Explain the following principles of auditing:
    a. Objectivity
    b. Professional Independence
    6. What are the elements of an investigation report?

  • UNIT 2:LEGAL AND PROFESSIONAL REQUIREMENT

    Key unit competence: To be able to describe the legal and professional 

    standards required for an auditor

    Introductory activity
    MURENZI has recently completed his Certified Public Accountant (CPA) 
    course and got an offer in KM audit firm. On his first audit assignment, 
    the audit Partner instructed him to observe the auditing standards and 
    professional ethics. Further, he was requested to carry out his engagement 
    with due diligence and be able to mitigate any ethical threats/ challenges. 
    Given that it was his first engagement assignment, he was not sure about 
    the professional and legal requirements of the auditors. Furthermore, he did 
    not know the ethical threats partaning to the profession of auditing and their 

    mitigation strategies.

    In response to his problem, the auditor decided to consult the senior auditor 
    KEREKEZI with whom deployed to carry out the audit of BETA Co Ltd 
    financial statements for the period ended 31 December 2020, prepared 
    in conformity with common rules. MURENZI got ample explanations from 
    the colleague. Thereafter, he started the audit and the audit was done as 
    guided by the audit partners. The auditor conducted the audit in conformity 
    with international standards on auditing, local requirements, and observed 

    the professional requirements.

    Questions
    1. Why is it necessary for an auditor to comply with national and 
    international regulations on auditing? 

    2. In case the auditor does not comply with national and international 

    regulations on auditing, what happens?

    2.1. Audit standards

    Learning activity 2.1

    INEZA BAKERY produces different products from wheat flour like bread, 
    cakes etc. it has records of financial transactions. The management of this 
    bakery needs the help for checking if their records are accurate according 

    to General Accepted Accounting Principles. 

    1. As students in S6 Accounting, what do you think could be the 
    International Standards on Auditing that would applied while 

    checking the financial records of INEZA BAKERY? 

    2. What are the fundamental principles of ethics that you must fulfil in 

    order to become a member of professional body like ICPAR/IFAC?

    2.1.1. International standards on auditing

    a) Meaning of International Standards on Auditing (ISAs)

    International standards on auditing are professional standards for the 

    performance of financial audit of financial statements.

    b) Structure of International Standards

    The International standards are structured as follows:

    Introduction: includes the purpose, scope and subject matter of the 

    ISA plus the responsibility of the auditor.

    Objective: consists of a clear statement of the ISA’s objective in relation 

    to the audit area that the ISA addresses.

    Definitions: of applicable terms used in the text.

    Requirements: clearly stated as ‘the auditor shall…’

    • Application and other explanatory material: more precise explanations 

    of what requirements mean or are meant to cover.

    These standards are issued by International Federation of Accountants (IFAC) 
    through the International Auditing and Assurance or guarantee Standards Board 
    (IAASB). ISAs are mandatory in some jurisdictions for the audit of company’s 

    accounts.

    c) Process of setting Standards 
    • The IAASB identifies new developments.
    • The IAASB appoints a task force to draft a standard.
    • Consultation takes place.
    • An “exposure draft” is produced; essentially a draft standard issued 
    welcoming comments from the profession and any other interested 
    party.
    • The task force considers comments and may make amendments.
    • The Standard is finalised and formally approved by the IAASB.


    Examples of international standard on auditing
    • IAS200: Overall Objectives of the Independent Auditor and the Conduct 
    of an Audit in Accordance with International Standards on Auditing
    • IAS210: Agreeing the Terms of Audit Engagements
    • IAS230: Audit Documentation
    • IAS500: Audit evidence
    • IAS530: Audit sampling

    • IAS700: Forming an opinion and reporting on financial statements

    2.1.2. Ethical duties of auditors according to International 

    standards on auditing

    The IESBA Code of Ethics provides ethical guidance for members in its 
    five fundamental principles such as: integrity, objectivity, professional 

    competence and due care, confidentiality and professional behavior.

    a) Fundamental principles of ethics

    All members and students must comply with these five fundamental principles 

    set out in IESBA Code of Ethics.

    • Integrity: to be straightforward and honest in all professional and 
    business relationships.

    • Objectivity: Not to compromise professional or business judgments 
    because of bias, conflict of interest or undue influence of others.
    • Professional competence and due care: 

    – To attain and maintain professional knowledge or skills at the level 
    required to ensure that a client or employing organization receives 
    competent professional service, based on current technical and 
    professional standards and relevant legislation.

    – To act diligently in accordance with applicable technical and 
    professional standards.

    • Confidentiality: To respect the confidentiality of information acquired 

    as a result of professional and business relationships.

    • Professional behavior: to comply with relevant laws and regulations 
    and avoid any action that the professional accountant knows or might 

    discredit the profession.

    Compliance with the fundamental principles may potentially be threatened by a 

    broad range of

    Circumstances. The IESBA Code of Ethics categorises them as follows:

    • Self-interest (e.g. financial interests, concern over employment 

    security)

    • Self-review (e.g. decisions made and reviewed by same person)

    • Advocacy (not improper provided it does not result in misleading 

    information)

    • Familiarity (e.g. long association, acceptance of gifts)

    • Intimidation (e.g. threat of dismissal)

    Possible safeguards to above threats of independence are:
    • Setting the internal rules that for example no partners or staff have 
    shares in audits client ;
    • Setting client acceptance procedures ;
    • Carry out an annual review of independence both for the whole firm ;
    • Do a consultation procedure in case of doubt ;
    • Second partner review of certain client ;

    • Rotation of the engagement partner or rotation of senior auditor staff.

    b) Specific guidance and notes

    The IESBA Code of Ethics states that independence requires independence 
    of mind and independence in appearance. In other words, the auditor must be, 

    and must be seen to be independent.

    • Independence of mind is the state of mind that permits the provision 
    of conclusions without being affected by influences that compromise 
    professional judgement, allowing an individual to act with integrity, and 

    exercise objectivity and professional scepticism.

    • Independence in appearance is the avoidance of facts and 
    circumstances that are so significant a reasonable and informed third 
    party would be likely to conclude that a firm’s, or audit and Assurance 
    team members, integrity, objectivity or professional scepticism have 

    been compromised.

    It is very important that the auditor is impartial and independent of management, 
    so that he/she can give an objective view on the financial statements of an 
    entity. The responsibility is always on the auditor not only to be independent but 
    also to be seen to be independent.


    Application activity 2.1

    1. You are appointed as the auditor of XY Company. What are the main 

    principles of ethics you need to observe during the audit?

    2.2. Auditor of the company

    Learning activity 2.2

    Suppose you are the auditor of Star Ltd located at Nyagatare District and 
    you have a neighbour who has new business. He/she wants to know the 
    main responsibilities of an auditor. Help him/her to answer the following 

    question:

    1. What do you think could be the responsibilities of the auditor of Star 

    Ltd Company?

    2.2.1. Duties, obligations and rights of an auditor

    a) Duties of an auditor 

    An auditor has to:
    • Make a report to shareholders, ownersor government ( for external 
    auditors)
    • Make a report to the management (for internal auditors).
    • Assist in investigation.
    • Certify that whether loans are properly secured and not at terms 
    prejudicial to the interest of shareholders.
    • Certify whether transactions conducted by the company are not 

    prejudicial to the interest of shareholders.

    b) Obligations of an auditor

    An auditor must:

    • Pass an approved set of professional examinations, set by a Recognised 

    Qualifying Body (RQB) e.g. the ACCA, CPA, CA;

    • Become a member (and stay member) of a Recognised Supervisory 

    Body (RSB) e.g. ACCA, ICPAR;

    • Not to be a director or employee of the company, or of any associated 

    companies;

    • Not to be an employee or business partner of a director or employee of 

    the company or of any associated companies.

    c) Auditor’s rights

    The auditors have powerful rights to:

    • Access to all records needed (the books of the organisation at any 

    time);

    • Receive information and explanations of all transactions;

    • Call for information and explanations from employees, managing agents, 

    company secretaries, etc;

    • Attend and receive notice (within 21 days) about general meetings and 

    they have right to speak at general meetings on relevant matters;

    • Visit the company’s branches;

    • Take a legal and technical advice;

    • Remuneration;

    • Sign the audit report.

    2.2.2. Auditor’s liability

    a) Meaning of auditor’s liability agreements

    Auditor’s limited liability agreements are contracts designed to ensure that 
    auditors are not pursued for excessive losses, just reasonable proportion based 

    on their responsibility.

    b) Types of auditor’s liability

    Civil liability of Auditor for negligence: Civil liability is the legal responsibility 
    for a payment to an aggrieved third party, due to the violation of a civil law, tort, 
    or a breach of contract. Therefore, the auditor must exercise reasonable degree 
    of skill and care in the performance of his/her duties.An auditor can be held 

    liable for negligence of his/her duty if it is proved that:

    • Negligence in the performance of his/her duty;

    • A loss or damage as a result of his/her negligence;

    • The loss was suffered by his/her client.

    Criminal liability: responsibility for any illegal behaviour that causes harm or 

    damage to someone or something which means open to punishment for a crime.

    c) Sources of legal liability for an auditor
    • The Legal Liability of Auditors to Third parties;
    • Unjustified/unfair Lawsuits;
    • Successful Lawsuits against Auditors.

    Third parties: can be a person or group besides the two primarily involved 
    in a situation, especially a dispute. Third parties may include any individual 
    shareholders, potential investors and the banks.
    In these cases, there is no 
    contract with the audit firm. Therefore, there is no implied duty of care. In order 
    to hold the auditor criminally liable, the following must be proved:
    • that the statement made was false in material facts;
    • that the auditor willfully made such a false statement, and;
    • That the statement complained of has been made in any return report, 
    balance sheet, certificate or any other document required to be made 

    under any provision of the Companies Act.

    It may be stated here that the court has the powers to relieve an auditor either 
    partly or wholly; if a case is proceeding against him/her for negligence, default 
    or breach of duty or trust provided it is satisfied that the auditor acted honestly 

    and reasonably by taking into consideration all the circumstances of the case.

    An auditor may be also held liable for damages to third parties, if they have 
    suffered any loss relying on any balance sheet or any financial statement signed 
    by him/her. Such liability arises where there is no direct contractual liability. It 

    may arise in the following cases.


    • Where the auditor has been proved negligence and any third party has 
    suffered a financial loss due to negligence of the auditor;

    • Where the auditor did not attach a disclaim to this report to the effect 
    that the report was not intended to be relied upon by third parties;

    • Where the auditor was made fully aware that third parties were going 
    to rely on his/her report;

    • Where the third parties can prove that no other external factors 
    influenced their decision making except the auditor’s report;

    • Where the auditor owed a duty of care to the third parties;

    • Where the auditor gives reference regarding his/her client’s credit 
    worthiness;

    Although it is difficult to determine to which third parties the auditor will be liable. 
    However, the auditor may be liable generally to the following third parties:
    • Any person to whom he/she owes duty of care e.g. debtors or creditors 

    of his/her client;

    • Persons who may rely on his/her work provided the auditor knew 
    that those persons will rely on his/her work e.g. bank managers, tax 

    authorities etc;

    • Any person who is affected due to his/her audit report e.g. the employees 

    of his/her client.

    The auditor can take the following steps to minimise the danger of any claim 

    against him/her for negligence work:

    • Gather conclusive evidence and supporting documents before passing 

    any entries and drawing an opinion;

    • Review the risky audit areas before releasing the final audit report to 

    the shareholders;

    • Withdraw his/her consent and give a public notice to this effect after 

    registration of prospectus but before allotment of shares;

    • Use well trained and experienced staff during the audit work who will 

    carry out their duties completely;

    • He/she should obtain supporting evidence e.g. letters of representation 

    to prove his/her competences;

    • Withdraw his/her consent in writing before such a prospectus has 

    been registered and before it is for public use.

    Application activity 2.2

    Question 

    1. AMAHORO Ltd is an audit firm located in Bugesera District. It is 
    appointed to audit the industry that manufactures agricultural 
    products. The owner of AMAHORO Ltd asks for assistance on ways 
    of minimising the risks/dangers of any claim against for negligence.

     How AMAHORO Ltd will minimize the risks of negligance?

    Skills lab activity 2

    Through internet search, students in their learning teams search different 

    cases that can lead the auditor to criminal liabilities and civil liabilities. 

    End unit 2 assessment

    1. What are the components of International Standards on Auditing?
    2. Which of the following are not engagement standards issued by the 
    IAASB?
    a) International Standards on Auditing
    b) International Standards on Quality Control
    c) International Auditing Practice Statements
    d) International Standards on Related Services
    e) International Standards on Assurance Engagements

    f) International Standards on Review Engagements

    3. Under what circumstances an auditor may be held liable to a third 

    party for negligence.

    4. Which cases may lead an auditor to be held liable to criminal

    offence?

  • UNIT 3: AUDITOR’S APPOINTMENT

    Key unit competence: To be able to describe the procedures for 

    auditor’s appointment.

    Introductory activity

    MODERN BUSINESS enterprise has been operating for ten years in 
    manufacturing business industry. For the last ten years in operation, the 
    business was characterized with high costs and thus affecting its profitability. 

    The business owner thought of seeking advice from the expert.

    NTRODUCTION 

    TO ACCOUNTING

    UNIT AUDITOR’S APPOINTMENT 3

    Key unit competence: To be able to describe the procedures for 

    auditor’s appointment.

     Introductory activity

    MODERN BUSINESS enterprise has been operating for ten years in 
    manufacturing business industry. For the last ten years in operation, the 
    business was characterized with high costs and thus affecting its profitability. 

    The business owner thought of seeking advice from the expert.

    After the consultation , the owner found it necessary to execute the following:
    • Change the business’s nature and become a limited liability 
    Company;
    • To issue more shares;
    • To ensure that the produces are accessible to customers in their 
    respective places;
    • To increase the sales turnover;
    • To reduce the number of sales staffs and be replaced by the sales 

    agents, that will be provided the commissions on sales made.

    After the structuring of the business, a new company named XY ltd and 
    started its operations on 1st Jan 2016. This was followed with the appointed 

    of board members. 

    Due to the fact that it was its first year of operation as a company, the 
    shareholders were interested to know the performance of the company and 
    thought of hiring an expert to review the financial statements of XY ltd for 

    the period ended 31 December 2016 and give his/her independent opinion.

    Questions 
    1. What is a professional name of a person who examines financial 
    statements and other financial documents on behalf of shareholders?
    2. What are procedures of appointing him/her?

    3. What should that person consider before accepting the assignment?

    3.1. Auditor’s appointment procedures

    Learning activity 3.1

    On the appointment of the auditor, in the general annual meeting of the 
    board of directors, shareholders and the management were discussing 
    the basis under which the auditor of their famous company known as 
    TWUNGANIRANE Ltd, would be recruited. They wanted to set ethical 
    duties, rights and liabilities of their new auditor.

    1. What should be the fundamental ethical principles of auditors?

    2. What do you think are the rights of an auditor?

    3. What are the auditor’s liabilities?

    3.1.1. Appointment of an auditor

    It is a legal requirement of the Companies Act for all Limited Companies to 
    appoint an auditor who will oversee the company’s affairs for a given financial 

    period.

    a) Conditions and ways of appointing an auditor

    • First auditor is appointed after the company’s registration by the Board 
    of Directors in 30 days and when fair to do, he/she is appointed by the 

    registrar of companies.

    • In case the above auditor is to resign, he/she must give a notice of 28 
    days in writing to the Board of Directors and for removal he/she is given 

    28 days.

    • At the annual general meeting, the shareholders will have to appoint an 

    auditor-28 days must be given to the out-going auditor in this respect.

    • Automatic Appointment 

    – If there is no resolution intended to remove the previous auditor, 

    then he/she is automatically reappointed.

    – If the previous auditor does not give a notice of the resigning in 

    writing (of 28 days) then he/she is deemed to be automatically re-appointed.

    – If the auditor has not committed any act which disqualifies him/her 

    automatically from being re-appointed.

    – If after the annual general meeting, the shareholders disagree on 
    who is to be the next auditor. (If no new auditor is appointed nor do 
    they delegate this duty to the Board of Directors, then 7 days after 
    the annual general meeting the Registrar of Companies will have to 
    appoint a new auditor) assuming that the previous auditor has been 

    removed.

    – In addition, automatic re-appointment will be obvious accepted.

    If he/she is not qualified for re-appointment e.g. due to misconduct or delays the 
    annual general meeting. If the auditor has given a notice (28 days) in writing of 
    his/her intention/unwillingness to be re-appointed. If a notice for a solution has 
    been given by any one shareholder, intending to appoint someone else then the 

    auditor cannot be automatically re-appointed.

    b) Casual Vacancies 

    A casual vacancy may arise in the auditor’s office due to any one of the following 

    situations:

    • The auditor’s death –Directors will have to fill such a vacancy;

    • The auditor is incapacitated, e.g. loss of limbs -Directors can fill such 

    a vacancy;

    • A doctor has to give a formal certificate to this effect;

    • The auditor’s resignation 

    This can only be filled by shareholders through an Extra Ordinary General Meeting. 
    Explanation why the auditor is resigning is required, if due to disagreement, he/

    she can be reinstated by the shareholders and directors may be removed.

    c) Procedures for appointing an auditor

    Advertising 

    To enhance comply with the company’s Act and other requirements in place, 
    recruiting company should advertise for a vacancy of its offer of external 
    auditor. The advertisement should be done through official different medium of 

    communication such as company website, radios, news papers…etc.

    Use of logos 

    A firm /auditor must have a practicing/auditing certificate to qualify him/her 
    as registered auditor. The firm/ auditor’s documentations should be designed 

    logos representing him/her.

    Tendering 

    Client companies can change auditors. In this regard, a firm/auditor may be 
    approached to submit a tender for an audit. When approached to tender, an 
    audit firm must consider whether they want to do the work and they must have 
    regard for the ethical considerations, such as independence and professional 
    competence. In addition, they need to consider fees and some other practical 

    issues. 

    Fees 

    A member may quote whatever fee is deemed to be appropriate. The fact that 
    one may quote a lower fee than another auditor is not in itself unethical. However, 
    it does raise the risk of a threat to the principles of professional competence 
    and due care in that the fee quoted may be so low as to make it appear to be 

    difficult to perform the audit to the expected standards.

    Therefore, it is wise to set out the basis of the calculation of the fee. The following 
    factors should be considered when setting out a fee: 
    • What does the job involve? 
    • Is it audit and/or tax or is there some other complicated work involved? 
    • Which staff will need to be involved, numbers and quality? How long 
    will they be required? Is the nature of the business complex?

    • What charge out rates are to be applied?

    The practice of undercutting fees has been called lowballing and can be seen 
    in action generally where large audits are concerned. We have seen that having 
    a lower fee may seem to have a negative impact on an auditor’s perceived 

    independence but there are other factors to be considered: 

    • Auditors operate in a market like any other business where supply and 
    demand very often dictate the price;
    • Fees may be lower due to reasons such as better internal audit functions; 
    • Simplified group structures within client companies;
    • Auditing firms have increased productivity, whether through the use of 
    more sophisticated IT or experience gained through understanding the 

    client’s business. 

    Other considerations

    It is important that the auditor also considers a number of other issues: 
    • Can the audit assignment be fitted in to the audit firms current work 
    plan? 
    • Is their suitable audit staff available?
    • Will any specialist skills be required? 
    • What are the future plans for the company? 
    • Is there any training required for current staff and what will be the cost 
    of that training? 
    • What work does the client actually want? Audit and/or tax?
    • Is this the first time the company has been audited. 
    • Whether the client is seeking to change its auditors and if so what is 

    the reason behind it?

    Submitting an audit proposal 

    There is no set format. In fact, the client may dictate the format. Whatever the 
    form of the tender submission, the following matters should be included in the 
    proposal: 
    • The audit fee and the basis for its calculation ;
    • An assessment of the needs of the client ;
    • How the firm/auditor intends to meet the needs of the client ;
    • Any assumptions made to support the proposal; 
    • The audit approach to be adopted by the firm ;
    • A brief outline of the firm;
    • Details and background of the key audit staff on the proposed 

    engagement.

    Evaluating the tender 

    Different clients will have different ways of evaluating a tender. Some of the 
    more general points are listed below. It is important to bear these in mind when 

    preparing a proposal: 

    • Fee: This can be the most vital point. Some clients go straight to this 

    figure and do not even bother with the rest of the document. 

    • Professionalism: Auditors are expected to be professional. 
    Remember, the audit team and the tender documents are often the first 

    factors on which a prospective client forms an impression. 

    • Proposed audit approach: Clients are always looking for the least 
    amount of disruption to their already busy schedules, so the shortest 

    number of days on-site may be the key to winning a tender.

    • Personal service: Fostering relationships is vital. Client should always 

    feel he/she is getting value for money. 

    Acceptance of the firm/auditor 

    You have submitted a tender. You have been successful and the client has 
    offered you the tender. Before you accept and commence the audit, you should 
    carry out a number of procedures in order to comply with the provisions in 

    ISQC1.

    3.1.2 Acceptance procedures

    a) Conditions before accepting the assignment 

    • Make sure there are no ethical issues that would prevent you from 

    accepting this assignment. 

    • Make sure that you are professionally qualified to carry out the work 
    requested and that your firm has the resources available in terms of 

    staff, expertise and time. 

    • Check out references for the directors of the client firm especially if 

    they are unknown to the audit firm. 

    • Consult previous auditors as a matter of professional courtesy and 
    establish from them whether there is anything that you ought to know 

    about this vacancy. 

    b) Conditions after accepting the assignment 

    • Make sure the resignation of the previous auditors has been properly 
    carried out and that the new appointment is valid. A resolution by 

    shareholders of the company is required. 

    • Submit a letter of engagement to the directors of the client company 
    and ensure it is accepted and signed before any audit work is carried 

    out.

    ISQC1 states that a firm should establish policies and procedures for the 
    acceptance and continuance of client relationships and specific engagements, 
    designed to provide it with reasonable assurance that it will only undertake or 

    continue relationships and engagements where it: 

    • Has considered the integrity of the client and does not have any 

    information that would lead it to conclude that the client lacks integrity, 

    • Is competent to perform the engagement and has the capabilities, time 

    and resources to do so and 

    • Can comply with the ethical requirements.

    The firm should obtain such information as it considers necessary in the 
    circumstances before accepting an engagement with a new client, when 
    deciding whether to continue an existing engagement and when considering 
    acceptance of a new engagement with an existing client. Where issues have
    been identified and the firm decides to accept or continue the relationship or a 
    specific engagement, it should document how the issues were resolved. 

    In short, a firm must: 

    • Obtain relevant information; 
    • Identify relevant issues ;

    • Resolve issues that are identified, and document that resolution. 

    c) Integrity of client 

    Matters to be considered: 

    • Identity and business reputation of owners, key management and those 

    charged with governance;

    • Nature of the client’s operations and its business practices;

    • Attitude of the owners, key management and those charged with 
    governance towards matters such as aggressive interpretation of 

    accounting standards and the internal control environment;

    • Client’s attitude to fees;

    • Indications of inappropriate limitation in the scope of work;

    • Indications that client may be involved in money laundering or other 

    criminal activities. 

    • Reasons given for non-reappointment of previous auditors. 

    Information can be gathered through communications with previous auditors 
    or other professionals who may have provided services and through other 
    third parties such as bankers, legal counsel and industry peers. There is also a 

    multitude of relevant databases where one can do some background research. 

    d) Competence of the audit firm 

    Matters to be considered: 

    • Does the firm have sufficient knowledge of the relevant industry and the 

    relevant regulatory environment? 

    • Are there sufficient personnel within the firm having the necessary 
    capabilities and competence and are experts/specialists available 

    when needed? 

    • Are competent individuals available to perform engagement quality 

    control reviews? 

    • Will the firm be able to complete the engagement within the reporting 

    deadline? 

    Where a potential conflict of interest is identified, the firm should consider 

    whether it is appropriate to accept the engagement. 

    • Need to consider any significant matters that may have arisen during 

    the current or previous engagements of whatever description. 

    • SQC1 goes on to state that where the firm obtains information that 
    would have caused it to decline an engagement if that information had 
    been available earlier, policies and procedures (on the continuance 
    of the engagement and the client relationship) should include 
    consideration of: The professional and legal responsibilities that apply 
    to the circumstances, including whether there is a requirement for the 
    firm to report to the person or persons who made the appointment or, 

    in some cases,to regulatory authorities, and 

    • The possibility of withdrawing from the engagement or from both the 

    engagement and the client relationship. 

    Some suggested procedures would include discussing with appropriate client 
    management the appropriate action that the firm might make based on the relevant 
    facts and circumstances. In addition, the firm should document the significant 

    issues, consultations, conclusions and the basis for those conclusions. 

    3.1.3. Agreeing the terms of engagement 

    a) Terms of engagement 

    Once an engagement has been accepted, it is important to agree the terms. 
    It is essential that both parties fully understand what the agreed services are. 
    Any misunderstanding could lead to a breakdown in the relationship and could 

    result in legal action. 

    ISA 210-terms of audit engagements establishes and provides guidance on: 
    • Agreeing the terms of an engagement with the client and;
    • The auditor’s response to a request by a client to change those terms 

    to one that provides a lower level of assurance. 

    It states that the auditor and the client should agree on the terms of the 
    engagement. The agreed terms would need to be recorded in an audit 
    engagement letter or other suitable form of contract. The terms should be 

    recorded in writing. 

    The objective and scope of an audit and the auditor’s obligations may be 
    established by law, but the auditor may still find that an audit engagement 
    letter will be informative for their clients. The main points to be clarified in the 

    engagement letter would include: 

    • Confirmation of the auditor’s acceptance of the appointment;
    • The auditor is responsible for reporting on the accounts to the 

    shareholders;

    • The directors of the company have a statutory duty to maintain the 
    books of the company and are responsible for the preparation of the 
    financial statements;

    • The directors are responsible for the prevention and detection of fraud;

    • The fact that because of the test nature and other inherent limitations of 
    an audit, there is the unavoidable risk that some material misstatements 
    may remain undiscovered;

    • The scope of the audit including reference to appropriate legislation 
    and standards;

    • There should be unrestricted access to whatever books and records 

    the auditor needs in the performance of his duties. 

    Other points to be included: 

    • Arrangements regarding the planning and performance of the audit; 

    • The expectation of receiving from management written confirmation 
    regarding; 

    • Representations made in connection with the audit;

    • Request for the client to confirm in writing the terms of the letter;

    • The fee to be charged and the credit terms;

    • The form of any reports or other communication of results of the 
    engagement;

    • On recurring audits, the auditor should consider whether circumstances 
    require the terms of the engagement to be revised and whether there 
    is a need to remind the client of the existing terms of the engagement;

    • An auditor who, before the completion of the engagement, is requested 
    to change the engagement to one, which provides a lower level of 
    assurance, should consider the appropriateness of doing so. Where 

    the terms are changed, both parties should agree on the new terms;

    Note, the auditor should not agree to a change of engagement where there is 

    no reasonable justification for doing so. 

    b) Books and documents 

    ISQC1 states that the firm should establish policies and procedures for the 
    retention of engagement documentation for a period sufficient to meet the 

    needs of the firm or as required by law or regulation. 

    Unless otherwise specified by law or regulation, engagement documentation is 
    the property of the audit firm. The firm may, at its discretion, make portions of, 
    or extracts from, engagement documentation available to clients, provided such 
    disclosure does not undermine the validity of the work performed, or, in the case 

    of assurance engagements, the independence of the firm or its personnel. 

    Audit working papers belong to the auditor and cannot be taken over by another 
    set of auditors taking over the audit assignment. In practice, the previous auditors 
    provide the new auditors with enough carry over information such as the lead 

    schedules behind the makeup of the financial statements. 

    The auditor owes a duty of confidentiality to the client, so documents about the 

    client should not be given to third parties unless: 

    • The client agrees to the disclosure ;

    • The disclosure is required by law or court order;

    • Disclosure is otherwise in accordance with the rules of professional 

    conduct. 

    The previous auditors should ensure that all the books and documents belonging 
    to the client are returned promptly. In some cases, the previous auditors are 
    allowed to keep the books where they are exercising a lien. This is a supplier’s 
    right to retain possession of a customer’s property until the customer pays up 

    what is owed. 

    Strict conditions that can be enforced: 

    • The books and documents must actually belong to the client;

    • The auditor must have got them by proper means;

    • The actual work must have been done and a fee note raised and given 

    to the client; 

    • The fee must relate to the held documents. Financial statements and tax 
    compliance work belong to the client, even if the auditor/ accountant 

    has prepared them. 

    Change in auditors
    Companies do actually change their auditors. It is important that auditors 
    understand why a company may seek to change their auditor in a bid to prevent 
    this from happening to them. 

    The following sets out the reasons why this can happen: 

    Audit fee 

    • Many companies perceive that an audit has very little value. In turn this 

    makes the audit fee a very sensitive issue;

    • The fee may be perceived to be too high. Remember, a lot of audit work 
    may be done off site and the hours charged at the firms office will belong 
    to the managers and partners, so the client might not understand why 

    the fee is so high;

    • It may not be seen as good value for money. For example, a client may 
    have important tax work carried out for him. The fee charged may be 
    way lower than that of the audit, probably due to the time involved, yet 
    the client might see the value of this work far greater than that of the 
    audit;

    • The current fee might not appear to be very competitive. Other similar 
    firms may be getting audit services for less;

    • The client may put the audit out to tender to see whether the price is 
    actually negotiable, even though he may have no intention of changing 
    his auditor;

    • The audit fee may breach the recommended level of overall practice 
    fees as laid down by ethics and auditor may have no other alternative 

    but to resign. 

    Audit firm may not seek re-election 
    • The auditor may choose not to stand for ethical reasons, such as he/
    she doubts the integrity of management.

    • Conflicts of interest may have arisen such as competition between 
    clients or maybe he/she has been offered some lucrative work by the 
    client and he/she may have to resign the auditor.

    • The auditor may have a disagreement with the client such as in the 
    formulation of accounting policies.

    • The auditor may simply not want to reduce his/her audit fee. 

    Problems related to the size of the company 
    • The company may be growing at such a rate that the audit firm no 
    longer has the necessary resources, staff, time, and expertise, to allow 
    it to retain the audit. 

    • It is important to apply the principle of professional competence and 
    due care. 

    • Alternatively, the company may be constricting and it now finds that it 
    can avail of the 

    • Audit exemption specified under relevant jurisdiction regulations. 

    • There is very little that the auditor can do in each of these cases. 

    • With small companies, the audit is almost a personal service. If 
    the relationship breaks down, there may be nowhere to go except 
    discontinue the relationship. Within a big firm with big audit clients, you 

    could simply change the engagement partner. 

    • As part of the safeguards against the threats to independence, audit 
    rotation was put forward. This is where the audit moves to another firm 
    although in the previous point, rotating to another engagement partner 

    within the same firm will mean the same thing.

    Application activity 3.1

    1. Go to the library and search in audit books, look on matters the 

    auditor considers related to the integrity of the client.

    Skills lab activity 3

    Through the search in audit books from the library, make a summary to 
    be presented in the class on the procedures for recruiting/appointing an 

    auditor.

    End unit 3 assessment

    1. Highlight the procedures for appointing of an auditor?

    2. Indicate the main terms of engagement as per ISA 210? 

    3. Provide the conditions for setting the remuneration of the auditor?

    4. What are conditions for accepting the audit assignments?

    5. What are conditions of engagement client must respect

    6. Write down the main elements of engagement letter?

  • UNIT 4: AUDITOR’S REQUIREMENTS

    Key unit competence: To be able to describe the auditor’s requirements

    Introductory activity

    Observe the above image then answer the following questions:

    1. Why is it necessary for an auditor to have rights during the audit 
    work?

    2. What can happen to the auditor who does not perform well some of 
    his/ her duties?

    3. How do we call the specific characteristics that can allow someone 
    to be an auditor?

    4. How do we call the specific characteristics that can’t allow someone 

    to be an auditor?

    4.1. Qualifications and disqualifications of an auditor

    Learning activity 4.1

    Observe the image above then answer the following questions:

    1. What do you think those people are discussing about ?

    2. Is it possible that the Board of Directors can select the manager’s 
    wife as an auditor of the company? If Yes or No, explain.

    3. What can happen if the Board of Directors decide to select the 
    manager’s wife?

    4. Are there any sanctions to the auditor who accepts the appointment 

    after knowing that he/she is not eligible?

    4.1.1. Qualifications of an auditor

    A person to be appointed as an auditor of a company is required to hold some 
    specific qualifications. These qualifications are given in company’s Act of the 

    country.

    This section answers the following question: “Who can be an auditor”? The 

    following are his/her qualifications and requirements:

    • To be a member of one or more of the professional bodies which is 
    specified in the first column of the accountants for example ICPAR, 

    ICPAK, ICPAU and ACCA;

    • Anyone authorized by the registrar of companies to do so (Should be a 

    holder of a degree in accounting and have been in auditing environment);

    • Must have passed a final exam of CPA, ACCA, CA;

    • Must ensure that he/she has adherence to professional ethics;

    • Must have a post-graduate experience in an auditing environment of 

    not less than two years;

    • Must be holding a practicing certificate given by the Professional 

    Accountancy body like ICPAR, ICPAU, ACCA, and ICPAK.

    4.1.2. Disqualifications of an auditor
    This refers to the question of who cannot be an auditor. The following are parties 
    who cannot be auditors:

    • An officer or servant of the company-which means that an employee of 
    a company cannot perform his/her own audit;

    • A person who is partner or who is in employment of an officer of the 
    company being audited;

    • A person who was the director, employee or any other officer of the 
    company to be audited, during three preceding years;

    • The spouse or any other relative of a director of the company;

    • Persons who are disqualified as auditors of the company’s subsidiary 
    or holding company or a subsidiary of a company’s holding company;

    • Body corporate -These are in form of limited companies. These cannot 
    be auditors because of the following reasons;

    – These have limited liabilities status and if allowed to be auditors, 
    this will expose the client to limited liabilities, which may ultimately 
    lead to heavy losses.

    – Limited companies cannot express personal opinion, yet the 
    Companies Act requires that the audit report contain an opinion 
    paragraph (personal opinion) which millions of shareholders-owners 
    of a limited company cannot express.

    • A person who is indebted to the company for quite large sum of money 
    or has given guarantee or security in connection with indebtness to any 

    party who received or got such indebt ness;

    • Directors, shareholders, managing agents, secretaries and treasures of 

    the company;

    • A person who is holding more than 5% of the company’s authorized 

    share capital.

    Application activity 4.1

    SCENARIO

    KBC is a limited company that sells rice and sugar, MUGABO is the General 
    Manager engaged by shareholders. KBC Ltd has shareholders in the whole 
    country, and some of them don’t have enough time to look at the performance 
    of their business. After Covid-19 pandemic period some shareholders didn’t 
    receive their dividends due to the loss reported by the managment and 
    was disclosed in the financial stements of the company for the period for 
    the perioded ended 31December 2020. They had doubt that the financial 
    statements were manipulated by the management. They decided to appoint 
    an external auditor and requested MUGABO to look for a qualified auditor 
    who can help them to know what had happened. MUGABO appointed his 
    nephew TOTO as an external auditor. He perfomed the audit of the company 
    and confirmed the same loss.

    Required:

    Specify the basis for disqualifications of an auditor.

    4.2. Rights and removal of an auditor

    Learning activity 4.2


    Observe the above image then answer the following questions:

    1. Is it necessary that an auditor must have specific rights? If Yes or No, 
    explain.

    2. What can happen if the client refuses to give to the auditor some of 
    his/her rights?

    3. What can happen to an auditor who does’nt perform well some of 

    his/her duties?

    4.2.1. Rights and duties of an auditor

    a) Rights of auditors

    The auditors must have certain rights to enable them to carry out their duties 
    effectively. The principal rights auditors should have, excepting those dealing 

    with resignation or removal, are set out below:

    • Right to access to the books of accounts of the organization at all 

    times

    – The auditor has a right to access to those books, which may be 

    kept in the business and elsewhere.

    – Right to receive returns submitted by the branch office to head 

    office.

    “Books” will include books of accounts, statutory books (Memorandum, and 
    articles), statistical books, costing books, minute books and all vouchers of 

    whatever nature.

    • Right to request and receive 

    The auditor has the right to request and receive from officers of the company 
    such information and explanations as they consider as necessary for the 

    performance of their duties.

    • Right to receive a notice of 21 days to attend the Annual General 

    Meeting 

    The auditor has the right to receive a notice of 21 days to attend the Annual 
    General Meeting or Extra-Ordinary Annual General Meeting regardless of 
    whether accounts are discussed at the same annual general meeting, but can 
    only speak at this annual general meeting if the accounts are subjected to 

    discussion.

    • Rights to make a statement at the Annual General Meeting 

    The statement must be to do with accounts under discussion, and is bound 
    to answer only those questions concerning the accounts if there pass through 
    the Chairman of the annual general meeting. He/she has the right to correct 
    wrong statements given by directors to do with accounts. He/she cannot cover 
    omissions in the report through his/her statements at the annual general meeting 

    in exercising this right.

    • Right to be indemnified

    He/she can be indemnified out of the company’s assets against any liabilities 
    incurred by him/her defending his/her name if this was tarnished by the company 

    in any manner.

    • Right to visit the company’s branches

    The statutory auditor has a right to visit the company’s branches provided if 
    these have no qualified auditor. During this visit, he/she has a right to over all 
    books of accounts and vouchers of the same branch and has a right to access 

    to returns (the returns the same branch has submitted to the head office).

    • Rights to take legal and technical advice

    The auditor has a right to obtain advice from such experts as engineers, lawyers, 
    solicitors and valuers. However, this advice must be interpreted from the 
    auditor’s own understanding of the prevailing circumstances in order to arrive 

    at an opinion.

    • Right to Remuneration 

    The auditor has the right to receive his/her fees provided after the completion 

    of the audit work.

    His/her work or if dismissed unlawfully during the course of the year, he/she has 

    a right to the full year’s fees.

    • Remuneration of an auditor

    If appointed by directors, they will fix his/her fees and expenses.

    – If appointed by the Registrar, he/she fixes his/her remuneration in liaison 
    with Directors.

    – If appointed by shareholders, the same fix his/her fees or can delegate 
    the powers to the Directors.

    – A retiring auditor who is automatically re-appointed at the AGM, 
    unless a resolution is passes re-fixing his/her fees is entitled the same 
    remuneration as in the previous periods.

    – If the auditor is required to do any other work other than his/her normal 
    work, e.g. to prepare tax return, he/she is entitled to extra remuneration 
    for that.

    – If an auditor is removed in the way prejudicial to his/her interest, e.g. 
    unlawfully, he/she is entitled to a full year fees.

    – Any sum paid in respect of expenses to the auditor is part of his/her 

    remuneration and should be reflected in the P&L Account. 

    • Right to sign the Auditor Report

    An auditor or one partner in the firm of the auditors has a right to sign an audit 
    report or authenticate any documents which the companies Act requires the 
    auditor to sign e.g. a prospectus, engagement letter; interim report for payment 
    of interim dividends, bankers reference to do with the company’s financial 

    strength, a report of the company’s affairs when the management are resigning.

    • Rights in relation to written resolutions

    A right to receive a copy of any written resolution proposed.

    • Right to be heard at any general meeting
    On any part of the business of that meeting, that concerns them as auditors.

    If auditors have not received all the information and explanations they consider 
    necessary, they should state this fact in their audit report.

    The companies Act make it an offence for a company’s officer knowingly or 
    recklessly to make a statement in any form to an auditor which:

    – Conveys or purports to convey any information or explanation required 
    by the auditor; and

    – Is misleading, false or deceptive in a material particular.

    b) Duties of an auditor

    The auditors are required to report on every balance sheet (statement of financial 
    position) and profit and loss account (statement of comprehensive income) laid 

    before the company in general meeting.

    The auditor must consider the following:
    • Compliance with legislation;
    • Truth and fairness of accounts;
    • Adequate accounting record and returns;
    • Agreement of account to records;
    • Consistency of other information;

    • Director’s benefits.

    4.2.2. Resignation and removal of an auditor





    Companies Act places a requirement on auditors to notify the appropriate audit 

    authority in certain circumstances on leaving office.

    If it is a major audit (quoted company or major public interest company), the 

    notification must be given whenever an auditor ceases to hold office.

    If it is not a major audit, the notification is only required if the auditor is leaving 

    before the end of his term of office.

    The appropriate audit authority is:

    • Secretary of state or delegated body (such as the Rwanda professional 

    oversight board) if a major audit;

    • Recognised supervisory body (e.g. ICPAR) for other audits.
    Notice must inform the appropriate audit authority that the auditor has ceased 
    to hold office and be accompanied by a statement of circumstances or no 

    circumstances.

    Application activity 4.2

    1. A company’s auditor can be removed before expiry of his/her term by 
    one of the following:

    A. Shareholders
    B. Board of directors
    C. Central government
    D. State government
    E. A and B are correct answers
    F. All of the above

    2. Remuneration of a company’s auditor is fixed by one of the following :
    A. Shareholders
    B. Board of directors
    C. Central government
    D. Appointing authority

    F. All of the above

    3. Which among the following is not a duty of the auditor:
    A. Checking errors and frauds
    B. Correcting errors and frauds
    C. Vouching with original documents
    D. Preparing final accounts

    E. No one of the above.

    4. The duties of internal auditor are defined /given by :
    A. Companies Act
    B. Company low board
    C. Management
    D. A and C are correct answers

    E. All of the above

    Skills lab activity 4

    With the help of a teacher, students should be required to identify the 

    rights of an auditor and their applications.

    End unit 4 assessment

    1. While conducting the audit of a limited liability company for the year ended 31st March 2021, the auditor wanted to refer to the minute books. The management refused to provide the minute books to the auditor.

    Required:

    Specify one of the rights of the auditor.

    2. Mugabo Ltd was formed on 1st August 2021 to manufacture 
    computers, the directors are unsure to their responsibilities and 
    the nature of their relationship with the external auditors. The audit 
    partner has asked you to visit the client and explain to the directors 
    more about the fundamental aspect of the accountability of the 

    company and their relationship with the auditors.

    Required:

    What the auditors’ rights under the companies Act?

  • UNIT 5: AUDITOR’S RESPONSIBILITY

    Key unit competence: To be able to exhibit auditor’s responsibilities

     Introductory activity


    A case study

    KARAMBIZI is an auditor who was appointed in PHILMAX Ltd Company. 
    The company wanted to set terms of working framework for a new auditor. 
    The management of the company wishes to know how to define general 

    duties and legal professional responsibilities of an auditor. 

    Question 

    1. Highlight three duties of an auditor 
    2. What do you think are reasons that may lead to auditor’s liabilities?

    3. What do you think can be auditor’s liabilities in relation to third parties?

    5.1. Legal responsibilities and duties of an auditor

    Learning activity 5.1

    An auditor has been recruited in a company to help it secure operations, 
    especially related to financial and procedural management operations. 

    1. What do you think are main duties of an auditor in a company?

    2. What do you think are reasons which can make an auditor liable to 

    the company?

    5.1.1. Legal responsibilities of an auditor 

    Under the company’sAact, an auditor may be liable to the following parties:
    • The client to whom he/she owes the primary duty of care;
    • Third parties who have not privacy of contract but have relied on his/her 

    opinion to arrive at a decision.

    In general, the auditor’s liability may arise due to: 
    – Breach of contract;
    – His/her failure to discover material misstatement due to fraud;
    – His/her failure to discover material misstatement due to error;

    – Carelessness or dishonesty.

    The liability of an auditor may arise in the following capacities: 
    • In his/her capacity as an auditor in private audits;

    • In his/her capacity as an auditor as a statutory audit.

    a) Liabilities of an Auditor under Private Audits
    In such audits, the auditor’s liabilities depend on the agreement between the 
    auditor and the client. It is for that reason that an auditor insists that the agreement 

    be in writing clearly, defining his/her duties, powers and responsibilities. 

    The auditor cannot be held liable for losses incurred as aresult of reliance on 
    parts of the accounts not covered in the auditing agreement. The auditor’s 
    liabilities are limited to the areas specified in the scope. In order to minimize his/
    her liabilities, the auditor must: 
    • Be diligent and honest to reduce negligence;
    • Should never sign a balance sheet he/she doesn’t believe to be correct;
    • Use disclaimers on his/her report to minimize liabilities resulting from 

    his/her report.

    In assessing the auditor’s liabilities under private audit, the following should be 
    assessed:
    • That he/she was actually negligent with reference to the agreement;
    • That out of negligence, the client suffered loss;
    • That a person who has explicit contractual obligation with him/her has 

    suffered the loss defined by the contract.

    Note: Under private audits, the auditor must include a caveat and disclaimer to 
    his/her report to the effect that it should not be used by any party to make any 
    decision as the client may have limited his/her scope in the audit and that was 
    liable to obtain all information which he/she considered as necessary to make 

    an opinion

    b) Liabilities of an Auditor under Statutory Audits (Company’s Act)
    Under the Company’s Act, auditors’ liabilities cannot be limited by any 
    agreement. The Act defines his/her duties, powers and responsibilities. Under 
    the Company’s Act, the auditors’ liabilities can arise out of: 
    • Civil law

    • Criminal law 

    Civil liability of the Auditor: These liabilities arise out of negligence. Under civil 
    law, the auditor has the duty to care about the following:
    • The client (in contract)

    • Third parties whether he/she has contractual obligations or not.

    The client (in contract)

    The auditor due to this must exercise care and diligence in the performance of 
    his/her duties. Even though negligence is proved against the auditor, there is no 
    liability for negligence unless it can also be proved that the client also incurred 
    loss out that negligence i.e. in case of third party liability. In order to sue the 
    auditor successfully, the client must prove:
    • The auditor was negligent;
    • That out of the auditor’s negligence, a client suffered a financial loss;

    • That the financial loss is qualified and material.

    Auditors’ liabilities to Third parties

    He/she can be liable to the third parties under the following conditions:
    • Where the party has suffered a financial loss as a result or by relying on 
    the report made by the auditor;
    • Where it can be proved that the auditor did not use his/her professional 
    skills and judgement during the audits;
    • Where the auditor made report aware that such a report should be 
    used by the third parties to make investment decisions;
    • Where the auditor didn’t attach the disclaimer on his/her report that 
    such a report was not included to be relied upon by third parties;
    • Where it can be proved that actually the third parties relied on the 
    report;
    • Where the parties can prove that no external factors whatever influenced 
    their decision but just the audit report;

    • Where the third parties were not warned not to rely on the audit report.

    Auditors’ liabilities to Third parties

    He/she can be liable to the third parties under the following conditions:
    • Where the party has suffered a financial loss as a result or by relying on 
    the report made by the auditor;
    • Where it can be proved that the auditor did not use his/her professional 
    skills and judgement during the audits;
    • Where the auditor made report aware that such a report should be 
    used by the third parties to make investment decisions;
    • Where the auditor didn’t attach the disclaimer on his/her report that 
    such a report was not included to be relied upon by third parties;
    • Where it can be proved that actually the third parties relied on the 
    report;
    • Where the parties can prove that no external factors whatever influenced 
    their decision but just the audit report;

    • Where the third parties were not warned not to rely on the audit report.

    5.1.2. Duties of an auditor 

    Duty to make a report to shareholders or owners and duty to state 

    the following in his/her report

    – Whether in his/her opinion, he/she has received all information and 

    explanations necessary for his/her opinion.

    – Whether in his/her opinion, the trading, profit and loss account exhibits 

    the true and fair view of the profits or loss of the period.

    Whether in his/her opinion, the balance sheet is properly drawn and 

    exhibits a true and fair view of the company’s financial position.

    – Whether proper books of accounts have been kept properly by the 
    company and returns received from company’s branches not visited by 

    him/her.

    • Duty to call for information 

    – Whether loans have been properly secured except lands and building.

    – Whether securities have been sold below the purchase price.

    – Whether personal expenses have been debited to the profit and loss 
    account and if so to debit the personal accounts of the employees 

    concerned.

    • Duty to assist in investigations

    The auditor assists in carrying out investigation and provides support in 
    investigation to the investigators but only if financial matters are provided on 

    his/her working purpose.

    • Auditor’s responsibilities in relation to fraud

    With the prospectus, an auditor has to be extra careful in approving any kind of 
    information because if there is a misleading information, which can cause the 
    loss to the company and third parties, they can hold him/her liable for damages. 

    The auditor can relieve himself/herself of such liabilities under the following:

    – If he/she withdraws his/her consent in writing before such prospectus 

    has been registered and circulated for the public use;

    – That after registration of prospectus and before the allotment of 
    shares, he/she is knowing the misleading statement in the prospectus, 

    withdrawn his/her consent and gives a public notice to this effect;

    – That it was important to give such statement and that he/she has 
    reasonable grounds, which he/she can substantiate e.g. letters of 

    representation for proving that the statement was true.

    In general, the auditor’s liabilities to the third parties and client give arise to 

    claims against the auditor on such grounds as:

    – Failure to detect embezzlement by employees;

    – Negligence on the part of the auditor or his/her staff;

    – Improper accounts procedures, which may lead to fraud;

    – Errors in the financial statement he/she is reporting on.
    In order to minimize his/her liabilities to the third parties and the client while 

    compiling his/her report, an auditor should:

    – Enter into agreement with his/her client that another person should not 

    use his/her report;

    – Include a disclaimer in his/her report to the effect that any party to make 

    any decision not included.

    • Criminal liabilities of an Auditor

    Arise when an auditor commits an act, which constitutes a crime. This includes 
    wrongful performance of a statutory duty or breach of statutory obligation. The 
    liquidator or receiver can sue an auditor as an officer of a company especially 
    during receivership or liquidation during the course of winding up a company if 
    he/she made wrong statement to them. In order to hold the auditor liable, the 

    following should be proved:

    – That the auditor made a statement that proved false in material facts;

    – That the auditor wilfully made a statement, which was actually false 

    knowing it;

    – That the statement made was in any report, prospectus, balance sheet, 
    certificate or any other document, which under the company Act, the 

    auditor is required to authenticate;

    – That the auditor made a statement as a statutory officer of the company
    In general, an auditor can be held liable under the companies Act for criminal 

    acts under the following circumstances:

    – If he/she fails to disclose material facts in the financial statements, 
    knowing that they are material and that such non-disclosure will make 

    the statement misleading;

    – If the auditor does not use reasonable care and skills during the course 

    of his/her audit;

    – If the auditor wilfully contravenes any provisions of the act which under 
    normal circumstances is supposed to follow during the course of his/her 

    auditing e.g. If he/she fails to request returns from the branches;

    – If he/she destroys secrets ,mutilates vouchers, documents books of 

    accounts, certificates with the aim to destroy someone’s opinion;

    – If he/she falsifies or is privy to falsification of any document, prospectus, 
    books of accounts or vouchers of the company with to deceive or 

    defraud;

    – If he/she knows that, a material has been omitted in the report or 

    financial statements and does not reveal such fact. 

    Note: The main auditor cannot hold the liabilities of branch auditors.

    – To certify statutory report in order to assure the owners about the 
    number of shares allocated to promoters and whether such issue was 

    conducted properly.

    – Duty to certify the profit and loss account in the prospectus.

    – Duty to certify the profit and loss accounts when managing agents 

    resign, balance sheet and funds flow statement.

     Other duties

    – Whether loans are properly secured and not at terms prejudicial to the 

    interest of the shareholders.

    – Whether transactions conducted by the company are not prejudicial to 

    the interest of the shareholders.

    – Whether securities have been sold at the price, lower than cost.

    Application activity 5.1

    1. Identify how an auditor can minimise his/her liabilities in regards to 

    his/her audit responsibilities.

    2. Develop a guideline showing how the auditor’s liabilities under private 

    audit should be assessed.

    5.2. Errors and frauds

    Learning activity 5.2

    A company found out some errors in the records of financial documents and 
    wanted to resort to auditor’s services to help the organisation in tracking 

    errors.

    1. What types of errors the auditor may discover in the company’s 

    financial records?

    2. What are the procedures the auditor will apply to discover errors and 

    frauds?

    5.2.1. Types of errors and frauds

    a) Errors

    Definition of error: an error is an unintentional misstatement in the financial 

    statements, including the omission of an amount or a disclosure.

    Errors detected/ disclosed by the Trial Balance

    The purpose of the T/B is to check the accuracy and validity of the books. It 

    specifically detects the following errors:

    Single entry i.e. failing to complete double entry. e.g. cash sales where 

    sales A/C is credited but cash A/C not posted.

    • Overcast (over debit or over credit of accounts) or undercast (under 

    credit or under debit of accounts).

    • Two credits or two debits on the same side without the corresponding 

    entries.

    • Transfiguration or transposition i.e. changing figures by mistakes 

    when posting e.g FRW 58, 000 as FRW 85,000.

    Summation or addition error e.g. if the total is FRW 40,000 and you 

    total FRW 50, 000.

    Errors not detected/disclosed by the trial balance

    • Errors of original entry

    These errors originate from source documents e.g. invoices, vouchers, receipts, 
    bank-paying sleep etc. These errors are carried throughout the accounting 
    process i.e. from the journal to the ledger to the trial balance and eventually to 

    the final accounts. 

    For example: goods were sold on credit for FRW 95,000, but was recorded in 

    the sales invoice as FRW 59, 000 and the same figure is journalized.

    • Errors of Omission
    These are errors of omitting transactions from all books of accounts. If a 
    transaction occurs and is not recorded anywhere, the T/B cannot detect such 
    an error. If for example goods were bought for cash of FRW 65,000 and entries 

    were not made in the cash and purchases account. 

    • Errors of commission
    These errors are committed when an entry is made on wrong person’s account 
    or account title but the double entry properly effected. For instance, goods 
    worth FRW 400,000 were sold to Jane on credit but Joan’s account was 
    debited instead of the correct account of Jane. The sales account being properly 

    credited.

    • Errors of Principle
    These are making entries on wrong classes or types of accounts. For instance, 
    if a capital expenditure for say purchase of a motor vehicle is made, and it is 
    debited to the purchases account instead of the correct motor vehicle account. 
    Or if an old fixed asset was disposed off and the proceeds from this disposal or 

    sale is entered in the sales account

    • Compensating errors 
    These errors cancel out in the trial balance. They are cancelled because the 
    error on one side of the T/B is compensated by a similar error on the other side 
    of the trial balance. For instance, if an item that appears on the debit side of the 

    T/B 

    E.g, Purchases is overcast by FRW280,000 and by coincidence another account 
    that appear on the credit side of the trial balance says the sales account was 
    also overcast by FRW 280,000. These errors will neutralize each other and the 

    TB will agree as if no error was made. 

    • Errors of complete reversal entries
    These are committed when entries are made on wrong sides of the accounts. For 
    instance, if wages totaling FRW 3,500,000 were paid cash and the bookkeeper 

    debits the cash account and credits the wages account.

    Material error is an error, which has a big effect on the accounting transactions 
    and has effect on the financial statements of a business. To help you decide 
    whether a particular item/transaction is material, you may consider looking at 

    the following:

    – The effect on an individual financial statement as well as the whole set of 
    financial statements. 

    – The percentage of the possible error: for profit and loss account items, 
    we usually calculate the percentage with reference to the profit before 
    interest and tax figure. For Balance Sheet items, we usually calculate the 
    percentage with reference to the total share capital and reserves or the 
    total fixed assets. As a rule, an error less than 5% would be regarded as 
    immaterial.

    – Recurring or non-recurring error: recurring errors must be investigated no 
    matter how small the percentage is. Recurring errors imply that there is a 
    problem with the accounting system, which should be followed up.

    – Statutory requirement: In general, if an error does not seriously affect the 
    accounts users’ decisions, we do not worry about this minor mistake. 
    However, in the context of law, sometimes there is no room for the 
    materiality concept. For example, if the Companies Act requires that a 
    particular item must be disclosed in financial statements, it must be done 

    even if the amount is only Frw1.

    Immaterial error 

    Immaterial error is when an item is immaterial, we do not need to worry about it 

    for both qualitative and quantitative aspects. 

    Trial balance checking

    • Check casts of the trial balance, lists of debtors and creditors.
    • Establish the mount of difference.
    • Check balances from personal and impersonal ledger into the trial 
    balance.
    • While checking the balances, care must be taken to ensure that the 

    closing balances are correctly entered in the right column.

    Short cut method

    • Look for an item of half that amount which might have been entered on 

    the wrong side.

    • If the difference is divisible by nine, it may mean an error of transposition 

    of figures (69 written as 96 or 86 written as 68, etc).

    • If the difference is a round sum, it is probable that the mistake has been 

    made in totals of trial balance or carry forward of its figures.

    • If the difference is of large amount, it is advisable to compare the trial 
    balance with that of the previous year, in order to ascertain whether the 
    figures under the different heads of account are very near the same as 

    those of previous year.

    Extensive checking

    • Ascertain that all opening balances have been correctly brought forward 
    in the current year’s books.

    • Check casts, cross casts and carry-forward the various books of 
    original entries and ledgers.

    • If the ledgers are self-balancing, the work would be restricted to 
    checking the balances, postings and casts of only that ledger the trial 
    balance of which does not agree..

    • The postings from the various subsidiary books should then be checked 
    into the impersonal ledger.

    • The journal and subsidiary books should be scrutinized to see that the 
    total debits and credits of each entry tally and there were no un-ticked 

    items.

    Measures to prevent errors

    – Employ a strong internal control system and efficient internal check 
    system.
    – Award employees reasonable salaries according to their qualifications 
    and experience. to reduce chance ofcommitting errors and raise their 

    morale to work.

    Employment of qualified staff to prevent errors of principle.

    – Institute an internal audit department where possible.

    – Encourage clerks/staff to take their annual leave periodically so that their 
    work. Performance can be assessed in their absence and any errors they 
    had made revealed.

    – Encourage inter-department transfers and rotation of duties at a surprise 
    moment so as to cut down the continuity of an error.

    – There should a close supervision of duties; particularly in sensitive areas 
    of the business e.g. cash receipts and payments.

    – Use specific reviews of what has taken place in any one given area.

    – Use machines to record transactions e.g. adding machines, check-writing machines, etc.

    – Management should insist on referees when engaging employees 

    especially the accounting staff.

    b) Fraud 

    Definition of fraud: fraud is an intentional misrepresentation of financial 
    information by one or more individuals among the management, employees or 
    third party collaboration in order to defraud the business on financial resources 

    and assets. Example:

    • Manipulation, falsification and alteration of record and document.

    • Misappropriation of assets usually for personal use e.g. cash.

    Types of the frauds 

    • Embezzlement of cash

    This is the defalcation or misappropriation of moneyin, which you are responsible 
    in a business intentionally.

    Cash may be misappropriated by:
    – Omitting to enter any cash which has been received;

    – Entering fewer amount than what has been actually received; 

    – Making fictitious entries on the payment side of the cashbook;

    – Entering much amount on the payment side of the cashbook than what 

    actually has been paid.

    • Misappropriation of goods

     Misappropriation of goods is undersood as a cas where any may intentionally 

    misappropriate business goods for his/her personal use.

    • Fraudulent manipulation of accounts
    It is committed by directors or managers with a purpose of showing more profits 
    than what actually they are.This can be done to:
    – Get a higher commission on profits;
    – Ensure efficiency and smooth running of the business to shareholders;
    – Obtain loans from financial institutions;

    – Attract more investors to join the business;

    Showing less profits than what actually they are in order:
    – To purchase shares in the market at a lower price;
    – To reduce or avoid the payment of income tax;
    – To give a wrong impression about the success of the business to 

    competitors.

    Difference between errors and frauds

    Procedures of detecting errors and frauds 

    • Control of source documents 

    – Examination of documents that support a recorded transaction or 

    amount.

    – The direction of testing must be from the recorded item to the 

    supporting document.

    – Tests existence or occurrence.

    • Document tracing (from supporting document to recorded item)

    – Primary test for unrecorded items and therefore tests the 

    completeness assertion.

    – The direction of testing must be from the supporting document to the 

    recorded item.

     Physical observation 
    – Auditor witnesses the physical activities of the client.
    – Differs from physical examination because physical examination 

    counts assets, while observation focuses on client activities.

    • Direct confirmation 

    The receipt of a written or oral response from an independent third party 
    Auditor has client request that the third party respond directly to the auditor. 
    Positive Confirmations asks for response even if balance is correct. Negative 
    Confirmations asks for a response only if balance is incorrect. Examples: Banks 

    – Confirm checking account and loan balances

    • Analytical examination 

    Audits studies relationships among data. Unusual fluctuations occur when 
    significant difference are not expected but do exist or when significant 
    differences are expected but do not exist. Analytical examination is required 

    during the planning and completion phases on all audits.

    • Examination of the annual accounts

    This involves the review of the financial information by the auditor

    5.2.2. Auditor’s responsibilities in relation to fraud 

    ISA 240 the auditor’s responsibility to consider fraud in an audit of financial 
    statements, states quite clearly in paragraph 240.13 that the primary responsibility 
    for the prevention and detection of fraud rests with the management and those 
    charged with governance of the entity. It is their responsibility to establish a 
    control environment to assist in achieving the orderly and efficient conduct of the 
    entity’s operations. It is up to them to put a strong emphasis on fraud prevention. 
    The auditor does not have a specific responsibility to prevent or detect fraud, 
    but he must consider whether it has caused a material misstatement in the 

    financial statements.

    Application activity 5.2

    1. Establish measures an organisation should use in order to prevent 

    errors

    2. What are justifications clients could provide as proof for liablity of an 

    auditor ?

    Skills lab activity 5

    In their learning teams, students will be shared the school accounting 

    information system and documents, be requested to identify errors. 

    End unit 5 assessment

    1. Define the following terms:

    a) Error 

    b) Fraud

    2. Describe the auditor’s liabilities towards the third parties. 

    3. Describe five (5) types of errors in audit

    4. Describe the duties of an auditor

    5. What are the types of frauds?

    6. What are auditor’s responsibilities in relation to fraud? 

    7. What kinds of measures are to be put in place to prevent errors?

    8. Describe the procedures, which can be used to detect errors and 

    fraud

  • UNIT 6: AUDITOR’S REGULATION AND ETHICS

    Key unit competence: To be able to comply with auditor’s regulation 

    and professional ethics.

    Introductory activity

    Financial and ethical reporting plays a significant role in sustainable 
    commercial development, as it provides the information required to assess 
    sustainable performance. In recent times, sustainability reporting has 
    constantly increased and is now a common business practice. 

    The countries that set the financial and ethical standards. However, the recent 
    role of emerging and developing nations requires that other regulations be 
    devised regarding not only financial stability but also inclusiveness and 
    economic development. 

    Because of the maturity of the institutional financial system and the efficient 

    market mechanism, the countries suggested reasons for international 
    differences concerning the context of financial reporting. This highlights the 
    importance of the auditing profession regaining and retaining the confidence 
    of the public, with duties performed in alignment with public interests. 

    Question

    What would be the international standards adopted to support all contexts 

    of auditing?

    6.1. International auditing standards

    Learning activity 6.1

    Look the picture above, and answer the following questions: 

    1. What do you see in this picture? 

    2. Which elements do you see that can be used as auditing standards?

    O ACCOUNTING

    Auditing | Student Book | Senior Six | Experimental version 75

    6.1. International auditing standards

    Look the picture above, and answer the following questions: 

    1. What do you see in this picture? 

    2. Which elements do you see that can be used as auditing standards?

    Learning activity 6.1

    6.1.1. The role of International Auditing and Assurance Standards Board

    International Standards on Auditing (ISAs) are set by the International Auditing 
    and Assurance Standards Board (IAASB), a technical committee of the 

    International Federation of Accountants (IFAC). 

    The IAASB is there to serve the public interest by setting high-quality 
    international standards for auditing, quality control, review, other assurance, 
    and related services, and by facilitating the convergence of international and 
    national standards. In doing so, the IAASB enhances the quality and uniformity 
    of practice throughout the world and strengthens public confidence in the global 

    auditing and assurance profession.

    Auditors are subject to ethical requirements imposed by their professional 
    bodies. One area where clients’ requirements may conflict with the requirements 
    for auditors to act ethically is whether the auditor should keep the affairs of 
    clients’ secret, or disclose them to others without obtaining the clients’consent. 
    The auditor should comply with the code of ethics for professional accountants 

    issued by the International Federation of Accountants. 

    6.1.2. International Standards on Auditing (ISA)

    International Standards on Auditing (ISAs) are set by the International Auditing 
    and Assurance Standards Board (IAASB), a technical committee of the 
    International Federation of Accountants (IFAC). ISAs are produced by IAASB, a 
    technical committee of IFAC. IAASB also produces other items of international 
    guidance, such as the International Standard on Quality Control (ISQC).

    The IAASB selects subjects for detailed study by way of a subcommittee 
    established for that purpose. As a result of that study, an exposure draft is 
    prepared for consideration by the IAASB. If approved, the exposure draft is widely 
    distributed for comment by auditor bodies of IFAC, and to such international 

    organisations that have an interest in auditing standards.

    The key standards issued by the IAASB include:

    Respective responsibilities, Audit planning, Internal control, Audit evidence, 

    Using work of other experts, Audit conclusions and audit report

    6.1.3. The regulation of auditors 

    The accounting and auditing profession varies in structure from country to 
    country. In some countries, accountants and auditors are subject to strict 

    legislative regulation, while in others the profession is allowed to regulate itself.

    Regulations governing auditors will, in most countries, be most important at the 
    national level. International regulation, however, can play a major part by: 
    • Setting minimum standards and requirements for auditors;
    • Providing guidance for those countries without a well-developed 
    national regulatory framework;
    • Aiding intra-country recognition of professional accountancy 

    qualifications.

    The audit regulations are: 
    • Statutory regulation 
    • Licensing of auditors 
    • Delegated regulation by professional bodies within a legal framework 

    (not self- regulation) 

    Regulatory mechanisms are: 
    • Statutory audit requirement 
    • Legal provisions on appointment and dismissal of auditors, 
    • Licensing of auditors 
    • Competence requirements 
    • Professional conduct rules 
    • Auditing standards 
    • Disciplinary procedures 

    • Governance rules for regulatory bodies 

    The regulation of audit is centrally concerned with the issue of ensuring that 
    auditors follow best practice standards in conducting the audit, and are 
    competent and independent; all of this being seen as essential in terms of 
    auditors’ capability to detect significant errors/omissions in financial statements 

    and to report faithfully on them.

    Application activity 6.1

    1. What is IFAC in full? 
    2. What are the key standards issued by the ISA?
    3. What are the purposes of International Standards on Auditing number 

    500 and 570

    6.2. The fundamental principles of auditing

    Learning activity 6.2

    Look at the picture above and answer the following questions: 
    1. What are the activities carried out by the above persons?

    2. Tell me about a time you faced an ethical dilemma.

    6.2.1. The fundamental principles of auditing as per IESBA

    The IESBA Code of Ethics provides ethical guidance. The five fundamental 
    principles of ethics are as follows: integrity, objectivity, professional 

    competence and due care, confidentiality and professional behaviour.



    The IESBA Code of Ethics states that independence requires independence 
    of mind
    and independence in appearance. In other words, the auditor must 

    be, and must be seen to be, independent.

    Independence of mind is the state of mind that permits the provision of a 
    conclusion without being affected by influences that compromise professional 
    judgement, allowing an individual to act with integrity, and exercise objectivity 

    and professional scepticism.

    Independence in appearance is the avoidance of facts and circumstances 
    that are so significant a reasonable and informed third party would be likely 
    to conclude that a firm’s, or audit and assurance team members, integrity, 

    objectivity or professional scepticism have been compromised.

    It is very important that the auditor is impartial and independent of management, 
    so that he/she can give an objective view on the financial statements of an 
    entity. The onus is always on the auditor not only to be independent but also 
    to be seen to be independent. You will see that some situations will constitute 
    such a significant threat to independence that an audit practice should not act 

    as auditors if they arise. 

    The following examples of specific threats to independence are given 

    in the code

    • Self-interest threats

    There are many examples of a self-interest threat arising in the Code. They fall 

    into two general areas: 

    – Relationships

    Close relationships between audit staff and employees of audit clients can lead 
    to a lack of independence if the interests of the audit firm and client become too 
    closely aligned and audit staff lose objectivity. Close relationships also cause 

    familiarity threats. 

    Examples of such self-interest threats are when: 
    • The audit firm has a financial interest in an audit client; 
    • Business relations between the firm and client are too close;
    • Audit staff move to work at the audit client;
    • The audit partner sits on the client board; 
    • There are family/personal relationships between audit staff/client; 
    • Audit staff are offered gifts/hospitality by client staff; 
    • Audit fees from a single client are a high percentage of the audit firm’s 
    total fees; 
    • The audit firm, or an individual on the audit engagement, enters a loan 
    or guarantee arrangement with a client (that is not a bank or similar 

    institution carrying out its normal commercial business).

    If an auditor inherits shares in a client company, he/she should try and sell them 

    as soon as possible, and keep the firm informed about what is going on. 

    Audit firms should not enter into close business relationships with clients other 
    than that of the audit itself. They should not have joint ventures or joint marketing 

    policies.

    – Fee-related issues 

    An audit is carried out for a fee. However, self-interest threats arise if the fees 
    are so significant, or potentially so, that the audit firm loses its objectivity in 
    relation to the audit client. A key area is the proportion of total audit firm income 
    derived from a client. If it is too high, it indicates that the audit firm relies on that 

    audit client too much to be independent. 

    Contingent fee arrangements are prohibited for audit or assurance 
    engagements. Contingent fees are payable on condition of a favourable outcome 
    being achieved. For example, a firm may charge a client seeking a listing on the 

    stock exchange a contingent fee which is payable if the listing is successful.

    • Self-review threats

    If an auditor audits work he/she has carried out for a client, he/she is unlikely to 

    be able to be objective about it. 

    There are two general circumstances in which this situation might arise: 

    If the audit staff member has recently worked for the audit client, or if the audit 

    firm carries out more than audit for the audit client.

    – Recent service at audit client

    Individuals who have been a director or officer of the client, or an employee 
    in a position to exert significant influence over the preparation of the client’s 
    accounting records or the financial statements on which the firm will express an 

    opinion should not be assigned to the assurance team.

    If an individual had been closely involved with the client before the period 
    covered by the auditor’s report, the audit firm should consider the threat to 

    independence arising and apply appropriate safeguards.

    – Other services

    Audit firms often offer a host of services other than audit. Examples include 
    preparing accounts and financial statements, valuation services, taxation services, 
    internal audit services, corporate finance services, IT services, temporary staff 
    cover, recruitment services, litigation support and legal services. Some of these, 
    for example, the routine preparation of tax returns, are not perceived to threaten 
    independence; others, particularly where it seems that audit firm staff are acting 

    on behalf of management, do affect independence.

    Audit firms are not permitted to assume a management responsibility for the 
    client. Activities which would be considered management responsibility include: 
    – Setting policies and strategic direction; 
    – Hiring or dismissing employees;
    – Directing and taking responsibility for the actions of the entity’s 
    employees 
    – Authorising transactions;
    – Controlling or managing of bank accounts or investments; 
    – Deciding which recommendations of the firm or other third parties to 

    implement; 

    – Reporting to those charged with governance on behalf of 

    management; 

    – Taking responsibility for the preparation and fair presentation of the 

    financial statements;

    – Taking responsibility for designing, implementing and maintaining 

    internal control.

    Activities that are routine and administrative, or involve matters that are 
    insignificant, generally are deemed not to be a management responsibility 
    and are permitted by the IESBA Code. Firms should not prepare accounts or 
    financial statements for listed or public interest clients. For any client, assurance 

    firms are also not allowed to: 

    – Determine or change journal entries without client approval; 
    – Authorise or approve transactions;

    – Prepare source documents.

    In addition, in relation to the other services listed above, auditors should not 
    provide a valuation of an item that is going to be material to financial statements, 
    they should not carry out transactions on the client’s behalf when doing corporate 

    finance work, and should not underwrite the client’s shares.

    Even if the services do not pose a threat to independence in themselves, 
    independence might be threatened if the auditor carried out a lot of other services 
    for a client, or if circumstances made the audit firm appear not independent. 

    This will often be a matter of judgement for audit firms.

    • Advocacy threat 

    If an audit firm is asked (or perceived) to promote their client or represent them, 
    for example in a legal claim, then the auditor would be biased in favour of their 

    client and would not be able to be objective. 

    This loss of objectivity gives rise to an advocacy threat. 

    Examples of circumstances that create advocacy threats include: 
    – The auditor provides legal support to an audit client in a legal dispute; 

    – The auditor acts as an advocate on behalf of an audit client in a 
    dispute with a third party such as a tax disputes;

    – The audit firm promotes shares in an audit client; 

    – The audit firm pitches a client reconstruction to a bank whilst 
    undertaking corporate finance services;

    – A partner or employee of the audit firm serves as a director or officer 

    of an audit client.

    The audit firm should ensure it does not accept work likely to cause an advocacy 
    threat, and it should withdraw from an engagement if the risk to independence 

    becomes too high.

    • Familiarity threat 

    We have already looked at the potential problems caused by relationships 
    between audit firm/staff and audit client/staff. These also cause a familiarity 
    threat, when audit staff become too familiar with a client, which causes them to 
    lose objectivity, and professional scepticism. Another familiarity threat is long 
    association, where an audit firm or its personnel have been involved in the audit 

    of a particular client over an extended period. This can also affect objectivity. 

    For the audit of private limited companies, this is an issue for audit firms to monitor 
    themselves and take steps to avoid. The IESBA rules are more prescriptive in 

    relation to public limited companies.

    • Intimidation threats 

    An intimidation threat arises when a member of the audit team is deterred from 
    acting objectively by threats (whether actual or perceived) from the directors, 
    officers or employees of an audit client. Such a threat may arise where the total 
    fees from an audit client represent a large proportion of the audit firm’s total 
    fees. Here the audit firm may be deemed to be dependent on the audit client 
    and this dependence may mean that they are more likely to give in to any threats 

    for fear of losing the audit client. 

    Similarly, an intimidation threat is created when an audit client threatens the firm 
    with litigation or takes legal action against them. In this situation the relationship 
    between client management and members of the audit team can no longer be 
    characterised by complete candour and full disclosure and therefore the audit 
    firm should stand down as auditors as the threat would be too significant to 

    avoid by other means.

    6.2.2. The professional duty of confidentiality

    “Auditors have a professional duty of confidentiality. However, they may be 
    compelled by law, or consider it desirable in the public interest, to disclose 

    details of clients’ affairs to third parties.”

    Confidentiality requires auditors to refrain from disclosing information acquired 

    in the course of professional work except where: 

    – Consent has been obtained from the client, employer or other 

    proper source or;

    – There is a public duty to disclose, or;

    – There is a legal or professional right or duty to disclose.

    The auditor agrees to serve a client in a professional capacity both the auditor 
    and the client should be aware that it is an implied term of that agreement that 
    the auditor will not disclose the client’s affairs to any other person with the 
    client’s consent or within the terms of certain recognised exceptions, which fall 

    under obligatory and voluntary disclosures.

    The auditors must first obtain an understanding of the non-compliance and 
    disclose it to management. The client should be advised to report the non-compliance. 
    If they do not do so then the auditors may report the matters 
    themselves, but they are not obliged to do so. The recognised exceptions to the 

    duty of confidentiality are as follows:

    Application activity 6.2

    1. Why an auditor should observe the professional ethics of integrity? 
    2. What will happen if an auditor knows or suspects his/her client to 

    have committed money-laundering or terrorist offences?

    Skills lab activity 6

    By carrying out research,students in their learning teams, identify the area 

    (audit process) where each of the standard would be applied and why

    End unit 6 assessment

    1. Explain the concept of objectivity with reference to external auditors, 

    and outline five general threats to objectivity.

    2. What is the principle of objectivity?

    3. Describe the review process that firms should adopt to ensure that 

    they have maintained independence.

    4. When is an auditor: 
    a) Obliged 
    b) Allowed

    c) To make disclosure of clients’ affairs to third parties?

    5. In which of the following situations is it not appropriate to disclose 
    confidential information? 
    a) Client has granted permission 
    b) To obtain evidence about an item in financial statements 
    c) To fulfil a public duty 

    d) To fulfil a legal duty to disclose

    6. Which of the following is not a fundamental principle of professional 
    ethics? 
    a) Independence 
    b) Integrity 
    c) Objectivity 

    d) Confidentiality

    7. It is important that an auditor’s independence is not questionable, 
    and that he/she should behave with integrity and objectivity in all 
    professional and business relationships. The following are a series 
    of questions, which were asked by auditors at a recent update 
    seminar on professional ethics. 

    a) A B & Co, the previous auditors, will not give my firm professional 
    clearance or the usual handover information because it is still 
    owed fees. Should I accept the client’s offer of appointment? 

    b) Can I prepare the financial statements of a company and remain 

    as auditor?

    Required: 

    Discuss the answers you would give to the above questions posed by the 

    auditors based on IESBA Code of Ethics.

  • UNIT 7: AUDIT PLANNING

    Key unit competence: To be able to execute audit planning and risk 

    assessment

    Introductory activity

    Look the above picture, then answer the following questions:

    1. What do you understand by audit planning

    2. How do we call those activities around audit planning?

    7.1. Audit planning

    Learning activity 7.1


    Look at the above image, then answer the following questions:

    1. Why the audit work must be planned?
    2. What do you mean by audit strategy?
    3. State the general areas the auditor must consider when setting audit 

    strategy

    7.1.1. Meaning and objective of audit planning

    a) Meaning of audit planning

    Audit planning means developing a general strategy and a detailed approach for 
    the expected nature, timing and extent of the audit. The auditor plans to perform 

    the audit work in an efficient and timely manner. 

    b) The importance of audit planning 

    An effective and efficient audit relies on proper planning procedures. The 
    planning process is covered in general terms by ISA 300 states that the auditor 
    shall plan the audit so that the engagement is performed in an effective manner.

    Audits are planned to: 

    – Help the auditor devote appropriate attention to important areas of the 
    audit;

    – Help the auditor identify and resolve potential problems on a timely 
    basis;

    – Help the auditor properly organise and manage the audit so it is 
    performed in an effective manner; 

    – Assist in the selection of appropriate team members and assignment 
    of work to them; 

    – Facilitate the direction, supervision and review of work;

    – Assist in coordination of work done by auditors of components and 
    experts. 

    Audit procedures should be discussed with the client’s management, staff and/

    or audit committee in order to co-ordinate audit work, including that of internal 

    audit. However, all audit procedures remain the responsibility of the external 

    auditors. 

    A structured approach to planning: 

    Step 1: updating knowledge of the client and assessing risks

    Step 2: Ensuring that ethical requirements are met, including independence. 

    Step 3:establishing the overall audit strategy that sets the scope, timing and 

    direction of the audit and guides the development of the audit plan:

    – Idendify the characteristics of the engagement that define its scope;

    – Ascertain the reporting objectives to plan the timing of the audit and 

    nature of communications required;

    – Consider significant factors in directing the team’s efforts;

    – Consider results of preliminary engagement activities;

    – Ascertain nature, timing and extent of resources necessary to perform 

    the engagement.

    Step 4: Preparing the detailed audit approach

    Step 5: Making administrative decision such as staffing and budgets.

    7.1.2. Audit planning strategies

    a) planning strategies

    Audit strategy sets the scope, timing and the direction of the audit, and guides 
    the development of the more detailed audit plan.The audit strategy is the key 

    planning document. It considers general areas of planning such as:

    • The timetable for reporting, key dates and statutory obligations;

    • Reporting framework and scope of the audit;

    • Initial materiality levels;

    • Preliminary risk assessment.

    • Audit team members and skills required;

    • Arrangements for directing, supervising and reviewing the work of audit 

    team members;

    • Consider the need for the service of experts;

    • Location of client premises and travel/accommodation requirements.
    Any changes made during the audit engagement to the overall audit strategy 
    or audit plan, and the reasons for such changes, shall be included in the audit 

    documentation. 

    Audit needs to be planned to ensure that:

    • Appropriate attention is devoted to the important areas of the audit;

    • Potential problems are identified (and resolved) on a timely basis;

    • Work is completed effectively and efficiently;

    • Appropriate staff are engaged on the audit team and, the proper tasks 

    are assigned to the members of the audit team;

    • Assisting with the direction and supervision of the audit team and 

    review their work;

    • Assisting with the coordination of work done by experts.

    The establishment of the audit strategy involves:

    In many audit firms, the audit engagement partner would create the audit 
    strategy, with the audit managers then being responsible for using the strategy 
    and then produce the detailed audit plan. This division of roles does, however, 
    vary from firm to firm and it is not unusual for an audit manager to contribute to 

    the audit strategy document.

    b) Changes to the overall audit strategy and audit plan 

    The auditor shall update and change the overall audit strategy and the audit plan 

    where necessary during the course of the audit work. 

    An accurate record of changes to the audit strategy must be maintained in order 
    to explain the general approach finally adopted for the audit. Any changes to the 
    audit strategy or the audit plan and the reasons for them must be included in the 

    audit documentation. 

    c) Audit programmes 

    The audit manager will typically use the audit plan as a basis for drawing up 
    checklists or similar documents for audit staff to use in gathering audit evidence 
    during the fieldwork stage of the audit. Audit programmes are schedules of 
    audit procedures to be carried out by audit staff to obtain sufficient appropriate 

    audit evidence.

    Each account area (eg non-current assets, inventory, receivables etc) will have 
    its own audit programme and each member of the team is likely to be assigned 
    responsibility for carrying out the audit procedures for one or more account 
    areas. Audit programmes may be designed with reference to specific audit 
    objectives; this ensures that audit work is focused and that sufficient appropriate 

    audit evidence is gathered and documented. 

    d) Audit matters

    Audits should be carried out by staff with appropriate skills and experience. 

    • Audit team 

    ISA 220 for Quality control for an audit of financial statements considers the 
    issue of assignment of engagement teams. The audit engagement partner 
    (sometimes called the reporting partner) must take responsibility for the quality 
    of the audit to be carried out (ISA 220: para. 8). He/she should assign staff with 

    necessary competencies to the audit team (ISA 220: para. 14). 

    Some audits are wholly carried out by a sole practitioner (an accountant who 
    practises on his/her own) or a partner.

     More commonly, however, the engagement partner will take overall responsibility 
    for the conduct of the audit and will sign the auditor’s report. The engagement 
    partner will delegate aspects of the audit work such as the detailed testing to 

    the staff of the firm. The usual hierarchy of staff on an audit assignment is:

    The engagement partner is responsible for ensuring that: 

    • An appropriate level of professional scepticism is applied by audit staff 

    in the conduct of the audit; and 

    • There is proper communication both within the audit team and with the 

    audited entity. 

    Achieving these two objectives is likely to involve holding a planning meeting with 
    the audit staff on the assignment to discuss the risks of material misstatement 
    that could arise in the financial statements and making them aware of historical 

    issues on the audit. 

    Ensuring communication between client staff and audit staff will be more difficult 
    as the audit engagement partner is unlikely to visit the client site during the audit. 
    However, given that the audit partner has a responsibility here, he/she must 
    take appropriate steps. What these should be will depend on the individual 
    circumstances of the audit. The audit engagement partner should consider the 

    following:

    – Keeping in regular contact with both audit and client staff during the 

    audit to assess the level of communication between them;

    – Attending the site during the audit to facilitate better communication 
    if he/she feels that it is necessary.Fostering lines of communication 
    between client staff and audit staff during the period between audits 

    to ensure a good working relationship is built up between them;

    – The availability of audit staff throughout the engagement (taking into 

    account conflicting audit deadlines, holidays and study leave).

    Dealing with client staff 

    An important skill that all staff chosen for the audit assignment should have 
    is the ability to deal with the client staff with whom they come into contact. 
    Discussions with staff operating the system should be conducted in a manner 
    which promotes professional relationships between auditing and operational 

    client staff. 

    Relationships with the client will be enhanced if auditors aim to provide a high 
    quality service that caters for the needs of the client. However, more specific 
    people skills will also be needed. Negotiation skills and interviewing skills are 

    particularly important. 

    Auditors should also be trying to understand what managers and staff want 
    from the audit and how hostility to the time they have to spend dealing with 
    auditors can be overcome. This does not mean agreeing with management and 
    staff on every issue, but it does mean enabling the auditors to understand why 

    difficulties have arisen and how those difficulties can be overcome. 

    7.1.3. Limitations of audit planning

    Even though the audit plan has a number of advantages, it is not free from 

    limitations. Some of the major disadvantages of audit plan are as follows:

    • Rigitity

    An audit plan follows a standard approach and set patterns. This may stifle 
    flexibility and initiative, therefore dampening professional judgement of the 
    parties involved. Rigidity also makes the process too mechanistic undermining 
    the audit staffs’liabilities, creativity and talents. This will consequently leave them 

    with less freedom in performing their task and also technically challenged.

    • Overlooking audit staffs’capabilities

    A plan will make the audit process automated and will loose the sense of 
    responsibility for the audit staff. It can potentially decrease initiative and 
    inventiveness, with less application of staff talents and abilities. They therefore 
    do not reinforce the plan with any improvements, which will lower it future 
    effectiveness. The automation also leaves the staff performing their task with 

    normality, which can cause boredom.

    The strategies and pocedures adopted from an audit may not be in accordance 
    with a client’s standards. An auditor will likely need to prepare a new procedural 
    plan that meets the need of the client: in some cases, this backtracking may
    cause the client to loose faith and /or trust in the auditor. Staff may also feel 
    manipulated since they will have to participate in the preparation of the new 

    plan, which can very significantly from the audit standards..

    • Constant update

    An audit plan needs to change regularly, usually each year to keep it current with 
    the changing economic environment and business structures. If this change is 
    not done, the plan may turn out to be too rigid in nature and its application in an 
    audit process may be in-effective and out-dated. This updating requires more 
    time and resource devotion to the plan, which would be better used in another 

    productive activities.

    Application activity 7.1

    1. Explain the difference between the audit strategy and the audit plan 
    2. Identify seven key items of information likely to be contained in an 

    audit strategy document.

    7.2. Materiality in Auditing

    Learning activity 7.2

    Observe the above picture, then answer the following questons:

    1. What do you mean by a material misstatement?
    2. Explain the difference between the overall materiality and performance 

    materiality.

    7.2.1. Meaning and methods of calculating materiality inauditing

    a) Meaning of materiality

    Materiality in Auditing is defined as the benchmark used to obtain 
    reasonableassurance that an audit does not detectany material misstatementthat 

    can significantlyimpact the usability of financial statements.

    The auditor is required to determine the materiality level for the financial 
    statements as a whole, as well as performance materiality, at the planning stage. 
    The calculation or estimation of materiality should be based on the auditor’s 
    experience and judgment. The materiality chosen should be reviewed throughout 

    the audit. 

    Materiality relates to the level of misstatement that affects the decisions of users 

    of the accounts. 

    Misstatements are considered to be material if they, individually or in aggregate, 

    could reasonably be expected to influence the economic decisions of users. 

    Judgments about materiality are made in the light of surrounding circumstances, 
    and are affected by the size and nature of a misstatement or a combination of 
    both. Judgments about matters that are material to users of financial statements 
    are based on a consideration of the common financial information needed users 

    as a group. 

    The practical implication of this is that the auditor must be concerned with 
    identifying ‘material’ errors, omissions and misstatements of transactions, 
    account balances and disclosures. Both the amount (quantity) and nature 
    (quality) of misstatements need to be considered (e.g., lack of disclosure 

    regarding ongoing litigation is likely to be considered material). 

    Materiality provides a threshold or cut-off point rather than being a primary 

    qualitative characteristic which information must have to be useful. 

    E.g. If a company has a profit of FRW 100Millions, a misstatement of FRW1Million 
    is unlikely to be significant. If a company has a profit of FRW 10Millions, a 
    misstatement of FRW 1Million will have a more significant impact on the readers 

    of the accounts. 

    During planning, the auditor must establish materiality for the financial statements 

    as a whole, but must also set performance materiality levels. 

    The concept of materiality is applied by the auditor both in planning and 
    performing the audit, and in evaluating the effect of identified misstatements on 
    the audit and of uncorrected misstatements, if any, on the financial statements 

    and in forming the opinion in the auditor’s report. 

    Materiality considerations during audit planning are extremely important. The 
    assessment of materiality at this stage should be based on the most recent and 
    reliable financial information and will help to determine an effective and efficient 

    audit approach. Materiality assessment will help the auditors to decide: 

    • How many and what items to examine;
    • Whether to use sampling techniques;

    • What level of error is likely to lead to a modified audit opinion. 

    The resulting combination of audit procedures should help to reduce detection 

    risk to an appropriately low level. 

    b) Determining materiality for the financial statements as a whole 

    Determining materiality for the financial statements as a whole involves the 
    exercise of professional judgment. Because many users of financial statements 
    are primarily interested in the profitability of the company, materiality is often 

    thought in terms of a value associated with the level of profit before tax. 

    For example, if profit before tax was FRW 40,000,000, auditors might consider 
    that all matters in the financial statements equal to 5% of FRW 40,000,000 (i.e. 

    FRW 2,000,000) will be important to users. 

    However, auditors should avoid thinking of materiality solely in these terms. For 
    example, some users might be more concerned with asset values or specific 
    matters in the financial statements rather than ‘value’ at all. Consequently, 
    auditors may have a monetary guide to what is important to users, but they 
    should also use their professional judgment at all times to consider what is 

    important to users. 

    In addition, certain types of errors should be investigated even if they are small in 

    monetary terms, because, as stated above, they are important for other reasons. 

    • Recurring errors as these may indicate weaknesses in the accounting 
    system 
    • Errors that would mean breaches of statutory requirements 
    • Critical point errors, for example, those that change a loss into profit 
    • Conceptual errors, errors that involve breaches in the accounting 

    requirements

    At the planning stage, auditors will set a ‘value level’ for planning materiality 
    based on draft financial information available to them. However, this should be 
    reviewed as the audit progresses and as any changes are made to the financial 

    information. 

    Generally, a percentage is applied to a chosen benchmark as a starting point 
    for determining materiality for the financial statements as a whole. The following 

    factors may affect the identification of an appropriate benchmark: 

    • Elements of the financial statements (e.g. assets, liabilities, equity, 
    revenue, expenses) 
    • Whether there are items on which users tend to focus 
    • Nature of the entity, industry and economic environment
    • Entity’s ownership structure and financing
    • Relative volatility of the benchmark 
    • The following benchmarks and percentages may be appropriate in the 

    calculation of materiality for the financial statements as a whole. 

    c) Determining performance materiality 

    Consider what would happen if this materiality for the financial statements as a 
    whole was applied directly to, for example, different accounts balances (such as 
    receivables, inventory etc.). It could be that a number of balances (or elements 
    making up those balances) are untested or dismissed on the grounds they are 
    immaterial. However, a number of errors or misstatements could exist in those 

    untested balances, and these could aggregate to a material misstatement. 

    For this reason, the auditor is required to set performance materiality levels, 
    which are lower than the materiality for the financial statements as a whole and 
    this means a lower is applied during testing. The risk of misstatements which 
    could add up to a material misstatement is therefore reduced. As we can see in 

    the key terms below, performance materiality really has two definitions 

    Performance materiality is the amount or amounts set by the auditor at less than 
    materiality for the financial statements as a whole to reduce an appropriately 
    low level of the probability that the aggregate of uncorrected and undetected 

    misstatements exceeds materiality for the financial statements as a whole.

    Performance materiality also refers to the amount or amounts set by the auditor 
    at less than the materiality level or levels for particular classes of transactions, 

    account balances or disclosures. 

    This indicates the auditor sets a level or levels of materiality lower than overall 
    materiality for the purposes of performing procedures in general (for example on 

    a low risk area) and this is just to account for aggregation. 

    However, an even lower level is set for certain balances, transactions or 
    disclosures where there is an increased risk (for example, the auditor will set 
    a lower performance materiality level for bank balances if he/she considers 
    bank balances to be a sensitive area). Lower levels are also set if qualitative 

    considerations (discussed below) necessitate it. 

     Determining performance materiality is very much dependent on the auditor’s 
    professional judgment. In summary it is affected by: 
    • The nature and extent of misstatements identified in prior audits;
    • The auditor’s understanding of the entity;

    • Result of risk assessment procedures.

    7.2.2. Difference between materiality in government and 

    in private sector

    Materiality in governmental audit is different from materiality in private sector 

    auditing for several reasons.

    Most importantly, due to the format of state and local government financial 
    statements under GAAP (general accepted accounting principles), the AICPA 
    (American institute of certified public accountant) audit guide for state and 
    local governments requires auditors to consider materiality by “opinion unit” 
    rather than for the financial statements taken as a whole. The guide defines 

    opinion unit as follows:

    Government-wide level
    • Government activities;
    • Business activity( nature of business); 

    • Discretely presented component units in the aggregate.

    Fund levels: 
    • General fund (always a major fund)
    • Other major funds determined for government funds or enterprise 
    funds. Each major fund is an opinion unit. If there are no major funds, 
    then there will be only two opinion units. The general fund and then 

    remaining fund information; and 

    • Remaining fund information, consisting of all other non-major 
    governmental and enterprise funds, internal service fund type, and 
    fiduciary fund type. (this will generally always be present, although 
    the individual components and size will change between governmental 

    entities.)

    This functionally decreases materiality for state and local government financial 
    statements by an order of magnitude compared to materiality for private 
    company financial statements. Due to the unique concept of materiality, the 

    auditor’s report expresses an opinion in relation to each opinion unit.

    Moreover, the primary users of government financial statements are different: 
    the citizens and the parliament in the public sector versus investors in the private 
    sector. It is important to identify the primary users since materiality reflects the 
    auditors judgment of the needs of users in relation to the information in the 

    financial statements.

    Finally, in government auditing, the political sensitivity to adverse media exposure 
    often concerns the nature rather than the size of an amount, such as illegal acts, 

    bribery, corruption and related-party transactions. 

    Qualitative considerations of materiality are therefore different in private 
    sector auditing, in which qualitative consideration are focused on the effect on 
    earnings per share, executive bonuses or other risks that are not applicable to 

    governments. 

    Qualitative materiality refers to the nature of a transaction or amount and includes 
    many financial and non financial items that, independent of the amount, may 

    influence the decisions of users of the financial statements.

    While rules of thumb mentioned in the section above are commonly applied 
    to state and local government financial statements, government auditors may 
    also use different means to quantify materiality such as total cost or net cost 
    ( expenses less revenues or expenditure less receipts). In a cash accounting 

    environment, total expenditures is often used as a benchmark.

    7.2.3. Roles of materiality of an error in auditing

    The importance of materiality of an error in auditing is that:
    • It influnces the auditor’s time budget on specific items;
    • It dictates the auditor’s plan;
    • It influences the auditor’s plan;
    • It determines the amount of audit evidence to be gathered;
    • It is required by the professional body ICPAR (Institute of Certified 

    Public Accountants of Rwanda) as an incidental objective.

    Application activity 7.2

    1. Which measures of a client’s business is an auditor likely to use when 
    setting a level of materiality: 

    a) For a client that has a stable asset base and steady revenue over 
    the last few years but has only made a small pre-tax profit this 
    year owing to a large one-off expense? 
    b) For a client where the outside shareholders have expressed 

    concern over declining profits over the last few years? 

    2. Profit before tax at Rilla Ltd is FRW10, 000,000. 
    Which one of the following balances are the auditors unlikely to plan 
    to test in detail? 
    a) Receivable FRW 5, 000,000 
    b) Bank FRW 450,000 
    c) Dirctor’s bonus of FRW 400,000

    d) Addition to non-current assets FRW 2,000,000

    7.3. The entity and its environment

    Learning activity 7.3

    Observe the above image then answer the following questions:

    1. What does the above image show?
    2. What information do you think the auditor wants to know when he/

    she asks himself/herself the questions in the image?

    7.3.1. The entity and its environment

    The auditor is required to obtain an understanding of the entity and its environment 
    in order to be able to assess the risks of material misstatement and direct his/

    her audit approach accordingly. 

    ISA 315 states that ‘the auditor shall perform risk assessment procedures 
    to provide a basis for the identification and assessment of risks of material 

    misstatement at the financial statement and assertion levels. 

    a) Why? 
    The reasons the auditor is to obtain the understanding of the entity and its 
    environment are very much bound up with assessing risks and exercising audit 
    judgment. We shall look at these aspects more in the next two topics of this 

    Unit. 

    b) What? 
    ISA 315 sets out a number of requirements about what the auditors must 

    consider in relation to obtaining an understanding of the business. 

    c) How? 
    ISA 315 sets out the risk assessment procedures that the auditor must use 
    to obtain the understanding. The auditor does not have to use all of these for 
    each area, but the ISA requires that risk assessment procedures should, as a 

    minimum,comprise a combination of these procedures. 

    • Inquiries of management and others within the entity 
    • Analytical procedures

    • Observation and inspection 

    The audit team and the engagement partner are also required by ISA 315 to 
    discuss the susceptibility of the financial statements to material misstatement. 
    Judgment must be exercised in determining which members of the team should 
    be involved in which parts of the discussion, but all team members should be 
    involved in the discussion relevant to the parts of the audit they will be involved 

    in. 

    Lastly, if it is a recurring audit, the auditors may have obtained a great deal of 
    knowledge about the entity and the environment in the course of prior year 
    audits. The auditor is entitled to use this information in the current year audit, 
    but he/she must determine whether any changes in the year have affected the 

    relevance of information obtained in previous years. 

    Inquiries of management and others within the entity 

    The auditors will usually obtain most of the information they require from staff in the 
    accounts department, but may also need to make enquiries of other personnel, 
    for example, internal audit, production staff or those charged with governance. 
    Those charged with governance may give insight into the environment in which 
    the financial statements are prepared. In-house legal counsel may help with 
    understanding matters such as outstanding litigation, or compliance with laws 
    and regulations. Sales and marketing personnel may give information about 

    marketing strategies and sales trends.

    Analytical procedures 

    Analytical procedures are a useful tool in risk assessment. ISA 315 and ISA 520 
    Analytical procedures provide guidance in this area. ISA 315 requires auditors 

    to use analytical procedures during the risk assessment phase of the audit. 

    Analytical procedures consist of the evaluations of financial information made by 
    a study of plausible relationships among both financial and non-financial data. 
    Analytical procedures also encompass the investigation of identified fluctuations 
    and relationships that are inconsistent with other relevant information, or deviate 

    significantly from predicted amounts. 

    There are many sources of information available to the auditor at this stage 
    including interim financial information, budgets, management accounts, 

    information for prior periods and industry information. 

    All of this information can be used by auditors to help them understand areas 
    of risk. For example, ratios (such as the receivables days, inventory turnover 
    and the current ratio) can be calculated using information from the financial 
    statements. The financial statements can also be compared to prior years, or 

    similar firms in the same industry. 

    Budgets are helpful in indicating the expectations of the organization, and 
    management accounting information is useful for variance analysis. Variance 
    analysis involves looking at actual income and expenditure against the expected 

    figures and determining the reasons for any variances between the two.

    Analytical procedures such as these can be extremely helpful at the risk 
    assessment and planning stages of an audit and help the auditor to identify the 
    areas of greatest risk, and therefore the areas where the risk of misstatement 
    in the accounts is highest. These are the areas where the most work will be 

    required during the audit. 

    Observation and inspection 

    These techniques are likely to confirm the answers made to inquiries made of 
    management. They will include observing the normal operations of a company, 
    reading documents or manuals relating to the client’s operations or visiting 

    premises and meeting staff. 

    The ISA gives guidance on performing these risk assessment procedures in 

    order to obtain the required understanding of the business. 

    The table below summarizes some of the key points.

    Application activity 7.3

    1. What auditors need to know in understanding the entity and its 
    environment?

    2. Why do auditors needs to be familiar with the organization business 
    model?

    3. What are the factors the auditor must valuate to understand the entity 
    and its environment?

    4. What is the most important thing that an auditor does when 

    understanding the entity?

    7.4. Audit risk

    Learning activity 7.4

    Observe the above picture then answer the following questions:

    1. Is it possible that an auditor can give an inappropriate audit opinion 

    on financial statements?

    2. How do we call the case in which an auditor can give an inappropriate 

    audit opinion on financial statements ?

    7.4.1. Meaning and types of audit risks

    a) Meaning of audit risk 

    In an audit of financial statements, audit risk is the risk that the auditor 
    expresses an inappropriate audit opinion when the financial statements 
    are materially misstated,
    i.e., the financial statements are not presented fairly 

    in conformity with the applicable financial reporting framework.

    b) Types of audit risk

    Audit risk 

     Audit risk is the risk that the auditors give an inappropriate audit opinion when 
    the financial statements are materially misstated. It has two elements: the risk 
    that the financial statements contain a material misstatement (inherent risk 
    and control risk) and the risk that the auditors will fail to detect any material 

    misstatements (detection risk). 

    In order to obtain assurance about whether the financial statements are free 
    from material misstatement, the auditor needs to consider how and where 

    misstatements are most likely to arise. 

    Carrying out a financial statement risk assessment helps the auditor ensure 
    that the key areas more susceptible to material misstatement are adequately 
    investigated and tested during the audit. It also helps the auditor identify low risk 
    areas where reduced testing may be appropriate, ensuring time is not wasted 

    by over-testing these areas. 

    In this way, auditors follow a risk-based approach to auditing. In the risk-based 
    approach, auditors analyze the risks associated with the client’s business, 
    transactions and systems, which could lead to misstatements in the financial 
    statements, and direct their testing to risky areas. Audits conducted in 

    accordance with ISAs must follow the risk-based approach. 

    Auditors are therefore not concerned with individual routine transactions, 

    although they will still be concerned with material, non-routine transactions. 

    As you can see from the above diagram, audit risk has two major components: 

    • The risk of material misstatement arising in the financial statements 
    is dependent on the entity, and cannot be influenced by the auditors. 

    It is a product of inherent risk and control risk. (ISA 200: para. 13No)

    Detection risk 
    Detection risk is dependent on the auditor, and is the risk that the auditor will 
    not detect material misstatements in the financial statements. (ISA 200: para. 

    13(e)) 

    Inherent risk
    Inherent risk is the risk that items will be misstated due to characteristics of 
    those items, such as the fact they are estimates or that they are important items 
    in the accounts. The auditors must use their professional judgment and all 
    available knowledge to assess inherent risk. If no such information or knowledge 

    is available, then the inherent risk is high. 

    Inherent risk is affected by many factors, including: 
    • The nature of the entity, for example, the industry it is in and the 
    regulations it falls under 
    • The attitudes and experience of management
    • The geographic spread of the operations
    • The future business strategy of the entity 
    • The presence of complex wage structures, for example, a bonus- or 

    commission-based salary structure 

    The information system, for example, computer-based accounting systems 
    Inherent risk can also vary from account to account. Balances made up of 
    complex items, such as inventory in a manufacturing company, portable assets 
    in an engineering company and cash balances are generally more prone to high 

    levels of inherent risk. 

    Control risk 

    Control risk is the risk that a misstatement that could occur in an assertion and 
    that could be material, individually or when aggregated with other misstatements, 
    will not be prevented or detected and corrected on a timely basis by the entity’s 

    internal control. 

    7.4.2. Model and calculation of audit risk

    This aspect of audit risk is known as detection risk. 

    Detection risk is the risk that the auditor’s procedures will not detect a 
    misstatement that exists in an assertion that could be material, individually or 

    when aggregated with other misstatements. (ISA 200) 

    Detection risk is the component of audit risk that the auditors have a degree of 
    control over, because, if risk is too high to be tolerated, the auditors can carry 
    out more work to reduce this aspect of audit risk, and therefore audit risk as a 

    whole. 

    ISA 200 Overall objectives of the independent auditor and the conduct of an 
    audit in accordance with international standards on auditing (ISA 200) states 
    that ‘the auditor shall obtain sufficient appropriate audit evidence to reduce 
    audit risk to an acceptably low level and thereby enable the auditor to draw 
    reasonable conclusions on which to base the auditor’s opinion’, that is, giving 

    reasonable assurance on the truth and fairness of the financial statements. 

    Looking at audit risk as a whole, we can see that it can be represented by the 

    audit risk model as follows:

    The implication of this for the auditor is that if inherent risk and control risk are 
    relatively high, then the amount of work carried out to reduce detection risk will 

    have to increase to reduce audit risk as a whole to an acceptably low level. 

    For example, let us assume that an auditor is prepared to accept a 5% chance 
    that he may give an inappropriate audit opinion on the financial statements. In 

    other words, the auditor sets the acceptable level of audit risk at 5%. 

    From his assessment of the client’s risk environment, the auditor has determined 
    the inherent risk factor to be 80% and the control risk factor for a given area of 

    the financial statements to be 25%. 

    By re-arranging the audit risk model [Audit risk (AR) = Inherent risk (IR) * Control 
    risk (CR) * Detection risk (DR)] we can find the level of detection risk required: 
    DR= AR/ IR*CR
    DR = 0.05/ 0.8*0.25
    DR= 0.05/0.2

    DR= 0.25*100= 25%

    So, the level of detection risk would need to be set at 25%. 

    However, let us now assume that for a different area of the client’s financial 
    statements, the auditor has assessed control risk at 12½%. How does this 

    affect the level of detection risk?

    AR= 0.05

    DR= AR/ IR*CR

    DR= 0.05/ 0.8*0.125

    DR= 0.05/ 0.1

    DR= 0.5 *100= 50%

    Now the level of detection risk should be set at 50%. 

    These examples illustrate a very important point: that detection risk has an inverse 
    relationship with risk of material misstatement (inherent risk u control risk). The 
    lower the risk of material misstatement, the higher the level of detection risk 
    which can be accepted, and therefore the lower the level of detailed testing 

    required. 

    Conversely, if the auditor feels a company has a high risk of material misstatement, 
    then the acceptable level of detection risk will need to be reduced to compensate 
    for this, and consequently the auditor will need to increase the level of detailed 

    testing required. 

    Remember that the level of detection risk represents the risk that the auditors 
    will not find a material misstatement. Consequently, there is also an inverse 
    relationship between the level of detection risk and the level of substantive 
    testing required: the higher the acceptable level of detection risk, the lower the 

    amount of substantive testing required, and vice versa. 

    7.4.3. Assessing the risk of material misstatement and 

    responding to risk assessment

    a) Assessing the risk of material misstatement

    The ISA 315) says that the auditor shall identify and assess the risks of material 
    mistatement at the financial statement level and assertion level. It requires the 

    auditor to take the following steps:

    • Identify risks throughout the process of obtaining an understanding of 
    the entity’ 
    • Relate the risks to what can go wrong at the assertion level;
    • Consider whether the risks are of a magnitude that could result in a 
    material misstatement;

    • Consider the likelihood of the risks causing a material misstatement.

    b) responding to risk assessment

    The auditors must formulate an approach to the identified risks of material 
    misstatement. They must formulate overall responses and detailed further audit 
    procedures, which will comprise tests of controls and substantive procedures 

    or substantive procedures only. 

    The objective of ISA 330 The auditor’s responses to assessed risks is ‘to obtain 
    sufficient appropriate audit evidence regarding to the assessed risks of material 
    misstatement, through designing and implementing appropriate responses to 

    those risks’. 

    In other words, having assessed the risks of material misstatements in the 
    financial statements, the auditor has to plan the work that will be carried out to 
    ensure that he/she can give an opinion that the financial statements give a true 
    and fair view, that is, that any material misstatements have been identified and 

    amended if necessary.

    Overall responses 

    Overall responses to risks of material misstatement will be changes to the 
    general audit strategy or re-affirmations to staff of the general audit strategy. 
    For example (ISA 330): 
    • Emphasizing to audit staff the need to maintain professional scepticism;
    • Assigning additional or more experienced staff to the audit team;
    • Using experts;
    • Providing more supervision on the audit; 
    • Incorporating more unpredictability into the audit procedures;
    • Making general changes to the nature, timing and extent of audit 

    procedures. 

    Responses to the risks of material misstatement at the assertion level 

    The ISA says that ‘the auditor shall design and perform further audit procedures 
    whose nature, timing and extent are based upon and are responsive to the 
    assessed risks of material misstatement at the assertion level. Nature refers 
    to the purpose and the type of test that is carried out. ISA 330 requires that 

    auditors should carry out tests of controls and substantive procedures. 

    Test of controls is an audit procedure designed to evaluate the operating 
    effectiveness of controls in preventing, or detecting and correcting material 

    misstatements at the assertion level. 

    Substantive procedure is an audit procedure designed to detect material 
    misstatements at the assertion level. Substantive procedures comprise tests of 

    details and substantive analytical procedures. 

    Application activity 7.4

    You are involved with the audit of Kigali Solutions Ltd, a small company. You 
    have been carrying out procedures to gain an understanding of the entity. 

    The following matters came to your attention: 

    The company offers standard credit terms to its customers of 60 days 
    from the date of invoice. Statements are sent to customers on a monthly 
    basis. However, Kigali Solutions Ltd does not employ a credit controller, 
    the company sends statements to clients on a monthly basis, it does not 
    communicate with them on a systematic basis (regular basis). On certain 
    days, the receivables ledger clerk may call a customer if the company has 
    not received a payment. Some clients pay regularly according to the credit 
    terms offered to them, but others pay on a very haphazard basis and do not 
    provide a remittance advice. Receivables ledger receipts are entered into 
    the receivables ledger but not matched to invoices remitted. The company 

    does not produce an aged list of balances. 

    Required 

    From the above information, assess the risks of material misstatement arising 
    in the financial statements. Outline the potential materiality of the risks and 

    discuss factors in the likelihood of the risks arising. 

    Skills lab activity 7

    Under the guidance of the teacher, the students can visit the school 
    accountant, headteacher and other school staffs, to ask them different 
    questions about organization policy, management framework and financial 
    informations that can help them to obtain useful information that can be 

    used in the audit work. 

    End unit 7 assessment

    1. Which of the following would not increae inherent risk
    A. Revenue is derived from sales of high-tech products
    B. Sales order are not authorised prior to sales being executed
    C. A number of customers have significatly old debt
    D. Some recent sales have resulted in legal claims against the 

    company

    2. Which of the following statement does not illustrate an inherent risk?
    A. The organization is seeking to rise finance to diversity
    B. The auditor uses samples when carrying out audit testing
    C. Directors participate in a profit-related bonus scheme

    D. The financial statements contain complex transactions

    3. Can an audit partner delegate responsibility for the audit opinion to 

    his staff?

    4. What procedures might an auditor use in gaining an understanding 

    of the entity?

    5. What information does an audit plan usually contain?

    6. The audit partner has set the overall level of audit risk for a client as 

    10%. 

    Your risk assessment of the client has indicated that inherent risk is 

    60% and control risk is 60%. 

    What level of detection risk should be prescribed for this client? 

  • UNIT 8:AUDIT EVIDENCE AND SAMPLING

    Key unit competence: To be able to explain the audit procedures in 
    sampling and gathering audit evidence
    Introductory activity

    Observe the above picture then answer the following questions:
    1. What do you think this auditor is looking for?
    2. Is it necessary that this auditor can check all of these documents? If 
    yes or no explain.
    3. What this auditor can use to find what he/she is looking for?
    4. Is it possible that this auditor can do his/her auditing activities by 
    using the computer? If yes or no explain.
    8.1. Audit execution and procedures
    Learning activity 8.1

    Observe the picture above then answer the following questions:
    1. How do we call the terms in small circles surrounding the big circle?
    2. Why these terms surround the big circle named audit execution?

    8.1.1. Meaning and steps of audit execution
    a) Meaning of audit execution
    The audit execution consists mainly on the assessment and valuation of the 
    questions based on the replies in the audit, the determination of the audit result 
    and the degree of fulfilment, and the rating of the audit. In audit execution, the 
    auditor has to perform audit procedures i.e. test of controls and substantive 
    tests. The tests are perfomerd on class of tranactions and balances sampled.
    b) Steps of audit execution
    The conduct of an audit execution involves various procedures and techniques. 
    These are various steps, which are taken by the auditor to complete an audit. 
    These steps are illustrated with the help of the following figure:

    The steps involved in the conduct of audit execution are further explained as 
    under:
    • The auditor is appointed by the members or shareholders of a 
    company. The auditor should make it sure that his/her appointment is in 
    accordance with provisions of companies Act;

    • If the auditor has been appointed in place of another auditor, he/she 
    should enquire from the retiring auditor, the reasons for his/her removal 
    as an auditor. If the retiring auditor discloses some information due 
    to which the new auditor would not be able to work independently 
    or in accordance with the professional ethics, then he/she should not 
    accept the appointment;

    • When the auditor accepts the appointment then he/she should obtain 
    definite instructions from his/her client about the nature and scope 
    of his/her work and duties, for this purpose, the auditor writes an 
    engagement letter to the client;

    • The next step is to investigate relevant internal control and accounting 
    systems of the company. In this case, he/she obtains a list of the 
    books maintained and the details of internal systems established in 
    the respective organization. He/she opens an audit file and draws 
    up internal control questionnaires (I.C.Q). At this stage, he/she also 

    prepares an audit programme;

    • The auditor carries out audit work to evaluate the operation of internal 
    control and accounting systems of the concerned company. For this 

    purpose, he/she applies various compliance and substantive tests;

    The auditor obtains audit evidence to ensure that all accounting records 
    have been maintained accurately and the financial statements prepared 

    from these records are also correct;

    • The auditor reviews his/her findings critically in order to form his/her 

    opinion.

    • Finally, the auditor prepares his/her audit report and submits this report 

    to the members of the company or to the concerned parties.

    8.1.2. Audit procedures

    a) Meaning of audit procedures

    Audit procedures are the techniques, processes, and methods that auditors use 
    to obtain reliable audit evidence, which enable them to gain a sound judgment 
    about an organization’s financial status. Audit procedures are conducted to 
    help determine whether or not a company’s financial statement is credible and 

    factual.

    The regular implementation of these procedures helps establish a business’s 
    financial reputation and strengthen its trustworthiness in the eye of its customers, 

    the market, and potential investors.

    There is no definitive structure when it comes to auditing; its whole process 
    would depend on the auditor, the company to be audited, and the purpose of 

    the audit. Learn more about the three main methods of audit procedures below.

    • Tests of controls 
    Tests of controls are audit procedures designed to evaluate the operating 
    effectiveness of controls in preventing, or detecting and correcting material 

    misstatements at the assertion level. 

    Tests of controls are performed only on those controls that the auditor has 
    determined and suitably designed to prevent, or detect and correct a material 
    misstatement in an assertion. If substantially different controls were used at 
    different times during the period under audit, each control is considered 

    separately. 

    Testing the operating effectiveness of controls is different from obtaining an 
    understanding and evaluating the design and implementation of controls. 
    However, the same types of audit procedures are used. The auditor may 
    therefore, decide it is efficient to test the operating effectiveness of controls at 
    the same time as evaluating their design and determining that they have been 

    implemented.

    • Substantive procedures 

    Substantive procedures are audit procedures designed to detect material 

    misstatements at the assertion level. 

    • Analytical procedures

    Analytical procedures pair financial data with non-financial data determine 
    the correlation between them. Comparison of previous trends versus current 
    trends, as well as evaluation of the difference between the client’s record and 

    the substantive evidence, are also considered analytical procedures.

    Application activity 8.1

    1. Audit execution is said when :
    a. audit is done
    b. Audit start
    c. Audit take place
    d. Audit is concluded
    e. a and c are correct answers

    f. All of the above

    2. Differentiate substantive procedures from analytical procedures

    8.2. Audit evidence

    Learning activity 8.2

    Mr. GAKIRE is an external auditor in XYZ company. During his audit activities, 
    he has discovered some fictious transactions and other frauds in their 
    books of accounts and financial statement. At first, Mr. GAKIRE thought 
    that the frauds were committeded by some of the staff at managerial level, 
    especially the managing director, and other staff working in sensitive areas 
    like the cashier and the storekeeper but he did not have the information 
    appropriate information to support it. He started by looking at the information 
    within the company that can help him to confirm who were responsible 
    for frauds and failed to get them. Leter, he decided to visit some of the 
    company’s third parties like banks, suppliers, creditors and debtors with the 
    aim of identifying the persons who were involved in the frauds. At the end, 
    Mr. GAKIRE discovered that the frauds were committed by the managing 

    director, accountant, and cashier. 

    After reading the above scenario answer the following questions:

    1. What is the technical term used for the information found by Mr. 
    GAKIRE?

    2. How do we call the means used by Mr. GAKIRE when he was 
    searching information? And which one has he used?

    3. Is Mr. GAKIRE allowed to accept any kind of information received 

    from XYZ’s third parties? If yes or no, explain.

    8.2.1. Meaning of audit evidence

    Audit evidence is all the information, whether obtained from audit procedures or 
    other sources that is used by the auditor in arriving at the conclusion on which 
    the auditor’s opinion is based on. The auditor obtains evidence from several 

    sources. Some of significant source of audit evidence are from:

    • Accounting records;
    • Audit procedures performed to test accounting records;
    • Information obtained during the audit of previous years;
    • Audit firm’s quality control procedures for acceptance of audit;
    • Work of management’s expert;
    • Confirmation from third parties;
    • Comparable data of other companies engaged in the same industry;
    • Written representations from management to support other evidences 

    obtained during the audit.

    8.2.2. Qualities of audit evidence

    There are a number of general principles set out in ISA 500 to assist the auditor 
    in assessing the relevance of audit evidence. These can be summarized as 

    follows:

    a) Sufficiency

    It means that audit evidence should be complete and adequate to prove any 
    material fact. For example, complete physical counting of items of stock is 

    sufficient to verify the value of stock.

    The auditor must assess whether the evidence is sufficient to allow him/her to 
    reach the opinion that the financial statements give a true and fair view. If the 
    auditor decides that the evidence obtained is insufficient to reach this opinion 
    (or any other opinion), he/she may take any other action depending on the 
    circumstances that can allow him/her to obtain more evidence by means of 

    tests of controls and substantive procedures.

    b) Relevance

    Audit evidence should be relevant to the purpose for which it is required. For 
    example, checking of physical existence of assets in accordance with the 

    schedule of assets is relevant for audit purposes.

    c) Reliability
    Evidence is reliable if it is considered correct and accurate. For example, if the 
    auditor receives a certificate of stock valuation from an outsider expert instead 
    of an official of the company then it is more reliable. Similarly, documentary 
    evidence instead of oral evidence is more reliable. A physical inspection by the 

    auditor himself/herself is more reliable than evidence obtained from others.

    8.2.3. Types of Audit evidence

    There are four main types/groups of audit evidences are:

    a) Primary audit evidence
    This is the type of evidence which the auditor gathers from within the company, 
    basically from accounting records and source documents. This type of audit 
    evidence is usually biased or may fall-short of some fact, which renders it less 

    reliable.

    b) Secondary audit evidence
    This is the type of audit evidence which the auditor collaborates outside the 
    company, i.e. which gathers from such sources as third parties ‘confirmation, 
    e.g. debtors, creditors, bankers, trustees, etc. and this evidence is gathered 
    by writing to these parties and requesting them to send replies directly to the 
    auditor. This evidence is usually more reliable except where these parties have 
    other special relationships with the company in which case they may collude to 

    give biased information.

    c) Circumstantial Audit evidence
    This evidence is gathered from circumstances prevailing in a given business at 
    the time of the audit, e.g. orderliness of the business which is an indication of 
    strong internal control system, qualification and ability of the staff to co-operate 
    with the auditor, etc. This evidence may prove to be biased in particular if the 

    auditor’s visit was known by the client in advance.

    d) Hearsay evidence
    This is gathered from such sources as: interviews, conversation, posing 
    intelligent questions to the client’s senior staff and other parties related to the 

    client in their day-to-day deals.

    8.2.4. Techiniques of gathering audit evidence

    A number of audit testing procedures are available to the auditor as a means of 
    gathering audit evidence. More than one procedure may be used in collecting 

    evidence in a particular area.

    Not all procedures may be appropriate to a given objective of the audit. The 
    auditor should select the most appropriate procedure in each situation. ISA 500 
    identifies seven (7) main testing procedures for gathering audit evidence:
    • Inspection (of an item)
    • Observation (of a procedure)
    • Inquiry
    • External confirmation 
    • Recalculation
    • Reperformance

    • Analytical procedures

    Application activity 8.2

    1. Primary audit evidence is an evidence the auditor gathers from:
    a. Inside the company
    b. Source documents
    c. Accounting records
    d. A and C are correct answers
    e. All of the above

    2. The following audit procedures are used for gathering audit evidence 
    except:
    a. Staff confirmation
    b. Recalculation
    c. Inquiry
    d. Checking procedure
    e. A and D are correct answers
    f. No one of the above

    3. Hearsay evidence is an audit evidence obtained from the followings 
    except:
    A. Interviews
    b. Written conversations
    c. Questioning
    d. Oral presentations

    e. No one of the above

    4. Enumerate sources of audit evidence.

    8.3. Audit sampling

    Learning activity 8.3


    Observe the above image, answer the questions below:

    1. What auditing term can be used for these people in the big circle?
    2. What is the term used in auditing for the people who are selected in 
    the big circle then move in the small circle?
    3. What do you think can be based on when selecting these people in 

    the small circle? 

    8.3.1. Meaning of audit sampling 

    a) Meaning

    Audit sampling is the application of audit procedures to less than 100% of 
    items with a population of audit relevance such that all sampling units have a 
    chance of being selected. This will enable the auditor to obtain and evaluate 
    audit evidence about some characteristics of the items selected in order to 
    provide the auditor with reasonable basis on which to draw conclusions about 
    the entire population. Audit sampling can be applied using either statistical or 

    non-statistical approaches.

    Auditors do not normally examine all the information available to them as it would 
    be impractical to do so and using audit sampling will produce valid conclusion. 

    ISA 530 Audit sampling provides guidance to auditors.

    Notes: Some testing procedures do not involve sampling, such as:
    • Testing 100% of items in a population
    • Testing all items with certain characteristics as selection is not 

    representative

    Auditors are unlikely to test 100% of items when carrying out test of controls, 
    but 100% testing may be appropriate for certain substantive procedure. For 
    example, if the population is made up of a small number of high value items, there 
    is a high risk of material misstatement and other means do not provide sufficient 

    appropriate audit evidence, then 100% examination may be appropriate.

    The auditor may alternatively select certain items from population because of 
    specific characteristics they possess. The results of items selected in this way 
    cannot be projected onto the whole population but may be used in conjunction 

    with other audit evidences concerning the rest of the population.

    High value or key items. The auditor may select high value items or 

    items that are suspicious. Unusual or phone error.

    • All items over a certain amount. Selecting items, this way may mean 
    a large proportion of the population can be verified by testing a few 

    items.

    • Items to obtain information about the client’s business, the nature of 

    transactions, or the client’s accounting and control systems.

    • Items to test procedures, to see whether particular procedures are 

    being performed.

    In designing the audit sampling, the auditor applies judgment in considering:
    • Audit objective
    • Population
    • Sampling unit
    • Risk and assurance
    • Tolerable error 
    • Expected error in the population, and 

    • Stratification

    Audit objective: the auditor should first consider the specific audit objectives to 
    be achieved to enable him/her to determine the audit procedure or combination 
    of procedures which is likely to best achieve those objectives. In addition, when 
    audit sampling is appropriate, the nature of the audit evidence sought and 
    possible error conditions or other characteristics relating to that evidence will 
    assist the auditor in defining what constitutes an error and what population 

    should be used for sampling.

    The population: the population is the entire set of data from which a sample is 
    selected and about which the auditor wishes to draw conclusions. The auditor 
    should determine that the population from which he/she draws the sample is 
    appropriate for the specific audit objective. For example, if the auditor’s objective 
    was to test for overstatement of accounts receivable, his/her population could 
    be defined as the accounts received trial balance.
    Sampling unit is the individual items constituting a population. It may be a 
    physical item (e.g. credit entries on bank statements, sales invoices, receivables’ 

    balances) or a monetary unit.

    Risk and assurance: in planning the audit, the auditor uses professional 
    judgment to assess the level of audit risk that is appropriate. Audit risk means 
    the chance of damage to the audit firm as result of giving an audit opinion that 

    is wrong in some particular. 

    Tolerable error: tolerable error is the maximum error in the population that 
    the auditor would be willing to accept and still conclude that the result from 
    the sample has achieved his/her audit objective. Tolerable error is considered 
    during the planning stage and is related to the auditor’s preliminary judgment 
    about materiality. The smaller the tolerable error, the larger the sample size the 

    auditor will require.

    Expected error in the population: if the auditor expects error to be present, 
    he/she will normally have to examine a larger sample to conclude either that 
    the population values are fairly stated to within the planned tolerable error or 
    that the planned reliance on a relevant control is justified. Smaller sample sizes 
    are justified when the population is expected to be error free. In determining 
    the expected error in a population, the auditor should consider such matters 
    as error levels identified in previous audits changes in client procedures and 
    evidence available from his/her evaluation of the system of internal control and 

    from results of analytical review procedures. 

    Stratification: stratification is the process of dividing population into sub-
    populations, which is a group of sampling units, which have similar characteristics 

    (often in monetary value). The strata must be explicitly defined so that each 
    sampling unit can belong to only one stratum. This procedure reduces the 
    variability of the items within each stratum. Stratification enables the auditor to 
    direct his/her efforts towards the items he/she considers potentially contain the 
    greater monetary error. For example, the auditor might direct his/her attention 
    to larger value items for accounts receivable to detect material overstatement 

    errors. In addition, stratification may result in a smaller sample size. 

    8.3.2. Sample size 

    The auditor shall determine a sufficient sample size to reduce sampling risk to 

    an acceptably low level. 

    a) Sampling risk 

    Sampling risk is the risk that the auditor’s conclusion, based on a sample of a 
    certain size, may be different from the conclusion that would be reached if the 
    entire population weas subjected to the same audit procedure. 
    Non-sampling risk is the risk that the auditor might reach an erroneous 
    conclusion for any reason not related to sampling risk. For example, most 
    audit evidence is persuasive rather than conclusive, the auditor might use 
    inappropriate procedures, or the auditor might misinterpret evidence and fail to 

    recognize a misstatement or deviation. 

    Remember: Detection risk is the risk that auditors will not detect a material 
    misstatement in the financial statements. Sampling risk is a subset of detection 
    risk, being the risk that the sample is not representative of the population. This 
    means that the auditor’s sample may not include an item, which contains a 
    material error, and so the material misstatement would not be detected. 
    The auditors are faced with sampling risk in both tests of controls and substantive 

    procedures, as follows. 

    The risk the auditor will conclude, in the case of a test of controls, that controls 
    are more effective than they actually are, or in the case of a test of details that 
    a material misstatement does not exist when in fact it does. This type of risk 
    affects audit effectiveness and is more likely to lead to an inappropriate audit 

    opinion. 

    The risk the auditor will conclude, in the case of a test of controls, that controls 
    are less effective than they actually are, or in the case of a test of details, that 
    a material misstatement exists when in fact it does not. This type of risk affects 
    audit efficiency, as it would usually lead to additional work to establish that initial 

    conclusions were incorrect. 

    Auditors need to ensure that risk is managed, so the greater their reliance on the 
    results of the procedure in question, the lower the sampling risk auditors will be 
    willing to accept and the larger the sample size will be. The sample size needed 
    to give acceptable level of audit risk will depend on the assessed levels of 
    inherent risk and control risk. The higher these risks are, the greater the sample 

    size needed to offset this.

    If both inherent risk and control risk are low, then a smaller sample size will be 
    necessary than for situations where inherent or control risks are considered to 

    be high. 

    For both tests of controls and substantive tests of details, sampling risk can be 
    reduced by increasing sample size while non-sampling risk can be reduced by 

    proper engagement planning, supervision and review. 

    b) Risk and sample size 

    If you recall, in the previous unit we illustrated how the prescribed level of 
    detection risk is affected by inherent risk and control risk, given a desired 
    level of audit risk. This relationship is described by the audit risk model: AR = 

    IR*CR*DR. 

    This formula is very important, so we will look at another example of it here, to 

    reinforce your understanding. 

    An audit firm sets its acceptable level of risk as 5%. The risk assessment 
    activities at the firm’s client have indicated that the level of inherent risk is 75% 
    and control risk is 40%. What is the level of detection risk the auditor can 

    accept? 

    Applying the audit risk formula: 
    AR= IR*CR*DR
    DR = AR / IR*DR
    DR= 0.05 / 0.75*0.4
    DR= 0.05 / 0.3
    DR= 0.16666667= 0.167*100= 16.7%
    AR= 0.75*0.4*0.167

    AR= 0.0501*100= 5% 

    So, the level of detection risk would need to be set at 16.7% to achieve the 
    prescribed level of audit risk (5%). 

    However, we have now also seen that detection risk comprises both sampling 
    risk and non-sampling risk. 

    To reflect this, the audit risk model can be rewritten: 

    Audit risk = Inherent risk * Control risk * Sampling risk (SR) * Non-sampling risk 

    (NSR) 

    As above, the audit firm sets its acceptable level of risk as 5%, the level of 
    inherent risk is 75% and control risk is 40%. However, in addition, the firm 
    has identified that non-sampling risk is 50%. What is the prescribed level of 

    sampling risk? 

    Applying the amended audit risk formula, we find that: 

    AR= IR*CR*SR*NSR

    SR= AR / IR*CR*NSR

    SR= 0.05 / 0.75*0.4*0.5

    SR= 0.05/0.15

    SR= 0.33333333*100= 33%

    AR= 0.75*0.4*0.5*0.33

    AR= 0.05*100= 5% 

    So, the level of sampling risk would now need to be set at 33%. 

    Calculating the actual sample size to be used for an audit test is a complex 
    exercise involving mathematical tables, and is outside the scope of this paper. 

    You will not have to perform such a calculation in your exam. 

    However, you need to appreciate, in general terms, the relationship between 
    the level of sampling risk and the size of the sample an auditor will need to 
    choose. That is, the lower the sampling risk the auditor is prepared to accept, 
    the larger the sample size he/she will have to select. Or conversely, the higher 
    the sampling risk the auditor is prepared to accept, the smaller the sample size 

    he/she will have to select. 

    8.3.3. Techniques of audit sampling

    Audit sampling can be done using either statistical sampling or non-statistical 

    sampling methods.

    Statistical sampling is sampling method involving random selection of the 
    sample items, and the use of probability theory to evaluate sample results, 

    including measurement of sampling risk.

    Non-statistical sampling is another sampling method that does not have these 

    characteristics.

    There are a number of methods available to an auditor to help him/her select a 

    sample (ISA 530).

    a. Random selection uses random number tables or computerized generator 

    to select the sample. 

    b. For example, the auditors might tell a computer program there are 450 
    receivables numbered 1–450 and they want a sample of 30. The computer 
    would randomly select 30 numbers between 1 and 450 to be the sampled 

    items. 

    c. Systematic selection involves selecting items using a constant interval 
    between selections, the first interval having a random start. So using the 
    above example of 1–450 again, the sampling interval would be 15, as 15*30 
    is 450. The computer could randomly choose a number between 1 and 15 
    to be the 1st sampled item and every 15th item after that (for example, 13, 
    28, 43 etc.) would be sampled. When using systematic selection auditors 
    must ensure that the population is not structured in such a manner that the 

    sampling interval corresponds to a particular pattern in the population. 

    d. Haphazard selection is where an auditor himself/herself selects items 
    ‘at random’. It may be an alternative to random selection provided that 
    the auditors are satisfied that the sample is representative of the entire 
    population. This method requires care to guard against making a selection 
    which is biased, for example towards items which are easily located, as they 
    may not be representative. It should not be used if auditors are carrying out 

    statistical sampling. 

    e. Sequence or block selection. Sequence sampling may be used to establish 
    whether certain items have particular characteristics. For example: an auditor 
    may use a sample of 50 consecutive cheques to verify whether cheques 
    are signed by authorized signatories rather than picking 50 single cheques 
    throughout the year. Sequence sampling may however produce samples 
    that are not representative of the population as a whole, particularly if errors 
    only occurred during a certain part of the period, and hence the errors found 

    cannot be projected onto the rest of the population.

    f. Monetary unit sampling is a type of value-weighted selection in which 
    sample size, selection and evaluation result in a conclusion in monetary 

    amounts. 

    The auditor shall perform audit procedure, appropriate to the purpose, on each 

    item selection.

    If the particular item is not appropriate, tests can be performed on alternative 

    items

    If however, evidence about the item is not available, the auditor should normally 
    treat it as an error. For example, if an auditor has chosen a selection of 
    receivables balances to confirm whether they have subsequently been paid and 
    one sampled item was actually in credit due to a previous double payment, it
    would not be appropriate to test for a subsequent payment and another balance 

    should be selected. 

    8.3.4. Factors affecting the sample size

    Examples of some factors affecting sample size are given in ISA 530, and 

    summarized here: 

    Examples of factors influencing sample size for tests of controls:

    Examples of factors influencing sample size for tests of details

    An important thing to note is that although the auditor can manage/influence the 
    level of audit risk by increased sampling, this should always be balanced against 

    the amount of time and resource available.

    Application activity 8.3

    1. Give three examples of sample selection methods that can be used 
    in audit sampling.
    2. Differentiate sampling risk from non-sampling risk.
    3. Explain the importance of audit sampling during the audit execution.
    4. What are the testing procedures that do not involve sampling?
    5. State the elements that the auditor may depend upon when designing 

    the audit sampling before applying judgement.

    8.4. Audit in IT environment

    Learning activity 8.4

    Observe the above picture then answer the following questions:

    1. How do we call applications of auditing procedures that can be 
    performed with the use of a computer as an audit tool? 

    2. What are those applications?

    8.4.1. Computer Assisted Audit Techniques(CAATs)

    a) Meaning of CAATs

    Computer-assisted audit techniques (CAATs) are commonly used by auditors. 

    They consist of audit software and test data. 

    Computer-assisted audit techniques (CAATs) are applications of auditing 

    procedures to be applied using the computer as an audit tool. 

    It is by no means unusual to use a computer to help with auditing. You probably 

    use common CAATs all the time in your daily work without realizing it. 

    Most modern accounting systems allow data to be manipulated in various ways 

    and extracted into a report. 

    Even if reporting capabilities are limited, the data can often be exported directly 
    into a spreadsheet package (sometimes using simple Windows-type cut and 

    paste facilities in very modern systems) and then analyzed. 

    Most systems have searching facilities that are much quicker to use than 

    searching through print-outs by hand. 

    There is a variety of packages specially designed either to ease the auditing task 
    itself, or to carry out audit interrogations of computerized data automatically. 
    There is also a variety of ways of testing the processing that is carried out. 
    Much of this work can now be done using computers that are independent of 

    the organization’s systems. 

    These uses of the computer for audit work are known as computer-assisted 
    audit techniques (CAATs). CAATs may be used in performing various auditing 
    procedures, including the following: 
    • Tests of details of transactions and balances 
    • Analytical review procedures 

    • Tests of computer information system controls 

    The overall objectives and scope of an audit do not change when an audit is 
    conducted in a computerized environment. Auditing can be carried out around, 

    through or with the computer. 

    b) Auditing around the computer 
    To audit around the computer, the auditor does not look at the specific workings 
    of the system itself. A sample of inputs will be traced to outputs, and vice versa. 
    If they prove to be accurate and valid, it is assumed that the system of controls 

    is effective and that the system is operating properly. 

    The main advantage of this method of auditing is that it can be carried out with 
    very little technical expertise. However, this method is only suitable if there is a 
    clear audit trail within the system, the system is relatively simple, and up to date 

    documentation exists about how the system works. 

    c) Auditing through the computer 
    Auditing through the computer requires more specific IT audit skills than those 
    required to audit around the computer as this method directly tests the controls 

    within the system itself. 

    Auditors customarily audit ‘through the computer’. This involves an examination 
    of the detailed processing routines of the computer to determine whether the 
    controls in the system are adequate to ensure complete and correct processing 

    of all data. In these situations, it will often be necessary to employ CAATs. 

    d) Auditing with the computer 
    Auditing with the computer refers to the use of CAATs to assist in auditing work. 
    CAATs consist of audit software and test data which we will look at in detail 

    below. 

    8.4.2 .Advantages and disadvantages of CAATs 

    a) The advantages of using CAATs

    • Audit testing capability is increased – large volumes, up to 100%, 
    of information can be tested, thereby reducing or even eliminating 
    sampling risk. 

    • Tasks which are manually impossible can be carried out – using the 
    computer to trace key controls and processes where there is no visible 
    audit trail. 

    • Cost-effectiveness – although up-front costs may be considerable, 
    CAATs can often be used again in subsequent audits. 

    • Repetitive work is eliminated – this can increase job satisfaction for 
    auditors and for them up to apply professional judgment to key areas. 

    • Knowledge of client’s systems is improved – this is an important by-
    product that enhances the auditor’s knowledge of the client and aids 

    future audit planning.
     

    • Results from CAATs can be compared with results from traditional 

    testing – if the results correlate, overall confidence is increased. 

    b) The challenges or disadvantages associated with using CAATs 
    • Setting up the software needed for CAATs can be time consuming and 

    expensive. 

    • Audit staff will need to be trained so they have a sufficient level of IT 
    knowledge to apply CAATs. 
    • Not all client’s systems will be compatible with the software used with 
    CAATs. 
    • There is a risk that the client’s data is corrupted and lost during the use 
    of CAATs. 
    • Information in real-time systems is constantly changing.
    • Testing can be limited by the data held on the system. 
    • There is a risk of over-reliance on ‘infallible’ computerization of audit 
    procedures. 

    • Auditor judgment must still be applied throughout the testing process.

    8.4.3. Audit software

    a) Meaning of audit software

    Audit software is computer programs used by the auditor to interrogate a 
    client’s computer files. Audit software consists of computer programs used 
    by the auditors as part of their auditing procedures, to process data of audit 
    significance from the entity’s accounting system. It may consist of generalized 
    audit software or custom audit software. Audit software is used for substantive 

    procedures. 

    Generalized audit software allows auditors to perform tests on computer files 
    and databases, such as reading and extracting data from a client’s systems for 
    further testing, selecting data that meets certain criteria, performing arithmetic 
    calculations on data, facilitating audit sampling and producing documents and 

    reports quickly. 

    Customized audit software is written by auditors for specific tasks when 

    generalized audit software cannot be used. 

    Using audit software, the auditor can scrutinize large volumes of data, and 

    identify results or anomalies which need further investigation. 

    Audit software performs the sort of tests on data that auditors might otherwise 
    have to perform by hand. The following are some examples of the use of audit 

    software in the course of an audit work. 

    b) Audit software: Examples of its use

    • Access the client’s data files and obtain information without the need to 
    ask the client for information.
    • Perform calculations and comparisons in analytical procedures. 
    • Sampling programs to extract data for audit testing, e.g. select a sample 
    of receivables for confirmation. 
    • Scan a file to ensure that all documents in a series have been accounted 
    for or to search for large and unusual items. 
    • Compare data elements in different files for agreement (e.g. prices on 
    sales invoices to authorized prices in master file). 
    • Re-perform calculations, e.g. totaling receivables ledger. 
    • Prepare documents and reports, e.g. Produce receivables’ confirmation 

    letters and monthly statements.

    The use of audit software is particularly appropriate during substantive testing 
    of transactions and especially balances. Interrogation software in particular can 
    help auditors prepare tests, by for example selecting a sample of balances or 
    dividing populations according to set criteria such as amounts owed (this is 

    called stratification and is discussed further later in this unit). 

    Interrogation software can also help auditors scrutinize large volumes of data, 

    and concentrate resources on the investigation of results. 

    Earlier we looked at the advantages and disadvantages of CAATs in general 
    and, although some may be similar, we will now look specifically at the benefits 

    of audit software along with the potential difficulties of using audit software.

    c) Benefits and difficulties of using audit software 

    • Benefits of using audit software 

    – Audit software can perform calculations and comparisons more 

    quickly than those done manually. 

    – Audit software makes it possible to test more transactions than when 
    simply manually scanning print outs. For example: audit software 
    may facilitate searches for exceptions, such as negative or very high 
    quantities when auditing inventory listings. The additional information 
    will give the auditor increased comfort that the figure being audited is 

    reasonably stated. 

    – Audit software may allow the actual computer files (the source files) 
    to be tested from the originating program, rather than print outs from 
    spool or previewed files which are dependent on other software (and 
    therefore could contain errors or could have been tampered with 

    following export). 

    Using audit software is likely to be cost-effective in the long-term if 

    the client does not change its systems. 

    • Difficulties of using audit software 

    – The costs of designing tests using audit software can be substantial 
    as a great deal of planning time will be needed in order to gain an 
    in-depth understanding of the client’s systems so that appropriate 

    software can be produced. 

    – The audit costs in general may increase because experienced and 
    specially trained staff will be required to design the software, perform 

    the testing and review the results of the testing. 

    – If errors are made in the design of the audit software, audit time, and 
    hence costs, can be wasted in investigating anomalies that have 
    arisen because of flaws in how the software was put together rather 

    than by errors in the client’s processing. 

    – If audit software has been designed to carry out procedures during 
    live running of the client’s system, there is a risk that this disrupts the 
    client’s systems. If the procedures are to be run when the system is 
    not live, extra costs will be incurred by carrying out procedures to 
    verify that the version of the system being tested is identical to that 

    used by the client in live situations. 

    8.4.4. Test data

    a) Meaning of test data

    Test data is data submitted by the auditor for processing by the client’s computer 
    system, to test that the system processes the data as expected. 

    Test data techniques are used in conducting audit procedures by entering data 
    (e.g. a sample of transactions) into an entity’s computer system, and comparing 
    the results obtained with pre-determined results. Test data is used for tests of 

    controls. 

    An obvious way of seeing whether a system is processing data in the way that 
    it should be is to input some example, or test data and see what happens. The 
    expected results can be calculated in advance and then compared with the 

    results that actually arise. Test data has two aspects:

    • Data representing valid transactions. Here the auditor is looking for 
    confirming that the system produces the required documentation such 

    as sales invoices and updates the accounting records.

    • Data that is invalid for any reason. Here the auditors are reviewing 
    controls that prevent processing of data that is clearly wrong, negative 
    amounts or non-existent customers for example, or which breaches 
    limits set down by the company (for example transactions which take 
    credit customers over their credit limit). Auditors are interested in 
    seeing not only that the system rejects the transaction, but also that 

    breaches are reported (by means of exception reports). 

    uses of test data 

    – Test data used to test specific controls in computer programs such as 

    on-line password and data access controls. 

    – Test transactions selected from previously processed transactions 
    or created by the auditors to test specific processing characteristics 
    of an entity’s computer system. Such transactions are generally 
    processed separately from the entity’s normal processing. Test data 
    can, for example, be used to confirm whether the controls that prevent 
    the processing of invalid data are operating effectively, for example 
    by entering data with say a non-existent customer code or worth an 
    unreasonable amount, or a transaction which may if processed break 

    customer credit limits. 

    – Test transactions used in an integrated test facility. This is where a 
    ‘dummy’ unit (e.g. a department or employee) is established, and to 
    which test transactions are posted during the normal processing 

    cycle.

    b) Benefits and problems of using test data

    Bearing the examples above in mind, we can see the main benefits of using test 

    data techniques as follows: 

    – Test data provides evidence that the software or computer system 
    used by the client is working effectively by testing the program 
    controls and in some cases there may be no other way to test some 

    program controls. 

    – Once the basic test data have been designed, the level of ongoing 
    time needed and costs incurred is likely to be relatively low until the 

    client’s systems change. 

    However, there are some problems with using test data as shown below: 

    – A significant problem with test data is that any resulting corruption of 
    data files has to be corrected. This is difficult with modern real-time 
    systems, which often have built-in (and highly desirable) controls to 
    ensure that data entered cannot be easily removed without leaving a 

    mark. 

    – Test data only tests the operation of the system at a single point of 
    time and therefore the results do not prove that the program was in 

    use throughout the period under review. 

    – Initial computer time and costs can be high and the client may change 

    their programs in subsequent years. 

    Application activity 8.4

    1. Name two types of CAATs that are commonly used.

    2. How CAATS may be used in audit execution?

    3. Explain the use of audit software

    4. Explain the benefits of using test data

    5. Diferentiate the aspects of test data 

    6. State the main audit procedure used for gathering audit evidence

    Skills lab activity 8

    Accounting records/transactions from the school’s bursar, share with 

    students the following:

    1. Let students apply sampling techeniques to obtains samples 

    2. Guide students on how some sampling techeniques can increase or 

    deacrese the sample size.

    End unit 8 assessment

    1. Explain the challenges associated with using CAATs

    2. Differentiate audit software from test data

    3. Explain the qualities of an audit evidence

    4. Differentiate statistical sampling from non-statistical sampling

  • UNIT 9: AUDIT DOCUMENTATION

    Key unit competence: To be able to evaluate the form, content and 

    extent of audit documentation.

    Introductory activity

    KAYIJUKA has been recently appointed as the auditor of ITERAMBERERYACU 
    Ltd Company located in GATSIBO DISTRICT. The company is operating in 
    beverage business industry. On his arrival, he was received by the managing 
    director of the company. They had discussions and later proceeded with 
    auditing work. He was given various documents from the accountant, 
    manager, cashier and storekeeper. During his work of audit, the auditor was 

    collecting some documents that could help him to prepare his audit report.

    Question 

    1. How do you call the documents gathered by the auditor during audit?

    2. What do you think could be the purpose of gathering the documents? 

    9.1. Components of audit documentations

    Learning activity 9.1

    Observe carefully the pictures above and answer the following questions: 

    1. Which documents do you observe on the pictures?

    2. In few words how do you call the documents observed?

    9.1.1. Meaning and objectives of audit documentation

    a) Meaning of audit documentation

    Audit documentation is the principal record of auditing procedures applied, 
    evidence obtained, and conclusions reached by the auditor in the engagement. 
    Audit documentation is the written record of the basis for the auditor’s 
    conclusions that provides the support for the auditor’s representations, whether 

    those representations are contained in the auditor’s report or otherwise.

     Audit documentation refers to the records or documentation of procedures that 
    auditors performed, the audit evidence that they obtained and the conclusions 
    made by them based on the evidence obtained from the field. The quantity, type, 
    and content of audit documentation are matters of the auditor’s professional 

    judgment.

    b) Objectives of audit documentation

    Before the auditor could make a conclusion on financial statements whether 
    those financial statements are free from material misstatement or they contain the 
    misstatement, the auditor needs to make sure that they have enough(sufficient 
    and appropriate) audit evidence to support his/her conclusions. Therefore, audit 
    documentation is important for the success of audit works. The following are the 

    objectives of audit documentation:

    • It provides evidence of the auditor’s basis for a conclusion about the 
    achievement of the overall objective;
    • It provides evidence that the audit was planned and performed in 
    accordance with ISAs and other legal and regulatory requirements;
    • It assists the engagement team to plan and perform the audit;
    • It assists team members responsible for supervision to direct, supervise 
    and review audit work;
    • It enables the team to be accountable for its work;
    • It allows a record of matters of continuing significance to be retained;
    • It enables the conduct of quality control reviews and inspections (both 

    internal and external).

    Audit documentation is sometimes called audit working papers.

    9.1.2. Audit working papers

    a) Definition of audit working papers

    Audit working papers are documents which contain all information gathered 
    from the company audited and show all evidences to help the auditor to prepare 
    the final report and to form his/her opinion. Working papers are records kept 
    by the auditor of the procedures applied, the tests performed, the information 

    obtained, and the pertinent conclusions reached in the engagement 

    Working papers are the record of various audit procedures performed, audit 
    evidence collected and obtained, allocation of work between audit team 
    members etc. Audit working papers are the documents and evidence that an 

    auditor collects and retains with himself/herself during the audit work.

    b) The form and contents of working papers

    The form and content of working papers are affected by matters such as:
    • The size and complexity of the entity;
    • The nature of the audit procedures to be performed;
    • The identified risks of material misstatement;
    • The significance of the audit evidence obtained;
    • The nature and extent of exceptions identified;

    • The audit methodology and tools used.

    c) Features of good working papers

    • They should be properly headed.
    • They should indicate the period covered by them or when they were 
    collected or recorded.
    • They should be as complete as possible so that they do not call for 
    further explanation.
    • They should be sufficiently detailed.
    • They should be kept safely as a safeguard from misuse or destruction.

    • Symbols used should be explained.

    d) Advantages/benefits of collecting working papers

    • They are used as a basis for planning the current year’s audit.
    • They are used as a means of controlling the current year’s audit through 
    their review.
    • They enable the auditor to form an opinion.
    • They are used to assist in investigations in company’s financial affairs.
    • These working papers can be used as evidence of work done in 
    particular if the auditor has been sued for negligence.
    • They are collected as evidence of work done by each audit clerk who 

    can be questioned if any work was omitted.

    e) How Audit working Papers are gathered

    • By taking photocopies of the client’s statements.
    • By taking notes relating to areas of weak internal control system, 
    material errors and frauds.
    • By filing up evidence from third parties.
    • Auditor’s own judgment which is put on record and filed.

    • Important documents from the company. 

    f) Ownership of working papers

    Working papers are the property of the auditor. The auditor may, at his/her 
    discretion, make portions of or extracts from his/her working papers available 
    to his/her client. They should not, however, be a substitute for the client’s 

    accounting records.

    9.1.3. Audit files

    The auditor maintains two audit files for each client. These two files are known 

    as permanent audit file and current audit file and they are explained as follows: 

    a) Permanent audit file 

    Permanent audit file is a file which containst all documents that are required by 
    the auditor as long as he/she remains the auditor of this particular company.
    Permanent audit file is a file which contains informations of continuing importance 
    / nature to the auditor i.e.that informations which the auditor will use beyond 

    one financial period.

    A permanent audit file contains information which is of continuous interest and 
    is relevant in future audits. In preparing this file, the auditor should bear in mind 

    the following points:

    • The objective of the file is to maintain a permanent record of information 

    of permanent importance to the auditor.

    • The file must be updated at each annual audit.

    The documents kept in the parmanent file include:
    • Statutory or legal documents like Memorandum of association and 
    Articles of association;
    • Details relating to the nature of the business, its operations; 
    • Organization plan and chart showing the duties and authorities of 
    various officials of the company;
    • Details of accounting systems and internal control in operation;
    • Copies of important agreements and minutes of important meetings of 
    board of Directors;
    • List of accounting books or records maintained by the company;

    • Copies of previous years financial statement. 

    b) Current audit file

    Current audit file is that file which contains information which related primarly to 
    the set of accounts being audited i.e. It contains informations which will be used 
    by the auditor for the current year under audit only. A current audit file contains 
    information regarding audit conducted for the current period. This file contains 

    documents in respect of one specific year.

    The current file contains the following documents:
    • A copy of the final accounts of the respective year.
    • Completed internal control questionnaires.
    • Audit programme
    • Audit time table
    • All relevant list e.g. list of fixed asset, a list of debtors, a list of creditors 
    etc.

    • Correspondence with the client in respect of the current audit.

    9.1.4. Audit note book

    a) Definition and purpose of audit note book

    An audit notebook is a register kept by an audit team to record crucial/important 

    points observed during the audit.

    The purpose of an audit notebook is to note down various points, which need 
    to be either clarified with the client or the chief auditor. Audit notebook is also 
    used for recording important points to be included in the Auditor’s Report. It is 

    a complete record of doubts and their clarification.

    b) Importance of Audit Note Book

    • Audit notebook shall be taken as reliable evidence even by the Court 

    of law in case of dispute or if the auditor is charged with negligence.

    • It is useful for drawing the audit program.

    c) Advantages of audit notebook

    • Audit note book enables the auditor to record important points, which 
    arise during the course of his/her audit; otherwise he/she might forget 

    these points.

    • An auditor can produce this book as a documentary evidence in a suit 

    filed against him/her for negligence or misfeasance.

    • It facilitates the preparation of the audit report.

    • If the assistant in charge is changed before the completion of a 
    particular work, it acts as a guide and makes the completion of balance 

    work easier.

    • It can help in making an assessment of the work of audit clerks.

    • It provides a key to evaluate the efficiency of the audit staff.

    d) Disadvantages of Audit NoteBook

    • Very often, it creates misunderstanding between the client staff and the 
    audit staff.
    • If it is not properly and carefully prepared, it cannot be used as evidence 
    against the auditor for negligence.
    • Audit staff has to depend too much upon the client’s staff for its 

    preparation.

    e) Contents of an audit notebook

    • A list of books of accounts maitained by the client.
    • The technical terms used in the business.
    • The names of the principal officers, their powers, duties and 
    responsibilities.
    • The points which require further explanations and clarification.
    • The mistakes and errors discovered .
    • The total or balance of certain books of accounts, bank reconciliation 
    statement.
    • Accounting methods followed in the business.
    • The points which have to be incorporated in the audit report.
    • Any matters which require discussions with the senior or with the 
    auditor.

    • Date of commencement and completion of the audit.

    Application activity 9.1

    1. Define the following concepts:
    a. Audit documentation

    b. Audit notebook

    2. What are the types of audit files?

    Skills lab activity 9

    Under the guidance of a teacher, the students in their learning groups are 
    facilitated to design appropriate working papers showing all the required 

    information as required per International Standards on Auditing.

    End unit 9 assessment

    1. Identify the objectives of audit documentation.

    2. What is the definition and the purpose of audit notebook? 

    3. Differentiate Permanent audit file from Current audit file

    4. Give the features of good audit working papers

    5. Complete the following definitions:

    a. …...documents which contain all information gathered from the 
    company audited and show all evidences to help the auditor to 

    prepare the final report and to form his/her opinion.

    b. …...the written record of the basis for the auditor’s conclusions 
    that provides the support for the auditor’s representations, 
    whether those representations are contained in the auditor’s 

    report or otherwise.

  • UNIT 10: INTERNAL CONTROL SYSTEM

    Key unit competence: To be able to evaluate internal control system

    Introductory activity

    A case study

    IHAHIRORYACU Ltd Company is located in Kigali city. Due to the lack of sufficient 
    staff at both managerial and operational levels staff , the management of the 
    company requested its staff to perform any tasks assigned to them. This implies 

    that there were no specific duties and responsibilities assigned to each staff.

    Procurement of goods and services are planned and executed by Head of Finance 
    (HoF). The Head of the Finance is the one who receives the goods and services 
    and later makes payments for them. Suppliers are paid with the use of cheques. As 
    part of practice, the issued must bear the signatures of the Hod and accountant. 

    The accountant is the brother in law to the HoF.

    In accordance with company’s human resources policy, the recruitment of staff is 

    done by a team of staff appointed by the Head of the Human Resources (HRM).

    It is the responsibility of the Human Resources unit to conduct the recruitment 
    process and recommend to Managing Director (MD) the competent candidates for 
    appointment. This is not done as per the policy; recruitment of staff is conducted 
    by the Head of Finance and recommend the competent candidates to the MD for 
    appointment. The Human Resources unit does only prepare monthly payrolls and 

    ensure that the employees are paid timely.

    The management of petty cash is done by the accountant. No one makes follow up 
    of money spent through petty cash. No records regarding petty cash managements. 
    IHAHIRORYACU Ltd Company maintains three bank accounts. The signatories to 
    the bank accountants are the accountant and HoF. Bank reconciliation for the bank 

    accounts are prepared at the end of financial year.

    Question

    What are weaknesses that exist in management of IHAHIRORYACU Ltd Company?

    10.1. Features of internal control system

    Learning activity 10.1

    A manager of a company would like to build an overall system, which will 
    allow the management of the organisation to govern, control of organisational 

    activities, examine financial information and review operating activities. 

    1. What do you think this manager can do in order to provide the 

    company with an effective internal control system?

    2. What are main elements of internal control system?

    10.1.1. Meaning and features of internal control system

    a) Meaning of internal control system 

    Internal control is the process designed and affected by those charged with 
    governance, management, and other personnel to provide reasonable assurance 
    about the achievement of the entity’s objectives with regard to reliability of 
    financial reporting, effectiveness and efficiency of operations and compliance 

    with applicable laws and regulations. 

    b) Features of internal control system 
    Effective internal control depends on good organization. Reducing the level of 
    errors and irregularities helps to ensure that the objectives of the control system 

    are effectively achieved. 

    Organization plan
    The first feature of an internal control system is the organization plan. In order for 
    it to be effective, it must be simple and flexible. This plan should clearly outline 

    the functions of each unit and its staff members. 

    • Segregation of functions
    Structural independence of an organization means separating the functions of 
    each area of the company. This is essential for an effective internal control system, 
    as it ensures that one person is not responsible for all stages of an operation. 
    In this sense, all processes must go through different phases, and each of them 
    must be under the responsibility of different persons. Thus, the execution, 
    authorization or registration of a transaction is performed independently by 
    different employees.

    • Control of access to assets

    Effective internal control depends on a large extent on the security of the 
    processes. An organization achieves an adequate degree of security when 
    access to assets or accounting records is limited. This involves restricting 
    physical or remote access to assets or the preparation of documents for 

    authorizing access to them.

     Authorization system and procedure 

    Effective internal control includes methods to monitor the records of operations 
    and transactions. The procedures involved in an activity must include periodic 

    audits and reviews, as well as obtaining control information and authorisation.

    10.1.2. Elements of internal control system 

    Internal control has five elements:

    a) The control environment 

    The control environment is the framework within which controls operate. The 
    control environment is determined by the management of the business. The 
    control environment includes the governance and management functions and 
    the attitudes, awareness and actions of those charged with governance and 
    management concerning the entity’s internal control and its importance in the 

    entity. 

    Communication and enforcement of integrity and ethical values: Essential 
    elements which influence the effectiveness of the design, administration and 

    monitoring of controls. 

    Commitment to competence: Management’s consideration of the competence 
    levels for particular jobs and how those levels translate into requisite skills and 

    knowledge. 

    Organisational structure: The framework within which an entity’s activities for 

    achieving its objectives are planned, executed, controlled and reviewed.

    Assignment of authority and responsibility: How authority and responsibility 
    for operating activities are assigned and how reporting relationships and 

    authorisation hierarchies are established. 

    Human resource policies and practices: Recruitment, orientation, training, 
    evaluating, counselling, promoting, compensation and remedial actions. 
    The auditor shall assess whether these elements of the control environment 
    have been implemented using a combination of inquiries of management and 

    observation and inspection.

    Entity risk assessment process: An auditor must obtain an understanding of 
    whether the entity has a process for: 
    – Identifying business risks relevant to financial reporting objectives;
    – Estimating the significance of the risks; 
    – Assessing the likelihood of risks occurrence; 

    – Deciding upon actions to address those risks. 

    b) Information system relevant to financial reporting

    The information system relevant to financial reporting is a component of 
    internal control that includes the financial reporting system, and consists of 
    the procedures and records established to initiate, record, process and report 
    entity’s transactions and to maintain accountability for the related assets, 

    liabilities and equity.

    The auditor shall obtain an understanding of the information system relevant to 

    financial reporting objectives, including the following areas: 

    – The classes of transactions in the entity’s operations that are 
    significant to the financial statements; 

    – The procedures, within both IT and manual systems, by which those 
    transactions are initiated, recorded, processed, corrected, transferred 
    to the general ledger and reported in the financial statements;

    – The related accounting records, supporting information, and specific 
    accounts in the financial statements, in respect of initiating, recording, 
    processing and reporting transactions;

    – How the information system captures events and conditions, other 
    than transactions, that are significant to the financial statements; 

    – The financial reporting process used to prepare the entity’s 
    financial statements, including significant accounting estimates and 
    disclosures;

    – Controls surrounding journal entries, including non-standard journal 
    entries used to record non-recurring, unusual transactions or 

    adjustments.

    c) Control activities 

    Control activities are those policies and procedures that help ensure that 
    management directives are carried out. This means that the auditor shall obtain 
    an understanding of control activities relevant to the audit and how the entity 
    has responded to risks arising from IT. Control activities include those activities 

    designed to prevent or to detect and correct errors. 

    Those include activities relating to authorisation, performance reviews, 
    information processing, physical controls and segregation of duties. Examples 
    of control activities include:
    – Activities relating to authorisation;
    – Performance reviews;
    – Information processing; 

    – Physical controls and segregation of duties.

    Components of control activities

    Approval and control of documents
    – Controls over computerised applications 
    – Checking the arithmetical accuracy of records 
    – Maintaining and reviewing control accounts and trial balance
    – Reconciliations of accounts balances such as bank account. 
    – Comparing the results of cash, security and inventory accounts with 
    accounting records 
    – Comparing internal data with external sources of information
    – Limiting physical access to assets and records

    – Segregation of duties

    In brief, control activities are those policies and procedures that ensure 
    management’s directives are carried out. This means that the auditor shall 
    obtain an understanding of control activities relevant to the audit and how the 

    entity has responded to risks arising from IT. 

    Table illustrating control objectives and control activities

    d) Entity risk assessment process 

    An auditor must obtain an understanding of whether the entity has a process 
    for: 
    • Identifying business risks relevant to financial reporting objectives;
    • Estimating the significance of the risks;
    • Assessing the likelihood of risks occurrence; 

    • Deciding upon actions to address those risks. 

    As part of managing business risk generally, the directors should have a system 
    for identifying and dealing with risks affecting the financial statements. If they 
    have such a system, and it works effectively, the chance of having an error in 
    the financial statements (control risk) is lower and so audit risk is lower. The 
    entity’s risk assessment process is an element of the control environment which 
    encompasses the entity’s process for identifying business risks relevant to 
    financial reporting objectives and deciding about actions to take to address 

    those risks.

    If the entity has established such a process, the auditor would obtain an 
    understanding of it. If there is not a process, the auditor shall discuss with 
    management whether relevant business risks have been identified and how they 

    have been addressed.

    e) Monitoring of controls

    Monitoring of controls is a process to assess the effectiveness of internal 
    control performance over time. It includes assessing the design and operation 

    of controls on a timely basis and taking necessary corrective actions/measures.

    Small companies - the problem of control

    Many of the controls which would be relevant to a large entity are neither practical 
    nor appropriate for a small company. For a small company, the most important 
    form of internal control is generally the close involvement of the directors or 
    proprietors. However, that very involvement will enable them to override controls 

    and, if they wish, to exclude transactions from the records. 

    Auditors can have difficulties not because there is a general lack of controls but 
    because the evidence available as to their operation and the completeness of 

    the records is insufficient.

    Segregation of duties will often appear inadequate in enterprises having a small 

    number of staff. 

    Similarly, because of the scale of the operation, organisation and management 

    controls are likely to be rudimentary at best. 

    The onus is on the proprietor, by virtue of their day-to-day involvement to 
    compensate for this lack. This involvement should encompass physical, 

    authorisation, arithmetical and accounting controls as well as supervision. 

    However, it is important to stress that in a well-run small company, there will be 
    a system of internal control. In any case, all companies must comply with any 

    relevant legislation concerning the maintenance of a proper accounting system.

    Where the manager of a small business is not himself/herself the owner, he/
    she may not possess the same degree of commitment to the running of it as 
    an owner-manager would. In such cases, the auditors will have to consider 
    the adequacy of controls exercised by the shareholders over the manager in 

    assessing internal control.

    Controls in a computer environment 

    Auditors must be able to cope with the special problems that arise when auditing 
    in a computer environment and keep abreast of technical innovation. There are 

    two types of controls such as: application controls and general IT controls. 

    Application controls are ‘manual or automated procedures that typically operate 
    at a business process level. Application controls can be preventative or detective 

    in nature and are designed to ensure the integrity of the accounting records. 

    Accordingly, application controls relate to procedures used to initiate, record, 

    process and report transactions or other financial data. 

    General IT controls are ‘policies and procedures that relate to many applications 
    and support the effective functioning of application controls by helping to 
    ensure the proper continuity of operations of information systems. General IT 
    controls commonly include controls over data centre and network operations; 
    system software acquisition, change and maintenance; access security; and 

    application system acquisition, development and maintenance.

    Application controls and general IT controls are inter-related. Strong general 
    IT controls contribute to the assurance which may be obtained by an auditor in 

    relation to application controls.

    On the other hand, unsatisfactory general IT controls may undermine strong 

    application controls or exacerbate unsatisfactory application controls. 

    The following points will particularly influence the auditors’ approach: 

    Before auditors placing reliance on application controls which involve 
    computer programs, they need to obtain reasonable assurance that 
    the programs have operated properly, by evaluating and testing the 
    effect of relevant general IT controls or by other tests on specific parts 

    of the programs;

    – Sometimes, a programmed accounting procedure may not be subject 
    to effective application controls. In such circumstances, in order to put 
    themselves in a position to limit the extent of substantive procedures, 
    the auditors may choose to perform tests of controls by testing the 
    relevant general IT controls either manually or by using CAATs, to gain 
    assurance of the continuity and proper operation of the programmed 

    accounting procedure;

    – In a computer environment, there is the possibility of systematic 
    errors. This may take place because of program faults or hardware 
    malfunction in computer operations. However, many such potential 
    recurrent errors should be prevented or detected by general controls 
    over the development and implementation of applications, the integrity 

    of the program and data files, and of computer operations;

    – The extent to which the auditors can rely on general IT controls may 
    be limited because many of these controls might not be evidenced, or 

    because they could have been performed inconsistently. 

    Table illustrating application controls

    Table illustrating general IT controls, controls and where they are needed

    Application activity 10.1

    1. Find out the requirements to achieve the overall objectives of 
    application controls.

    2. Explain the various ways through which the segregation of duties 

    should be carried out.

    10.2. Assessment and recording of information systems

    Learning activity 10.2

    BUGIRIMANA is an entrant or beginner in the auditing profession. The 
    association of accountants where he is a member has offered him an 
    opportunity to audit TUZAMURANE Ltd Company, one of the medium 
    business category in the country. He was required to assess its recording 

    of information system and the entire internal control system. 

    1. What should the auditor do to assess the accounting system? 

    2. Explain how an auditor can test controls of the internal control system 

    of a business organisation. 

    3. What are several techniques for the assessment of control risk?

    10.2.1. Assessment of information systems and internal 

    control

    Auditors should assume control risk is high, unless it is assessed as low, and 
    the assessment confirmed by tests of controls.
    In order to assess the information system and internal control, the auditor may 

    do the following: 

    Assess the adequacy of the accounting system as a basis for preparing 
    the financial statements; 
    • Identify the types of potential misstatements that could occur in the 
    financial statements;
    • Consider factors that affect the risk of misstatements;

    • Design appropriate audit procedures.

    a) Accounting systems and the control environment 

    Auditors perform procedures to give them an understanding of the accounting 
    systems at a client and comprise what procedures are carried out, how many 
    and when depend on the size and complexity of the entity (more procedures are 
    likely to be required if the system is big and complicated), whether their systems 
    are documented or not (if so, reading this will give some understanding of the 

    system). 

    It will also depend on the auditors’ assessment of the risk of material misstatement 

    in the financial statements. If the risk is low, fewer procedures will be carried out. 

    A client is unlikely to change its system substantially on too regular basis, so 
    normally, auditors simply have to update their understanding of the system from 
    the previous year (that is, for changes that have occurred during the year). They 

    do this by:

    • Asking staff (inquiry) 
    • Watching staff operate the system (observation) 

    • Looking at documents produced by the system (inspection) 

    The auditor shall design and perform tests of controls to obtain sufficient 

    appropriate evidence as to the operating effectiveness of relevant controls if: 

    – The auditor’s assessment of risks of material misstatement at the 
    assertion level includes an expectation that the controls are operating 
    effectively (that is, the auditor intends to rely on the operating 
    effectiveness of controls in determining the nature, timing and extent 

    of substantive procedures);or

    – Substantive procedures alone cannot provide sufficient appropriate 

    audit evidence at the assertion level.

    b) Tests of controls

    Tests of controls are audit procedures designed to evaluate the operating 
    effectiveness of controls in preventing, detecting and correcting material 
    misstatements at the assertion level and must cover the whole accounting 

    period.

    • They are performed to obtain audit evidence about the effectiveness of 
    the: 
    – Design of the accounting and internal control systems, ie whether 
    they are suitably designed to prevent or detect and correct 
    material misstatements.

    – Operation of the internal controls throughout the period.

    The auditor will use inquiry in combination with other procedures (in particular 
    reperformance and inspection) to obtain evidence about the operating 

    effectiveness of controls and should consider:

    – How controls were applied 

    – The consistency with which they were applied during the period 

    – By whom they were applied 

    Deviations in the operation of controls (caused by change of staff etc) may 
    increase control risk and tests of controls may need to be modified to confirm 

    effective operation during and after any change.

    c) Questionnaires 

    Internal Control Questionnaires (ICQs): are used to ask whether controls 

    exist which meet specific control objectives. 

    Internal Control Evaluation Questionnaires (ICEQs): are used to determine 

    whether there are controls which prevent or detect specified errors or omissions. 

    The specific controls for major transaction systems (sales, purchases, inventory, 
    payroll etc) are examined in detail in later Units. Here we will look at the overall 
    objectives of the questionnaires, although we have included examples from 

    specific transaction systems to illustrate how ICQs and ICEQs are used. 

    Internal Control Questionnaires (ICQs) 

    The major question which internal control questionnaires are designed to answer 

    is ‘How good is the system of controls?’

    Where strengths are identified, the auditors will perform work in the relevant 
    areas. If, however, deficiencies are discovered they should then ask: 

    a) What errors or irregularities could be made possible by these deficiencies? 
    b) Could such errors or irregularities be material to the financial statements? 
    c) What substantive procedures will enable such errors or irregularities to 

    be discovered and quantified? 

    Although there are many different forms of ICQ in practice, they all conform to 
    the following basic principles: 

    – They comprise a list of questions designed to determine whether 
    desirable controls are present. 

    – They are formulated so that there is one to cover each of the major 

    transaction cycles. 

    Since it is the primary purpose of an ICQ to evaluate the system rather than 
    describe it, one of the most effective ways of designing the questionnaire is to 
    phrase the questions so that all the answers can be given as ‘yes’ or ‘no’ and a 

    ‘no’ answer indicates a deficiency in the system. An example would be: 

    Are purchase invoices matched to goods received notes before being passed 

    for payment?

    A ‘no’ answer to that question clearly indicates a deficiency in the company’s 
    payment procedures. The ICQ questions below dealing with goods inward 

    provide additional illustrations of the ICQ approach.

    Goods inward 

    • Are supplies examined on arrival as to quantity and quality? 

    • Is such an examination evidenced in some way? 

    • Is the receipt of supplies recorded, perhaps by means of goods inwards 

    notes?

    Are receipt records prepared by a person independent of those 

    responsible for :

    – Ordering functions? 

    – The processing and recording of invoices?

    •  Are goods inwards record controlled to ensure that invoices are 
    obtained for all goods received and to enable the liability for unbilled 
    goods to be determined (by pre-numbering the record and accounting 

    for all serial numbers)?

    – Are goods inward record regularly reviewed for items for which no 

    invoices have been received? 

    – Are any such items investigated? 

    Are these record reviewed by a person independent of those responsible 

    for the receipt and control of goods?

    However, note that while ICQs are used primarily for evaluating a system, they 
    can still be used to record a system. If they are used to record a system, then 
    the questions will be constructed in such a way that they require answers in the 

    form of descriptive notes on the system.

    Internal Control Evaluation Questionnaires (ICEQs) 

    In recent years, many auditing firms have developed and implemented an 
    evaluation technique more concerned with assessing whether specific errors 
    (or frauds) are possible rather than establishing whether certain desirable 
    controls are present. This is achieved by reducing the control criteria for each 
    transaction stream down to a handful of key questions (or control questions). 
    The characteristic of these questions is that they concentrate on the significant 
    errors or omissions that could occur at each phase of the appropriate cycle if 

    controls are weak.

    Internal control evaluation questionnaire: control questions 

    The sales (revenue) cycle 

    Is there reasonable assurance that: 
    • Sales are properly authorised? 
    • Sales are made to reliable payers? 
    • All goods despatched are invoiced? 
    • All invoices are properly prepared? 
    • All invoices are recorded? 
    • Invoices are properly supported? 
    • All credits to customers’ accounts are valid? 
    • Cash and cheques received are properly recorded and deposited? 
    • Slow payers will be chased and that bad and doubtful debts will be 
    provided against? 
    • All transactions are properly accounted for? 
    • Cash sales are properly dealt with? 
    • Sundry sales are controlled? 
    • At the period end the system will neither overstate nor understate 

    receivables?

    The purchases (expenditure) cycle 

    Is there reasonable assurance that : 

    • Goods or services could not be received without a liability being 

    recorded? 

    • Receipt of goods or services is required in order to establish a liability? 

    • A liability will be recorded: 

                           – Only for authorised items? 

                           – At the proper amount? 

    • All payments are properly authorised? 

    • All credits due from suppliers are received? 

    • All transactions are properly accounted for? 

    • At the period end liabilities are neither overstated nor understated by 

    the system? 

    • The balance at the bank is properly recorded at all times? 

    • Unauthorized cash payments could not be made and that the balance 

    of petty cash is correctly stated at all times?

    Wages and salaries 

    Is there reasonable assurance that: 
    • Employees are only paid for work done? 
    • Employees are paid the correct amount (gross and net)? 
    • The right employees actually receive the right amount?

    • Accounting for payroll costs and deductions is accurate? 

    Inventories 

    Is there reasonable assurance that : 

    • Inventory is safeguarded from physical loss (eg fire, theft, deterioration)? 

    • Inventory record are accurate and up to date? 

    • The recorded inventory exists? 

    • The recorded inventory is owned by the company? 

    • The cut-off is reliable? 

    • The costing system is reliable? 

    • The inventory sheets are accurately compiled? 

    • The inventory valuation is fair?

    Non-current assets 
    Is there reasonable assurance that: 
    • Recorded assets actually exist and belong to the company? 
    • Capital expenditure is authorised and reported? 
    • Disposals of non-current assets are authorised and reported? 
    • Depreciation is realistic? 
    • Non-current assets are correctly accounted for? 

    • Income derived from non-current assets is accounted for?

    Management information and general controls 
    Is the nominal ledger satisfactorily controlled? 
    • Are journal entries adequately controlled? 
    • Does the organisation structure provide a clear definition of the extent 
    and limitation of authority? 
    • Are the systems operated by competent employees, who are adequately 
    supported? 
    • If there is an internal audit function, is it adequate? 
    • Are financial planning procedures adequate? 

    • Are periodic internal reporting procedures adequate? 

    Each key control question is supported by detailed control points to be 

    considered. 

    For example, the detailed control points to be considered in relation to key 
    control question (b) for the expenditure cycle (Is there reasonable assurance 
    that receipt of goods or services is required to establish a liability?) are as 

    follows:

    Is segregation of duties satisfactory? 
    – Are controls over relevant master files satisfactory? 
    – Is there a record showing that all goods received have been reviewed :
    • Weight or number? 
    • Quality and damage? 
    • Are all goods received taken on charge in the detailed inventory ledgers?
    – By means of the goods received note? 
    – Or by means of purchase invoices?
    – Are there, in a computerised system, sensible control totals (hash 
    totals, money values and so on) to reconcile the inventory system 
    input with the payables system? 
    • Are all invoices initialled to show that,
    – Receipt of goods has been matched to the goods received record? 
    – Receipt of services has been verified by the person using it? 

    – Quality of goods has been reviewed against the inspection?

    In a computerised invoice approval system, are there printouts (examined by a 

    responsible person) of: 

    – Where order, GRN and invoice are present but they are not equal (equal 
    within predetermined tolerances of minor discrepancies)? 
    – Cases where invoices have been input but there is no corresponding 

    GRN? 

    • Is there adequate control over direct purchases? 
    • Are receiving documents effectively cancelled (for example cross-

    referenced) to prevent their supporting two invoices

    10.2.2. Recording the information system and internal control

    The auditor must keep a record of client’s systems, which must be updated 
    each year. This can be done with narrative notes, flowcharts, questionnaires or 

    checklists.

    There are several techniques for recording the assessment of control risk 
    and one or more of the following techniques may be used depending on the 

    complexity of the system: 

    • Narrative notes 
    • Questionnaires 
    • Flowcharts 

    • Checklists 

    Whatever method of recording is used, the record will usually be retained on the 
    permanent file and updated each year. We will look at the use of questionnaires 
    in a little more detail here. There are two types, each with a different purpose. 

    • Internal Control Questionnaires (ICQs) are used to ask whether controls 
    exist which meet specific control objectives. 
    • Internal Control Evaluation Questionnaires (ICEQs) are used to 
    determine whether there are controls which prevent or detect specified 

    errors or omissions. 

    In most cases, specific controls are applied on major transactions relating to 

    sales, purchases, inventory, cash, payroll, revenue and capital expenditure.

    Confirming understanding 

    In order to confirm their understanding of the control systems, auditors will often 
    carry out walk-through tests. This is where they pick up a transaction and follow 
    it through the system to see whether all the controls they anticipate should be 

    in existence were in operation with regard to that transaction. 

    Application activity 10.2

    1. what are major questions which internal control questionnaires are 
    designed to answer?

    2. What auditor should do in order to obtain the audit evidence about 

    the effectiveness of the internal control system?

    0.3. Communication and control activities

    Learning activity 10.3

    MUTUNZI is an auditor who has finished to examine the internal control of 
    TURWUBAKE Ltd. Company wants to communicate for the first time the 

    findings of the audit examination to the management. 

    1. How does the auditor communicate the findings on the internal 

    control system to the organisation?

    2. Give five statements reflecting the deficiencies in the internal control 

    system of an organisation.

    10.3.1. Communication with the management

    a) Commucation with managment

    The auditor’s communication with the management is about communicating 
    significant deficiencies in internal controls and shall be communicated in writing 

    to those charged with governance in a report to management.

    b) The deficiency in the internal control of the organisation 

    A deficiency in internal control exists when a control is designed, implemented or 
    operated in a way that is unable to prevent, or detect and correct misstatements 
    in the financial statements on a timely basis, or if a control necessary to prevent, 
    or detect and correct, misstatements in the financial statements on a timely is 

    missing. 

    The likelihood of a misstatement occurring and its potential magnitude. Examples 
    of matters to consider when determining whether a deficiency in internal control 

    is a significant deficiency: 

    • The likelihood of the deficiencies resulting in material misstatements in 
    the financial statements in the future 
    • The susceptibility to loss or fraud of the related asset or liability
    • The subjectivity and complexity of determining estimated amounts
    • The amounts exposed to the deficiencies 
    • The volume of activity that has occurred or could occur 
    • The importance of the controls to the financial reporting process 
    • The cause and frequency of the exceptions identified as a result of the 
    deficiencies 
    • The interaction of the deficiency with other deficiencies in internal 

    control

    • Evidence of ineffective aspects of the control environment 
    • Absence of a risk assessment process 
    • Evidence of an ineffective entity risk assessment process 
    • Evidence of an ineffective response to identified significant risks 
    • Misstatements detected by the auditor’s procedures that were not 
    prevented, or detected and corrected, by the entity’s internal control 
    • Restatement of previously issued financial statements that were 

    corrected for a material misstatement due to fraud or error

    c) Necessary information the auditor should communicate to the 

    management 

    • Evidence of management’s inability to oversee the preparation of the 
    financial statements. 
    • The auditor shall communicate any significant deficiencies in internal 
    control to those charged with governance on a timely basis. 
    • The auditor shall also communicate in writing to management on a 
    timely basis significant deficiencies in internal control that the auditor 
    has communicated or intends to communicate to those charged with 
    governance. 
    • Deficiencies in internal control that have not been communicated to 
    management by other parties and that the auditor considers are of 

    sufficient importance to warrant management’s attention. 

    The auditor shall include the following in the written communication:
    • A description of the deficiencies and an explanation of their potential 

    effects

    Sufficient information to enable those charged with governance and management 

    to understand the context of the communication, in particular that: 

    • The purpose of the audit was for the auditor to express an opinion on 
    the financial statements. 
    • The audit included consideration of internal control relevant to the 
    preparation of the financial statements in order to design audit 
    procedures appropriate in the circumstances, but not to express an 
    opinion on the effectiveness of internal control.
    • The matters being reported are limited to those deficiencies identified 
    during the audit and which the auditor has concluded are sufficiently 
    important to merit being reported to those charged with governance.
    • The auditor may also include suggestions for remedial actions on the 

    deficiencies. 

    Note: The communication to management of less important deficiencies in 

    internal control can be done orally.

    10.3.2. Control activities of internal control system 

    a) Meaning of control activities 

    Control activities are those policies and procedures that help ensure that 

    management directives are carried out.

    • The auditor should obtain an understanding of control activities relevant 
    to the audit and how the entity has responded to risks arising from IT. 

    • Control activities include those activities designed to prevent or to 
    detect and correct errors. Examples include activities relating to 
    authorisation, performance reviews, information processing, physical 

    controls and segregation of duties.

    b) Examples of control activities

    Approval and control of documents: Transactions should be approved by an 
    appropriate person. For example, overtime should be approved by departmental 
    managers. 
    Controls over computerised applications: These are controls that assess the 
    overall system of the computerised operations. 

    Checking the arithmetical accuracy of records: For example, checking to see 
    if individual invoices have been added up correctly. 

    Maintaining and reviewing control accounts and trial balances: Control 
    accounts bring together transactions in individual ledgers. Trial balances bring 
    together unusual transactions for the organisation as a whole. Preparing these 
    can highlight unusual transactions or accounts. 

    Reconciliations: Reconciliations involve comparison of a specific balance in 
    the accounting records with what another source says the balance should be, 
    for example, a bank reconciliation. Differences between the two figures should 

    only be reconciling items. 

    Comparing the results of cash, security and inventory counts with 
    accounting records:
    For example, in a physical count of petty cash, the balance 

    shown in the cashbook should be the same as the amount held. 

    Comparing internal data with external sources of information: For example, 
    comparing records of goods despatched to customers with customers’ 

    acknowledgement of goods that have been received.

    Limiting physical access to assets and records: Only authorised personnel 
    should have access to certain assets (particularly valuable or portable ones). For 
    example, ensuring that the inventory store is only open when store personnel 

    are there and is otherwise locked.

    Segregation of duties

    Segregation of duties should take place in various ways: 

    Segregation implies a number of people being involved in the accounting 
    process. This makes it more difficult for fraudulent transactions to be processed 
    (since a number of people would have to collude in the fraud), and it is also 
    more difficult for accidental errors to be processed (since the more people are 
    involved, the more checking there can be). Segregation should take place in 

    various ways: 

    • Segregation of function. The key functions that should be segregated 
    are the carrying out of a transaction, recording that transaction in the 
    accounting record and maintaining custody of assets that arise from 

    the transaction;

    • The various steps in carrying out the transaction should also be 

    segregated;

    • The carrying out of various accounting operations should be segregated. 
    For example: the same staff should not record transactions and carry 

    out the reconciliations at the period-end.

    10.3.3. Benefits and limitations of internal control system

    a) Benefits

    The auditors shall assess the adequacy of the systems as a basis for the financial 
    statements and shall identify risks of material misstatements to provide a basis 

    for designing and performing further audit procedures. 

    Auditors are only concerned with assessing policies and procedures which are 

    relevant to the financial statements. Auditors shall: 

    • Assess the adequacy of the accounting system as a basis for preparing 
    the accounts
    • Identify the types of potential misstatements that could occur in the 
    accounts 
    • Consider factors that affect the risk of misstatements 
    • Design appropriate audit procedures

    The assessment of the controls of an entity will have an impact on that risk 
    assessment. 

    Risks arising from poor control environments are unlikely to be confined to 
    particular assertions in the financial statements, and, if severe, may even raise 
    questions about whether the financial statements are capable of being audited, 
    that is, if control risk is so high that audit risk cannot be reduced to an acceptable 

    level. 

    On the other hand, some control procedures may be closely connected to an 
    assertion in financial statements, for example, controls over the inventory counts 
    are closely connected with the existence and completeness of inventory in the 

    financial statements. 

    There may be occasions where substantive procedures alone are not sufficient 
    to address the risks arising. Where such risks exist, auditors shall evaluate the 
    design and determine the implementation of the controls, which is by controls 
    testing. This is most likely to be the case in a system which is highly computerised 

    and which does not require much manual intervention. 

    b) Limitations

    There are always inherent limitations to internal controls, including cost-benefit 
    requirements and the possibility of controls being by-passed and over-ridden.
    Management of an entity will set up internal controls in the accounting system 

    to assess the following: 

    • Transactions are executed in accordance with proper authorisation. 

    • All transactions and other events are promptly recorded at the correct 
    amouns, in the appropriate accounts and in the proper accounting 

    period. 

    • Access to assets is permitted only in accordance with proper 

    authorisation. 

    • Recorded assets are compared with the existing assets at reasonable 

    intervals and appropriate action is taken with regard to any differences.

    However, any internal control system can only provide the directors with 
    reasonable assurance that their objectives are reached, because of inherent 

    limitations, such as the following: 

    The potential for human error 

    These include the fact that human judgement in decision-making can be faulty 
    or produce simple errors and mistakes. For example: if an entity’s information 
    system personnel do not completely understand how the company’s order entry 

    system operates, they may incorrectly design changes to this system. 

    On the other hand, they may design the changes correctly but these may be 
    misunderstood by the personnel responsible for translating them into program 
    code. Errors may also occur in the use of information produced by IT. For example: 
    automated controls may be designed to report transactions over a specified 
    amount for management review, but individuals responsible for conducting the 
    review may not understand the purpose of these reports, and fail to review them 

    or investigate unusual items.

    The possibility of controls being by-passed or over-ridden 
    Controls can be circumvented by the collusion of two or more people or 
    management may inappropriately override controls. For example: management 
    could enter into a side agreement with customers that alter the terms and 

    conditions of sales contracts, which could result in improper revenue recognition. 

    Also, edit checks in a software program that are designed to identify and report 

    transactions that exceed specified credit limits may be overridden or disabled. 

    Collusion among employees

    In any organisation collusion exist among employees due to different conflicting 

    circumstances. 

    The costs of controls outweighing their benefits 

    This is a particular problem faced by smaller entities. For example: smaller entities 
    often have fewer employees which may limit the extent to which segregation of 
    duties is practicable. It would not make commercial sense to employ additional 
    staff purely for the purposes of achieving greater segregation of duties. 
    However, this lack of formal control might be compensated for by a responsible 
    and ethical owner-manager, who closely monitors his/her company’s business 

    and accounting processes. 

    Controls tending to be designed to cope with routine and not non-routine transactions 

    Non-routine transactions are by their very nature unusual. As a result, it will be 
    difficult to predict what these might be and therefore is less likely that a system 
    will have been devised to deal with these effectively. Take a shipping company 
    that leases cargo ships to transport goods as an example. It may have effective 
    controls over leasing transactions, but if and when the company acquires a 
    vessel of its own, the controls around authorising and recording the acquisition 

    may be much less effective. 

    These factors show why auditors cannot obtain all their evidence from tests of 

    the systems of internal control.

    The key factors in the limitations of controls system are human error and potential 
    for fraud. The safeguard of segregation of duties can help deter fraud. However, 
    if employees decide to perpetrate frauds by collusion, or management commit 
    fraud by overriding systems, the accounting system will not be able to prevent 

    such frauds.

    Application activity 10.3

    1. How do auditors assess policies and procedures which are relevant 

    to the financial statements? 

    2. What does the management of an entity assess when it sets up 

    internal controls in the accounting system?

    Skills lab activity 10

    Under the supervision of teacher, students in their learning teams’ role 
    playing the communications with management, where one group play as 

    management another as auditor.

    End unit 10 assessment

    1. Define the term internal control system 
    2. What are the features of the internal control system?
    3. Explain briefly the elements of internal control system. 
    4. What are different ways in which segregation ofduties should be 
    carried out to ensure that there is an effective internal control system 
    within the organisation?
    5. After defining control activities, give some examples which explain 
    the application of control activities within an organisation.
    6. In order to reflect a clear distinction between control objectives 
    and control activities, draw a table which illustrates the difference 
    between the two parts using examples. 
    7. Describe problems relating to internal control system and application 
    of controls in small companies. 
    8. After defining tests of controls, draw a table which demonstrates 
    how tests of controls are applied in the internal control system of an 
    organisation. 
    9. Find examples of matters to consider when determining whether a 
    deficiency in internal control is a significant deficiency.
    10. What are the limitations of internal control system?

    11. what are the benefits of internal control 

  • UNIT 11: TEST OF CONTROL

    Key unit competence: To be able to describe the characteristics of 

    effective accounting systems.

    Introductory activity

    1. Explain the relationship between small circles and big circle

    In the last Unit we talked about controls and evaluating internal controls. We 
    have stated that in all audits, auditors must ascertain the accounting system and 
    internal control system used. If auditors decide to rely on controls, they must 
    test them. The next Unit describes the controls that may operate and the tests 

    auditors may carry out.

    It is best to examine controls in terms of the various components of the 
    accounting system. Most commonly, these will be: sales, purchases, wages 
    and other systems such as inventory, non-current assets and management 

    information.

    11.1. Sales system

    Learning activity 11.1

    Analyze the picture above, and answer the following questions: 
    1. What do you see in this picture? 

    2. Which elements do you see can be used in sales system?

    The tests of controls of the sales system will be based around: 

    • Selling (authorisation) 
    • Goods outwards (custody) 

    Accounting (recording and valuation)

    11.1.1. Control objectives

    The most important objectives of internal control relating to receivables and 

    sales are as follows.

    11.1.2. Control activities 

    The following control activities relate to the ordering and credit control process; 
    note the importance of controls over credit terms, ensuring that goods are only 

    sent to customers who are likely to pay promptly.

    • Segregation of duties : credit control, invoicing and inventory despatch 

    • Authorisation of credit terms to customers involves: 

    – References/credit checks obtained 

    – Authorisation by senior staff 

    – Regular review

    • Authorisation for changes in other customer data

    – Change of address supported by letterhead 

    – Requests for deletion supported by evidence balances cleared/

    customer in liquidation 

    • Credit limits confirmed before new orders are accepted 

    • Sequential numbering of blank order documents 

    • Matching of customer orders with production orders and despatch 

    notes

    The following procedures relate to invoice preparation and despatches:

    • Authorisation of despatch of goods 

    – Despatch only on sales order 

    – Despatch only to authorised customers 

    – Special authorisation of despatches of goods free of charge or 

    on special terms

    • Examination of goods outwards as to quantity, quality and condition 

    • Recording of goods outwards on goods despatched notes 

    Agreement of goods outwards records to customer orders, 

    despatch notes and invoices

    • Pre-numbering of despatch notes and delivery notes and regular 

    checks on sequence

    • Condition of returns reviewed 

    • Recording of goods returned on goods returned notes 

    • Signature of delivery notes by customers

    Procedures for the preparation of invoices and credit notes including the 

    following: 

    – Authorisation of selling prices/use of price lists 

    – Authorisation of credit notes 

    – Verification of prices, quantities, extensions and totals on invoices 

    and credit notes

    – Sequential numbering of blank invoices and credit notes, and 

    regular tests on sequence 

    • Inventory record updated on a timely basis 

    • Matching of sales invoices with despatch and delivery notes and 

    sales orders 

    • Regular review for orders which have not yet been delivered

    The following control activities relate to accounting and recording.

    • Segregation of duties: recording sales, maintaining customer accounts 

    and preparing statements 

    • Recording of sales invoices sequence and control over spoilt 

    invoices 

    • Matching of cash receipts with invoices

    • Retention of customer remittance advices 

    • Separate recording of sales returns, price adjustments etc. 

    • Cut-off procedures to ensure goods despatched and not invoiced (or 

    vice versa) are properly dealt with in the correct period 

    • Regular preparation of receivables statements 

    • Review of receivables’ statements to ensure they have been prepared 

    correctly 

    • Safeguarding of receivables statements so that they cannot be 

    altered before despatch

    • Review and follow-up of overdue accounts 

    • Authorisation of writing off of irrecoverable debts (bad debts)

    • Reconciliation of receivables ledger (sales ledger) control account 

    • Analytical review of receivables ledger (sales ledger) and profit 

    margins

    11.1.3. Tests of controls 

    The precise nature of the tests of controls performed by the auditor would 
    depend on the way in which the control is being operated by the audit client. 

    Procedures however would typically include the following.

    • Review the organisation chart and allocation of responsibilities and 

    assess whether segregation of duties is operating. 

    • Verify that references are being obtained for a sample of new 

    customers by reviewing customer files. 

    • Verify that a sample of new accounts on the sales ledger have been 

    authorised by senior staff. 

    • Examine computer application controls for credit limits. 

    • For a sample of customer orders obtain evidence that they have been 

    matched with production orders and despatch notes. 

    • Verify that price lists and terms of trade are properly documented, 

    authorised and communicated. 

    • Obtain evidence of authorisation of goods despatched e.g. signature 

    of despatch note.

    • Review and test the entity’s procedures for accounting for numerical 
    sequences
    of despatch notes and inspect despatch notes to confirm 

    that they are sequentially numbered. 

    • Examine delivery notes for evidence of confirmation of receipt of 

    goods by customers e.g. customer signature.

    • Obtain evidence that procedures relating to the accuracy of invoices
    have been performed e.g. evidence that prices have been matched 
    to the price list, evidence that calculations have been reperformed, 

    evidence that discounts have been authorised. 

    • Review and test the entity’s procedures for accounting for numerical 
    sequences of invoices
    and inspect invoices to confirm that they are 

    sequentially numbered. 

    • Review and observe procedures for matching of invoices to despatch 

    notes and reperform a sample.

    • Obtain evidence of authorisation of credit notes. 

    • Evaluate procedures for the preparation of customer statements. 

    • Review supplier statement reconciliations produced by the audit 

    client. 

    • Reperform a sample of supplier statement reconciliations produced 
    by the audit client to determine whether they have been performed 

    accurately. 

    • Review control account reconciliations to the receivables ledger 

    produced by the client.

    • Reperform a sample of control account reconciliations to the 
    receivables ledger to determine whether they have been performed 

    accurately. 

    • Confirm authorisation of irrecoverable receivables allowances/write 

    offs.

    Application activity 11.1
    1. What should auditors consider when reviewing sales invoices? 
    2. Which of the following controls identified when evaluating a sales 
    system would provide positive assurance to an auditor in respect of 
    the key question ‘can goods and services be supplied to a bad credit 
    risk?’ 
    a) References are obtained for new customers 
    b) Goods are verified to sales order prior to dispatch 
    c) Invoice prices prepared from authorized selling prices 

    d) Receivables statements are prepared

    11.2. The purchases system

    Learning activity 11.2

    Analyse the image above and answer the following questions: 

    1. Identify the elements can be used in purchase system

    The tests of controls of the purchases system will be around: 

    • Buying (authorisation) 

    • Goods inwards (custody) 

    • Accounting (recording and valuation)

    11.2.1. Control objectives

    The most important objectives of internal control relating to suppliers and 

    purchases are: 

    • Ordering

    To ensure that: 

    – All orders for, and expenditure on, goods and services are properly 
    authorised, and are for goods and services that are actually received 

    and are for the company. 

    – Orders are only made to authorised suppliers. 

    – Orders are made at competitive prices.

    • Receipt and invoices

    To ensure that: 

    – Goods and services received are used for the organisation’s 

    purposes and not private purposes. 

     Goods and services are only accepted if they have been ordered, 

    and the order has been authorised. 

    – All goods and services received are accurately recorded. 

    – Liabilities are recognised for all goods and services that have been 

    received. 

    – All credits to which the organisation is due are claimed. 

    – Receipt of goods and services is necessary to establish a liability.

    • Accounting

    To ensure that: 

    – All expenditure is authorised and is for goods that are actually 

    received. 

    – All expenditure that is made is recorded correctly in the general 

    (nominal) and payables (purchase) ledgers. 

    – All credit notes that are received are recorded in the general and 

    payables ledgers. 

    – All entries in the payables ledger are made to the correct payables 

    ledger accounts. 

    – Cut-off is applied correctly to the payables ledger.

    11.2.2. Control activities 

    The following control activities should be in place over ordering.

    – Central policy for choice of suppliers

    – Evidence required of requirements for purchase before purchase 

    authorised (re-order quantities and re-order levels) 

    – Order forms prepared only when a purchase requisition has been 

    received 

    – Authorisation of order forms by appropriate authorised personnel 

    – Prenumbered order forms 

    – Safeguarding of blank order forms 

    – Review of orders not received 

    – Monitoring of supplier terms and taking advantage of favourable 

    conditions (bulk order, discount)

    The client should carry out the following procedures on goods received and 

    invoices from suppliers.

    • Examination of goods inwards 

    – Quality 

    – Quantity 

    – Condition 

    • Recording arrival and acceptance of goods (pre-numbered goods 

    received notes)

    • Comparison of goods received notes with purchase orders

    • Referencing of supplier invoices; numerical sequence and supplier 

    reference 

    • Verification of suppliers’ invoices 

    – Prices, quantities, accuracy of calculation 

    – Comparison with order and goods received note 

    • Recording return of goods (pre-numbered goods returned notes) 

    • Procedures for obtaining credit notes from suppliers

    The following control activities should be in place over accounting procedures.

    • Segregation of duties: accounting and verification functions 

    • Prompt recording of purchases and purchase returns in day books and 

    ledgers 

    • Regular maintenance of payables ledger 

    • Comparison of supplier statements with payables ledger balances on 

    a regular basis

    • Authorisation of payments 

    – Authority limits 

    – Confirmation that goods have been received, accord with 

    purchase order, and are properly priced and invoiced 

    • Review of allocation of expenditure 

    • Reconciliation of payables ledger control account to total of payables 

    ledger balances on a regular basis 

    • Cut-off accrual of unmatched goods received notes at year end

    11.2.3. Tests of controls

    A most important test of controls is for auditors to confirm that all purchases have 
    been authorised. The officials who approve the invoices should be operating 
    within laid-down authority limits. The precise nature of the tests of controls 
    performed by the auditor would depend on the way in which the control is 
    being operated by the audit client. Procedures however would typically include 

    the following.

    • Observe the processing of purchase orders throughout the purchasing 

    cycle and evaluate whether proper segregation of duties is operating. 

    • Examine application controls for re-order levels. 
    • Verify that authorised supplier lists exist and have been communicated. 
    • Obtain evidence of regular management reviews of supplier terms. 
    • Examine a sample of purchase orders for evidence that they have been 
    authorised. 
    • Observe procedures for receipt of goods to verify that the goods 
    actually received are matched to the purchase order. 
    • Review entity’s procedures for accounting for pre-numbered documents 
    and inspect a sample of goods received notes for evidence of sequential 
    numbering. 
    • Review a sample of goods received notes for evidence of matching to 
    purchase orders.
    • Examine supporting documentation for evidence that purchase invoices 
    are matched to goods received notes and orders. 
    • Review a sample of purchase invoices for evidence that their accuracy 
    has been verified (e.g. signature or initials) and reperform the procedures. 
    • Review evidence of approval of invoice coding to relevant expenditure 
    account by responsible staff member. 
    • Test application controls relating to the input of purchase invoices 
    and credit notes. For example, perform a batch reconciliation to 
    determine whether purchase invoices have been entered accurately 
    and a sequence check to determine whether all credit notes have been 
    recorded. 
    • Review procedures for reconciling supplier statements to payables 
    ledger accounts and reperform a sample of reconciliations. 
    • Review reconciliations of the payables ledger accounts and payables 
    ledger control account.
    • Reperform a sample of reconciliations of the payables ledger accounts 
    and the payables ledger to ensure that they have been performed 

    accurately.

    Application activity 11.2

    1. Which of the following controls undertaken when evaluating a 
    purchases system would provide positive assurance to the auditor 
    in respect of the key question ‘Are goods only bought for business 

    purposes?’

    a) Orders should only be raised in response to an authorized 

    purchase requisition

    b) Goods inwards are examined for quality 

    c) Goods inwards are verified to purchase orders 

    d) Review of allocation of expenditure 

    2. What are the important objectives of internal control relating to 

    suppliers and purchases

    11.3. The payroll system

    Learning activity 11.3


    Analyse the image above and answer the following questions: 

    1. Explain the relationship between small circles and big circle.


    Key controls over payroll cover: 
    • Documentation and authorisation of staff changes 
    • Calculation of wages and salaries 
    • Payment of wages and salaries 

    • Authorisation of deductions

    11.3.1. Control objectives 

    The most important objectives of internal control relating to wages and salaries 

    are: 

    Setting of wages and salaries 

    To ensure that: 
    • Employees are only paid for work that they have done. 
    • Gross pay has been calculated correctly and authorised. 

    Recording of wages and salaries 

    To ensure that: 
    Gross and net pay and deductions are accurately recorded on the 
    payroll. 
    • Wages and salaries paid are recorded correctly in the bank and cash 

    records. 

    • Wages and salaries are correctly recorded in the general ledger. 

    • Payment of wages and salaries 

    To ensure that: 
    • The correct employees are paid. 
    • Wages and salaries are only paid to valid employees. 

    Deductions 

    To ensure that: 
    • Statutory and non-statutory deductions have been calculated correctly 
    and are authorised.

    • The correct amounts paid to the taxation authorities.

    11.3.2. Control activities 

    While in practice separate arrangements are generally made for dealing with 
    wages and salaries, the considerations involved are broadly similar and for 

    convenience the two aspects are here treated together

    General arrangements 

    Responsibility for the preparation of pay sheets should be delegated to a suitable 
    person, and adequate staff appointed to assist him/her. The extent to which the 
    staff responsible for preparing wages and salaries may perform other duties 
    should be clearly defined. In this connection full advantage should be taken 
    where possible of the division of duties, and controls available where automatic 

    wage-accounting systems are in use.

    Setting of wages and salaries 

    • Staffing and segregation of duties 

    • Maintenance of personnel records and regular reconciliation of wages 

    and salaries to details in personnel records 

    • Authorisation 

    – Engagement and discharge of employees (new staff are added to 
    the payroll system correctly, and leavers are removed) 
    – Changes in pay rates 
    – Overtime 
    – Non-statutory deductions (for example pension contributions) 
    – Advances of pay 
    • Recording of changes in personnel and pay rates 
    • Recording of hours worked by timesheets, clocking in and out 
    arrangements
    • Review of hours worked 
    • Recording of advances of pay 
    • Holiday pay arrangements
    • Answering queries 

    • Review of wages against budget

    Recording of wages and salaries 

    • Bases for compilation of payroll 

    • Preparation, review and approval of payroll 

    • Dealing with non-routine matters

    Payment of cash wages 

    • Segregation of duties 

    – Cash sheet preparation 

    – Filling of pay packets 

    – Distribution of wages 

    • Authorisation of wage cheque 
    • Custody of cash 
    – Encashment of cheque 
    – Security of pay packets 
    – Security of transit arrangements 
    – Security and prompt banking of unclaimed wages
    • Verification of identity 

    • Recording of distribution

    Payment of salaries 
    • Preparation and signing of cheques and bank transfer lists 
    • Comparison of cheques and bank transfer list with payroll 

    • Maintenance and reconciliation of wages and salaries bank account

    Deductions from pay 
    • Maintenance of separate employees’ records, with which pay lists may 
    be compared as necessary 
    • Reconciliation of total pay and deductions between one pay day and 
    the next
    • Surprise cash counts 
    • Comparison of actual pay totals with budget estimates or standard 
    costs and the investigation of variances 
    • Agreement of gross earnings and total tax deducted with the returns 

    submitted to the taxation authorities

    Appropriate arrangements should be made for dealing with statutory and 
    other authorised deductions from pay, such as social insurance, tax, pension 
    fund contributions, and savings held in trust. A primary consideration is the 

    establishment of adequate controls over the records and authorising deductions. 

    For the payroll system, as with other systems, it is important that you appreciate 

    how the control activities we have identified relate to the control objectives.

    11.3.3. Tests of controls 

    Setting of wages and salaries 

    Auditors should confirm that the wages and salaries summary is approved for 
    payment. They should confirm that procedures are operating for authorising 

    changes in rates of pay, overtime, and holiday pay. 

    A particular concern will be joiners/new employees and leavers. Auditors will 
    need to obtain evidence that staff only start being paid when they join the 
    company, and are removed from the payroll when they leave the company. They 
    should test that the engagement of new employees and discharges have been 

    confirmed in writing. 

    Auditors will also wish to verify that the calculation of wages and salaries is 
    accurate. Tests of controls should be designed to obtain evidence that the 

    client is carrying out adequate checks on the calculations. 

    The precise nature of the tests of controls performed by the auditor would 
    depend on the specific control activities operated by the entity. However, they 

    would typically include the following:

    Review payroll and HR job descriptions and company policies on the 
    payroll process, to evaluate whether proper segregation of duties is in 

    place. 

    • Review a sample of starters/new employees and leavers in the year and 
    verify that the correct documentation is in place e.g. personnel files. 
    • Review the entity’s procedures for reporting changes (e.g. wage 
    increases) to the payroll department. 
    • Obtain evidence of authorisation of standing data in payroll system. 
    • Review and test authorisation procedures for hiring staff, wage rates, 
    overtime etc. 
    • Observe employees’ use of clocking-in and out procedures.
    • Inspect a sample of clock-cards/timesheets for evidence of approval by 
    the appropriate level of management. 
    • Review documentary evidence that a sample of payroll calculations 
    have been independently reperformed by entity staff e.g. review of 
    spreadsheet printout. 
    • Test operation of computerised controls e.g. range checks. 
    • Inspect documentary evidence of management’s review of agreement 
    of gross earnings and total tax deducted to taxation returns. 
    • Examine paid cheques or a certified copy of the bank list for evidence 
    of proper authorisation.
    • Where wages are paid in cash attend the pay-out and observe 
    procedures. 
    • Review payroll budgeting procedures adopted by the client. 
    • Review reconciliation of the payroll master file to the wages and salaries 
    account in the general ledger. 
    • Review procedures for classifying payroll costs to ensure that costs are 

    not incorrectly capitalised.

    Application activity 11.3

    1. Which of the following controls would not provide assurance that the 
    correct amounts are paid to employees, in a system where employees 

    are paid by the hour? 

    a) Recording of hours worked 
    b) Reperformance of payroll calculations 
    c) Comparing bank transfer list with payroll 

    d) Comparing payroll and income tax returns 

    2. How should auditors confirm that wages have been paid at the 

    correct rate to individual employees?

    11.4. The inventory system

    Learning activity 11.4


    Analyse the picture above and answer the following questions: 

    1. Which activities are carried out there?
    2. What elements do you see on the picture can be used in inventory 

    system? 

    Inventory controls are designed to ensure safe custody, and appropriate 

    valuation. These include:

    Restriction of access to inventory 
    • Documentation and authorisation of movements 

    • Regular inventory counting/checking and review of inventory condition

    11.4.1. Control objectives 

    The most important objectives of internal control relating to inventory are: 

    Recording 

    To ensure that: 
    • All inventory movements are authorised and recorded. 
    • Inventory records only include items that belong to the client. 
    • Inventory records include inventory that exists and is held by the client. 
    • Inventory quantities have been recorded correctly. 

    • Cut-off procedures are properly applied to inventory. 

    Protection of inventory 
    To ensure that: 

    • Inventory is safeguarded against loss, pilferage/theft or damage. 

    Valuation of inventory 

    To ensure that: 
    • The costing system values inventory correctly. 

    • Allowance is made for slow-moving, obsolete or damaged inventory. 

    Inventory-holding 

    To ensure that: 

    • Levels of inventory held are reasonable.

    11.4.2. Control activities 

    Key control activities are as follows. 

    Recording of inventory:
    • Segregation of duties : custody and recording of inventories 
    • Receipt, review and recording of goods inwards 
    • Inventory issues supported by appropriate documentation 
    • Maintenance of inventory records: 
    – Inventory ledgers 
    – Bin cards 

    – Transfer records

    Protection of inventory:
    • Precautions against theft, misuse and deterioration by: 
    – Restriction of access to stores 
    – Controls on stores environment (right temperature, precautions 
    against damp etc.) 
    • Security over inventory held by third parties, and third party inventory 
    held by entity
    • Inventory counting: 
    – Regular inventory counting/checking 
    – Fair coverage so that all inventory is counted at least once a 
    year 
    – Counts by independent persons 
    – Recording 
    – Cut-off for goods in transit and time differences 
    – Reconciliation of inventory counting to book records and 

    control accounts

    Valuation of inventory:
    • Computation of inventory valuation 
    – Accords with IAS 2 Inventories 
    – Review of calculations 
    • Review of condition of inventory 
    – Treatment of slow-moving, damaged and obsolete inventory 

    – Authorisation of write-offs

    Inventory holding:
    • Control of inventory levels by: 
    – Maximum inventory limits 
    – Minimum inventory limits 
    – Re-order quantities and levels 

    • Arrangements for dealing with returnable containers

    11.4.3. Tests of controls 

    Most of the testing relating to inventory has been covered in the purchase and 

    sales testing outlined. 

    Auditors will primarily be concerned at this stage with ensuring that the business 
    keeps track of inventory. To confirm this, tests must be carried out on how 

    inventory movements are recorded and how inventory is secured.

    • Select a sample of inventory movement’s records and reperform 

    matching to goods received and goods despatched notes. 

    • Confirm that movements have been authorised as appropriate. 

    • Select a sample of goods received and goods despatched notes and 

    agree to inventory movement records. 

    • Reperform a sample of reconciliations of inventory records with the 

    general ledger to confirm that they are performed and reviewed. 

    • Examine evidence of sequence of inventory records. 

    • If the company uses perpetual inventory counting (i.e. it counts inventory 
    on a regular basis throughout the year, rather than at the year-end 
    alone), reperform a sample of the inventory counts and review evidence 

    to confirm that:

    – All discrepancies between book and actual figures have been 
    fully investigated All discrepancies have been signed off by a 

    senior manager 

    – Obsolete, damaged or slow-moving goods have been marked 

    accordingly and written down to net realisable value

    • Observe security arrangements for inventories. 

    • Consider environment in which inventories are held. 

    • Review procedures for counting inventory and attend the count.

    Application activity 11.4

    1. What controls should businesses exercise over inventory levels? 

    2. Which of the following would be appropriate test of controls in the 

    audit of inventory :

    a) Agree a sample of inventory items to purchase invoices 

    b) Obtain details of last goods out at the inventory count 

    c) Review the system for safeguarding inventory 

    d) Review the overhead allocation system

    11.5. Non-current assets

    Learning activity 11.5


    Analyse the image above and answer the following questions: 

    1. Which kind of an assets observed on the picture? 

    Important controls over tangible non-current assets include physical custody 

    and authorisation of purchases and disposals.

    These systems tend to be of lesser importance, although this depends on the 

    nature of the business.

    11.5.1. Control objectives

     The most important objectives of internal control relating to non-current assets 

    are to ensure that:

    • Non-current assets are properly accounted for and recorded. 

    • Security arrangements over non-current assets are sufficient. 

    • Non-current assets are maintained properly. 

    • Non-current assets acquisitions are authorised. 

    • Non-current assets disposals are authorised and proceeds of disposals 

    are accounted for.

    • Depreciation rates are reasonable. 

    • All income from income-yielding non-current assets is collected.

    11.5.2 Control activities 
    Key control activities are as follows. 
    • Segregation of duties : authorisation, custody and recording 
    • Maintenance of appropriate accounting records (including distinction 

    between capital and revenue expenditure) 

    Security and maintenance: 
    • Maintenance of plant and property registers which are regularly 
    reviewed for: 
    – Agreement with general ledger 
    – Inspection of assets recorded 
    • Inspection of non-current assets to ensure properly maintaining and 

    using 

    Acquisition and disposal:
    • Authorisation of capital expenditure 

    • Authorisation of sales, scrapping or transfer of non-current assets 

    Depreciation:
    • Authorisation of depreciation rates: 
    – Calculation and confirmation of depreciation rates 

    – Arithmetical accuracy Assessment of asset lives

    Income from non-current assets: 
    • Identification of income-producing assets 
    • Monitoring of income 
    • Receipt of cash

    • Adequate insurance cover 

    Asset register 

    Maintenance of a non-current asset register is a key control activity. The register 
    should contain details of all the company’s tangible non-current assets. It is an 
    important control over the completeness of recording and safe custody of those 
    assets. To preserve segregation of duties, it should be maintained by someone 

    who does not use, and is not responsible for the custody of non-current assets. 

    The non-current asset register acts as a point of comparison against which the 
    non-current assets that physically exist can be compared, and also the non-
    current asset accounts in the general ledger. It is of most use for assets that
    can easily be stolen. Information that should be included within the register for 

    individual assets includes the following. 

    • Cost 
    • Additions or alterations to the assets 
    • Total depreciation charged over the asset’s life 
    • The serial number or other means of identification 
    • Description of the asset 
    • The location of the asset 
    • The manufacturer and supplier 
    • Insurance details 

    • Maintenance record 

    As well as knowing the control objectives and control activities that could be 
    used in relation to non-current assets, it is important that you appreciate how 

    the different control activities relate to the control objectives.

    11.5.3. Tests of controls 

    The precise nature of the tests of controls performed by the auditor would 
    depend on the way in which the control is being operated by the audit client. 
    Procedures, however, would typically include those listed below. 
    A key concern of auditors will be proper controls over movements (acquisitions 

    and disposals) during the year.

    • Confirm maintenance of a non-current asset register 
    • Review annual capital budgets produced by the board and confirm that 
    they are authorised
    • For a sample of acquisitions and disposals recorded in the non-current 
    asset register confirm authorisation (and board approval if necessary). 
    • Inspect invoices to confirm that they have been appropriately approved. 
    • Review reconciliations of the non-current assets register to the general 
    ledger accounts and confirm that discrepancies are followed up. 
    • Reperform a sample of reconciliations. 
    • Verify that depreciation rates are authorised and are in line with company 
    policy. 
    • Review evidence of arithmetical accuracy of depreciation and reperform 
    a sample of calculations. 
    • Review evidence of calculations of profits or losses on disposal and 
    reperform a sample of calculations. 
    • Review adequacy of physical security measures.
    Auditors should also carry out some testing on security and maintenance of 
    non-current assets.

    For a sample of non-current assets from the non-current asset register: 
    • Review procedures used to ensure assets are in good condition eg 
    inspection procedures.
    • Ascertain for a sample of assets when they were last reviewed for 
    maintenance and whether this is in line with company’s policy. 
    • Observe for a sample of newly acquired assets the procedures for 
    ensuring they are labelled and stored. 
    • Review procedures for insuring new assets and renewal of insurance 

    for existing assets.

    Application activity 11.5

    1. What tests would auditors normally carry out on controls over noncurrent asset purchases?
    2. Which of the following is not a test of controls over non-current 
    assets? 
    a) Review the system of authorizing capital expenditure 
    b) Review whether a non-current asset register exists 
    c) Review the system of authorizing non-current asset disposal 

    d) Review the condition of non-current assets in use.

    11.6. Non-current liabilities

    Learning activity 11.6


    Analyse the picture above and answer the following question: 
    1. Among the elements above, which ones are non- current liabilities?
    2. Why for the auditor, is auditing the liabilities of the client very 

    important?

    Non-current liabilities may comprise payables due more than one year after the 
    year end, as well as capital lease obligations, mortgages, debentures, and other 
    loans repayable at a date more than one year after the year end. 
    The most important objectives of internal control relating to non-current liabilities 

    are to ensure:

    Authorisation: that loans and any other long-term borrowings are 
    properly authorised
    • Completeness: that all non-current liabilities have been recognised 
    and disclosed 
    Accuracy: that the value of the liability has been correctly recorded, 
    and that interest payable has been calculated correctly and included in 
    the correct accounting period
    • Classification and understandability: that long-term loans and interest 

    on loans have been correctly disclosed in the financial statements.

    A major complication for the auditors is that debenture and loan agreements 
    frequently contain conditions with which the company must comply. These may 
    include restrictions on the company’s total borrowings, and requirements to 

    adhere to specific borrowing ratios. 

    In this respect, it is important that internal controls ensure that borrowing limits 

    imposed by agreements are not exceeded. 

    New loans should be approved by the Board, and documented in signed Board 

    minutes. 

    In the financial statements themselves, it will also be important to ensure 
    non-current liabilities are correctly disclosed, in accordance with accounting 
    standards. In particular, the capital element of any loans repayable within one 
    year should be classified under current liabilities, rather than under non-current 

    liabilities.

    Application activity 11.6

    What will be the control activities if non-current liabilities have been properly 

    recorded? 

    11.7. Management information

    Learning activity 11.7

    Analyse the image above and answer the following questions: 

    1. Explain the relationship between small circles and big circle
    The management information system is an important aspect of the control 
    environment, since timely and accurate information helps management supervise 
    operations. There should be controls in place to ensure budgets are regularly 
    set, and reports and information are provided on time to the specified degree of 

    accuracy and detail. 

    As well as the control aspects, auditors will be concerned with the management 

    information system’s ability to provide useful data for analytical procedures. 

    Auditors will also be particularly concerned of course with the accounting records, 
    with the procedures that ensure transactions are completely posted, and journal 

    adjustments are authorised and backed up by appropriate documentation. 

    11.7.1. Management information procedures 

    Auditors will review the contents of internal management accounting reports, 
    and confirm in particular that budgets are being set and that actual results are 

    being compared with budgeted figures. 

    As well as testing based on individual components of the accounting system, 
    the auditor will also perform some general tests, including the following. 
    Test postings from books of prime entry to the general ledger. 
    Confirm that the general ledger is regularly balanced. 

    Test vouch a sample of journal entries to original documentation.

    Application activity 11.7

    What test of control of management information helps the management 

    operations?

    Skills lab activity 11

    Under guidance of the teacher, students in their learning teams act as 
    auditor of school and test how purchase system, payroll system, inventory 

    system are recorded, maintained and reported in accounting systems. 

    End unit 11assessment

    1. How can a company ensure that quantities of goods ordered do not 
    exceed those that are required? 
    2. What are the important verification procedures that should be made 
    on invoices received from suppliers? 
    3. Which of the following controls helps to ensure that non-current 

    assets are depreciated in line with company policy? 

    a) Limiting access to non-current assets 

    b) Periodically verifying that assets listed in the non-current asset 

    register exist 

    c) Review of records that show significant profits on disposal 

    d) Obtaining authorization for capital purchases 

    4. Mpundu Ltd, a limited liability company, manufactures high fashion 
    jeans for distribution to wholesalers and retailers. 
    You have been assigned to the audit of inventory in the company’s 
    financial statements for the year ended 31 July 2019. 

    The following points are relevant to the audit. 

    i. The company has raw materials, consumables and work in 
    progress inventory at its factory base. Finished goods are 
    stored in a separate warehouse located five miles away. The 

    company does not hold inventory owned by third parties. 

    ii. On 31 July 2019 employees of the company will physically count 
    the inventory at both of the company’s sites and members of 

    your audit team will attend.

    iii. The company has significant quantities of finished goods 
    inventory held by independent retail stores under its sale 
    or return system. Under this system, inventory is displayed 
    for sale at retail shop premises but remains the property of 
    Mpundu until it is sold by retailers. Any garments not sold 
    within three months are returned to Mpundu for bulk sale at 

    heavily discounted prices. 

    iv. Some quantities of finished goods inventory were stated at net 
    realisable value in the financial statements of the company for 

    the previous year. 

    Required 

    a) With explanations, discuss why the inherent risk associated with 
    inventory in the financial statements of Mpundu would be assessed 

    as ‘high’. 

    b) Identify five tasks that members of your audit team should carry out 
    when attending the company’s physical inventory count on 31 July 

    2019.

  • UNIT 12: PROCEDURES IN AUDIT OF FINANCIAL STATEMENTS

    Key unit competence: To be able to demonstrate working knowledge in 
    respect of performance of audit procedures
    Introductory activity
    UMURAVA Ltd Company is a textile industry with the purpose of selling 
    its products in Rwanda and outside. As part of corporate governance, 
    shareholders are supposed to make follow up of the performance of their 
    company. They often appoint the management and auditor. The auditor is 
    appointed by the shareholders during the annual meeting. 

    The main responsibility of the auditor is to audit the financial statements of 
    the company and ascertain whether the financial statements are prepared 
    in all material respects and free from material misstatement due to errors 
    and fraud. The auditor should also review/ carry out an assessment on the 
    internal control. Thereafter, the auditor should issue the audit report on 
    financial statements and on internal controls (Management letter).

    1. What do you think could be the purpose of the audit?

    2. What are the auditable elements of the financial statements?

    12.1. Substantive procedures

    Learning activity 12.1


    1. What do you think the person in picture above could be doing?
    2. What do you think would be roles/tasks of the auditor during the 

    audit of a financial statement?

    12.1.1 The nature of substantive procedures

    Substantive procedures are audit procedures designed to detect material 
    misstatements at the assertion level. They consist of tests of details (i.e. 
    testing classes of transactions, accounts balances and disclosures) and as 
    well substantive analytical procedures (i.e. where the auditor develops his/her 

    expectations and reconcile it with balances shown in the financial statements.

    a) Substantive procedures 

    Substantive audit procedures (tests of details), the auditor inspects transactions 
    and balances taken on sample basis. The auditor is required to establish the 
    audit procedures and carryout audit. Detailed audit tests are performed to 

    detect any material misstatement due to errors or fraud. 

    b) Analytical procedures 

    Analytical procedures are also another form of substantive procedures. 
    • The analytical procedures involve comparison with:
    Similar information for prior periods; 
    Anticipated results of the entity, from budgets or forecasts;

    Predictions prepared by the auditor’s Industry information.

    • The consideration of the relationship between financial information and 
    relevant non-financial information.
    • The consideration also of the relationship between elements of financial 
    information that are expected to conform to a predicted pattern based 
    on the entity’s experience, such as the relationship of gross profit to 
    sales.
    • Ratio analysis can be a useful technique when carrying out analytical 

    procedures.

    12.1.2. Financial statement assertions

    Financial statement assertions are the representations by management, explicit 
    or otherwise, that are embodied in the financial statements, as used by the 
    auditor to consider the different types of potential misstatements that may occur. 
    Audit tests are therefore designed and performed to obtain the appropriate and 
    sufficient audit evidences about the financial statements assertions. Assertions 
    relate to:

    • Classes of transactions,
    • Accounts balances
    • Disclosures

    a) Assertions about classes of transactions and events and disclosures 

    (related to Income statement)

    • Occurrence: transactions and events that have been recorded or 
    disclosed have occurred, and such transactions and events pertain to 

    the entity.

    • Completeness: all transactions and events that should have been 
    recorded have been recorded, and all related disclosures that should 

    have been included in the financial statements have been included.

    • Accuracy: amounts and other data relating to recorded transactions 
    and events have been recorded appropriately, and related disclosures 

    have been appropriately measured and described.

    Cut-off: transactions and events have been recorded in the correct 

    reporting period. 

    • Classification: transactions and events have been recorded in the 

    proper accounts.

    • Presentation: transactions and events are appropriately aggregated or 
    disaggregated and are clearly described, and related disclosures are 
    relevant and understandable in the context of the requirements of the 

    applicable financial reporting framework.

    b) Assertions about account balances and related disclosures (related 

    financial position)

    • Existence: assets, liabilities and equity interests exist.

    • Rights and obligations: the entity holds or controls the rights to assets, 

    and liabilities are the obligations of the entity. 

    • Completeness: all assets,aliabilities and equity interests that should 
    have been recorded have been recorded, and all related disclosures 
    that should have been included in the financial statements have been 

    included. 

    • Accuracy, valuation and allocation: assets, liabilities and equity 
    interests have been included in the financial statements at appropriate 
    amounts and any resulting valuation or allocation adjustments have 
    been appropriately recorded, and related disclosures have been 

    appropriately measured and described.

    • Classification: assets, liabilities and equity interests have been 

    recorded in the proper accounts.

    Presentation: assets, liabilities and equity interests are appropriately 
    aggregated or disaggregated and clearly described, and related 
    disclosures are relevant and understandable in the context of the 

    requirements of the applicable financial reporting framework.

    12.1. Methods of obtaining audit evidences

    During the audit, the auditor has to collect sufficient and appropriate evidences 
    to support his or her conclusion. The audit evidences are collected in the 

    following ways;

    • Inspection: inspection involves examining records or documents, 
    whether internal or external, in paper form, electronic form, or other 

    media, or a physical examination of an asset.

    • Observation: observation consists of looking at a process or procedure 
    being performed by others. For example: is where an auditor can attend 

    inventory counts.

    • External confirmation: an external confirmation represents audit 
    evidence obtained by the auditor as a direct written response to the 

    auditor from a third party.

    • Recalculation: recalculation consists of checking the mathematical 
    accuracy of documents or records. Recalculation may be performed 

    manually or electronically.

    • Reperformance: reperformance involves the auditor’s independent 
    execution of procedures or controls that were originally performed as 

    part of the entity’s internal control.

    • Analytical procedures: analytical procedures consist of evaluations of 
    financial information through analysis of plausible relationships among 
    both financial and non-financial data. Analytical procedures also look 
    at identified fluctuations or relationships that are inconsistent with from 

    the expected values.

    • Inquiry: inquiry consists of seeking information of knowledgeable 
    persons, both financial and non-financial, within the entity or outside 
    the entity. Inquiry is used extensively throughout the audit in addition to 
    other audit procedures. Inquiries may range from formal written inquiries 

    to informal oral inquiries.

    Exercise on analytical procedures

    The audit XY Company is a company that is involved in sale of its agricultural 
    produces. The company planned to obtain sales revenue amounting to FRW 
    300,000,000 for sales during the year. The table below indicates different 
    agricultural produces, quantities produced and their respective prices. You 
    are required to audit the above revenue amount disclosed in XY Company’s 

    financial statements for the period ended 31 Dec 2021. 

    As an auditor of XY Company, establish how can carry out your substantive 
    audit procedures and conclude on the revenue amount indicated above. 
    Following the considering the information shared to the auditor, it easy for the 
    audit to conclude on revenue amount by conducting substantive analytical 

    procedures. The auditor can perform the following:

    Step 1 

    Identify the quantities sold and their approved/ market prices

    Step 2 

    Develop the expectation(s)

    Step 3 
    Asses the relationship between computed amount and the amount reported in 

    the financial statements.

    Step 4 seek explanations from the management for the above difference of 

    185,000,000FRW obtained.

    Note

    In case it is justified/supported, conclude it by ignoring the difference

    If not justified, consider it as a reportable issue and include in the audit report.

    Application activity 12.1

    1. You have been tasked by your Auditor Manager to carry out the audit 
    of expense amounting FRW 100,000,000 included in the financial 
    statements of AB Ltd for the period ended 31 December 2020. 
    Demonstrate how you will collect the audit evidences during the audit 

    of this expenditure of AB Ltd.

    2. MK Ltd is a company that buys milk from the Milk collectors for the 
    consumption of its staff. Every month, the company collects 50,000 
    litres at a price of FRW 500 per Littre. MK reported the expense of FRW 
    45,000,000.
    You are assigned by your audit partners to quickly audit 
    the expense related to milk consumed during the year. Establish the 
    three audit procedures you will perform to conclude on milk expense 

    included in MK Ltd for the period ended 31 December 2020.

    12.2. Analytical procedures

    Learning activity 12.2

    1. What are the materials/ items shown in the above picture? 
    2. What do you think could be their purposes? 
    3. What are the activities being done by the people shown in the above 

    picture? 

    12.2.1. Using analytical procedures

    One of the objectives of ISA 520 is that relevant and reliable audit evidence are 
    obtained when using substantive analytical procedures. The primary purpose of 
    substantive analytical procedures is to obtain assurance, in combination with 
    other audit testing (such as tests of controls and substantive tests of details), 

    with respect to financial statements assertions for one or more auditable areas. 

    Substantive analytical procedures are generally more applicable to large volumes 

    of transactions that tend to be more predictable over time.

    The application of substantive analytical procedures is based on the expectation 
    that relationships among data exist and continue in the absence of known 

    conditions to the contrary. 

    To derive the most benefit from substantive analytical procedures, the auditor 
    should perform substantive analytical procedures before other substantive tests 
    because results of substantive analytical procedures often impact the nature 
    and extent of detailed testing. Substantive analytical procedures might direct 
    attention to areas of increased risk, and the assurance obtained from effective 
    substantive analytical procedures will reduce the amount of assurance needed 

    from other tests.

    12.2.2.The nature of analytical procedures

    Analytical procedures involve the analysis of the relationships such as between 
    items of financial data to identify consistency and predicted patterns or 
    significant fluctuations, unexpected relationships and results of investigations 

    thereof. Analytical procedures are used throughout the audit process as follows:

    a) Preliminary analytical review-risk assessment (Compliance with 

    ISA 315)

    Preliminary analytical reviews are performed to obtain an understanding of 
    the business and its environment (e.g. financial performance relative to prior 
    years and relevant industry and comparison groups), to help assess the risk of 
    material misstatement in order to determine the nature, timing and extent of audit 

    procedures, i.e to help the auditor develop the audit strategy and programme.

    b) Substantive analytical procedures
    Analytical procedures are used as substantive procedures when the auditor 
    considers that the use of analytical procedures can be more effective or efficient 
    than tests of details in reducing the risk of material misstatements at the assertion 

    level to an acceptably low level.

    c) Final analytical review (Compliance with ISA 520)

    Analytical procedures are performed as an overall review of the financial 
    statements at the end of the audit to assess whether they are consistent with 
    the auditor’s understanding of the entity. Final analytical procedures are not 
    conducted to obtain additional substantive assurance. If irregularities are found, 
    risk assessment should be performed again to consider any additional audit 

    procedures deemed necessary.

    12.2.3. Analytical procedures in substantive testing

    Performing analytical procedures involve the following four steps:
    • Develop an expectation of account balance or ratio 
    • To determine the amount of difference from expectation that can be 
    accepted without investigation.
    • Comparison of company’s account balance or ratio with the expected. 
    • Investigate and evaluate significant ratio or difference from the 

    expectation

    Substantive analytical procedures are used for accounts balances or classes of 
    transactions where it is possible to develop an expected value for the recorded 
    amount or ratio. It should be however, noted that analytical procedures tend 
    to be appropriate for large volumes of predictable transactions (for example, 

    wages and salaries).

    Analytical procedures can be designed to test several assertions at the same 

    time. Some examples are shown in the table below:

    Gasaka secondary school has 331 students. As per the schools’ standards 
    procedures, each student is required to consume FRW 4750. The school 
    calendar of 2022 had 37 weeks/the year. The financial statement for the year 
    ended 31 December indicated expenditure of FRW 325,000,000 on students’ 
    consumptions. Use analytical procedures to audit the above expenditure 

    reported in Gasaka secondary school for the period ended 30 June 2022. 

    Answer:

    Step 1 
    • Obtain the school register and confirm whether the number of students 
    existed throughout the academic year
    • Obtain the approved school standards operating procedures/ guidelines 

    determining amount to be consumed by each student on daily basis. 

    Step 2

    • Develop the expectations

    Step 3
    • Obtain explanation(s) on the difference of FRW 82,212,750
    • Asses/analyze the reasons or justifications provided
    In response to the difference, the management reviewed their records and 
    noted that 67 were not available at some of days, hence form the basis for the 

    difference above (67*4750* 259).

    Step 4
    Conclusion, the auditor concludes that the amount repported is appropriate 

    (completeness and accurate and cut off)

    1. Investigation of fluctuations and relationships

    In planning the analytical procedures as a substantive test, the auditor should 
    consider the amount of difference from the expectation that can be accepted 
    without further investigation. This consideration is influenced primarily by 
    materiality and should be consistent with the level of assurance desired from the 
    procedures. Determination of this amount involves considering the possibility 
    that a combination of misstatements in the specific accounts balances, or class 
    of transactions, or other balances or classes could aggregate to an unacceptable 

    amount.

    The auditor should evaluate significant unexpected differences. Reconsidering 
    the methods and factors used in developing the expectation, the inquiry of 
    management may assist the auditor in this regard.

    Management responses should ordinarily be agreed with other evidential matter. 

    In those cases, when an explanation for the difference cannot be obtained, the 
    auditor should obtain sufficient evidence about the assertion by performing 
    other audit procedures to satisfy himself/herself as to whether the difference is 
    a likely misstatement. In designing such other procedures, the auditor should 
    consider that unexplained differences may indicate an increased risk of material 

    misstatement.

    Application activity 12.2

    BC ltd company employs staff of different levels. The table below shows 
    their levels and salaries per month. You have been appointed by audit 
    supervisor to audit the expense related to salary disclosed in the financial 
    statements for BC Ltd company. Note that the financial statements for BC 
    Ltd company for the year ended 31 Dec 2019 under audit show the expense 

    of FRW 115,000,000.

    Demonstrate the audit procedure you should perform during the audit of 
    the salary expense included in BC Ltd company financial statements for the 

    period ended 30 December 2019.

    12.3. Audit procedures for some elements of financial 

    statements

    Learning activity 12.3


    1. What do you think the person in the picture doing?

    2. What is the purpose of the tool he has?

    12.3.1. Inventory

    The valuation and disclosure rules for inventory are laid down in IAS 2. Inventory 
    should be valued at the lower of cost and net realisable value.
    Cost is defined by IAS 2 as comprising all costs of purchase and other costs 
    incurred in bringing inventory to its present location and condition. Net realisable 
    value is the estimated selling price in the ordinary course of business, less the 
    estimated cost of completion and the estimated costs necessary to make the 

    sale.

    a) Audit procedures of inventory

    The following procedures should be performed during the audit of inventory 

    balance disclosed in the financial statements.

    • The physical inventory count

    Physical inventory count procedures are vital, as they provide evidence which 
    cannot be obtained elsewhere or at any other time about the quantities and 

    conditions of inventories and work-in-progress. 

    ISA 501 Audit evidence – specific considerations for selected items provides 
    guidance for auditors on attending the physical inventory count to obtain 
    evidence regarding the existence and condition of inventory. It states that where 
    inventory is material, auditors shall obtain sufficient appropriate audit evidence 
    regarding its existence and condition by attending the physical inventory count 

    (unless this is impracticable) to do the following: 

    • Evaluate management’s instructions and procedures for recording and 
    controlling the result of the physical inventory count 
    • Observe the performance of the count procedures 
    • Inspect the inventory

    • Perform test counts

    When observing inventory count, the auditor should also consider the following:

    • Observe whether the client’s staff are following instructions, as this will 
    help to ensure the count is complete and accurate. 
    • Perform test counts to ensure procedures and internal controls are 
    working properly, and to gain evidence over existence and completeness 
    of inventory.
    • Ensure that the procedures for identifying damaged, obsolete and 
    slow-moving inventory operate properly; the auditors should obtain 
    information about the inventory’s condition, age, and usage and, in the 
    case of work-in-progress, its stage of completion to ensure that it is 
    later valued appropriately. 
    • Confirm that inventory held on behalf of third parties is separately 
    identified and accounted for so that inventory is not overstated. 
    • Conclude whether the count has been properly carried out and is 
    sufficiently reliable as a basis for determining the existence of inventories. 
    • Consider whether any amendment is necessary to subsequent audit 
    procedures.
    • Gain an overall impression of the levels and values of inventories held 
    so that the auditors may, in due course, judge whether the figure for 

    inventory appearing in the financial statements is reasonable.

    12.3.2.Non- current assets

    a) The audit procedures of Property Plant and Equipment (PPE)

    The following are some of the substantive audit procedures for non-current 

    assets.

    Substantive audit procedures for Intangible non-current assets

    Key assertions for intangible non-current assets are existence and valuation.

    Auditor has to apply different audit procedures during the audit of Intangible 
    non-current assets. The following are the substantive procedures that should 

    be performed by the auditors.

    1. Audit procedures for good will

    • Agree the consideration to sales agreement by inspection.

    • Consider whether asset valuation is reasonable.

    • Agree that the calculation is correct by recalculation. 

    • Review the impairment review and discuss with management. 

    • Ensure valuation of goodwill is reasonable / there has been no 

    impairment not adjusted through discussion with management.

    2. Research and development (R&D) costs

    • Confirm that capitalized development costs conform to IAS 38 criteria 
    by inspecting details of projects and discussions with technical 

    managers. 

    • Confirm feasibility and viability by inspection of budgets. 

    • Recalculate amortization’s calculation to ensure it commences with 

    production / is reasonable. 

    • Inspect invoices to verify expenditure incurred on R&D projects.

    3. Other intangible assets

    • Agree purchased intangibles to purchase documentation agreement 

    by inspection. 

    Inspect specialist valuation of intangibles and ensure it is reasonable.

    • Review amortization calculations and ensure they are correct by 

    recalculation.

    12.3.3. Substantive audit procedures for Account Receivables

    Receivables are usually audited using a combination of test of details and 
    analytical procedures. The audit of receivable is important as this is likely to be 
    a material area. A combination of analytical procedures and tests of details are 

    used, with sales also being tested in conjunction with trade receivables.

    Existence, completeness and valuation are the key assertions relating to the 
    audit of receivables. Receivables are often tested in conjunction with sales. The 

    key assertions for sales are occurrence, completeness and accuracy.

    The following are the audit procedures that can be performed during the audit 

    of receivables:

    Note that part of the substantive audit procedures, the auditor should always 
    endeavour to request for confirmation for all financial position balances (those 

    included in the sample) from third parties ie debtors, creditors and banks.

    Part of the audit procedures, the auditor need to request confirmation from the 

    concerned debtors.

    a) Receivables confirmation

    ISA 505 states that when it is reasonable to expect customers to respond, 
    the auditor should ordinarily plan to obtain direct confirmation of receivables 
    to individual entries in an account balance. Verification of trade receivables by 
    direct confirmation the normal means of providing audit evidence to satisfy the 
    objective of checking whether customers exist and owe bonafide amounts to 

    the company (existence and rights and obligation).

    b) Two methods of confirmation

    • Positive
    A positive external confirmation requests the confirming party to reply to the 
    auditor in all cases, either by indicating the confirming party’s agreement with 

    the given information, or by asking the confirming party to provide information.

    • Negative
    Negative confirmation provides less persuasive audit evidence than positive 
    confirmation. Accordingly, the auditor shall not use negative confirmation 
    requests as the sole substantive audit procedure to address an assessed risk 
    of material misstatement at the assertion level unless all of the following are 

    present: 

    • The auditor has assessed the risk of material misstatement as low 
    and has obtained sufficient appropriate audit evidence regarding the 
    operating effectiveness of controls relevant to the assertion; 
    • The population of items subject to negative confirmation procedures 
    comprises a large number of small, homogeneous account balances, 
    transactions or conditions;
    • A very low exception rate is expected; and 
    • The auditor is not aware of circumstances or conditions that would 
    cause recipients of negative confirmation requests to disregard such 

    requests.

    12.3.4. Cash and bank Balances

    a) Bank balances 

    The following are key procedures the auditor should consider during the audit 
    of bank balances. During the audit of bank balances, the auditor has to test the 

    assertions of completeness, valuation, existence, cut-off and presentation.

    The auditor shall perform the following audit procedures: 

    • Obtain standard bank confirmations from each bank with which the 

    client conducted business during the audit period. 

    • Reperform arithmetic of bank reconciliation.

    • Trace cheques shown as outstanding from the bank reconciliation 
    to the cash book prior to the year end and to the after-date bank 
    statements and obtain explanations for any large or unusual items 

    not cleared at the time of the audit.

    • Compare cash book(s) and bank statements in detail for the last 
    month of the year, and match items outstanding at the reconciliation 

    date to bank statements.

    • Review bank reconciliation previous to the year-end bank reconciliation 
    and test whether all items are cleared in the last period or taken 

    forward to the year-end bank reconciliation.

    • Obtain satisfactory explanations for all items in the cash book for 
    which there are no corresponding entries in the bank statement and 

    vice versa by discussion with finance staff.

    • Verify contra items appearing in the cash books or bank statements 

    with original entry.

    • Verify by inspecting paying-in slips that unclear banking is paid in 

    prior to the year end.

    Examine all lodgments in respect of which payment has been refused 
    by the bank; ensure that they are cleared on representation or that other 
    appropriate steps have been taken to effect recovery of the amount 

    due.

    • Verify balances per the cash book according to the bank reconciliation 

    by inspecting cash book, bank statements and general ledger. 

    Verify the bank balances with reply to standard bank letter and with 

    the bank statements. 

    Inspect the cash book and bank statements before and after the year 
    end for exceptional entries or transfers which have a material effect 

    on the balance shown to be in-hand. 

    • Identify whether any accounts are secured on the assets of the 

    company by discussion with management.

     Consider whether there is a legal right of set-off of overdrafts against 

    positive bank balances.

    • Determine whether the bank accounts are subject to any restrictions 

    by enquiries with management.

    • Review draft accounts to ensure that disclosures for bank are complete 

    and accurate and in accordance with accounting standards.

    b) Cash balances 

    Cash balances/floats are often individually immaterial but they may require some 
    audit emphasis because of the opportunities for fraud that could exist where 

    internal control is weak. 

    The auditor will be very much concerned whether the cash exists, is complete, 
    and belongs to the company (rights and obligations) and is also stated at the 

    correct value.

    The following are some of the substantive audit procedures the auditor has to 
    perform:
    • Count all cash balances and agree to petty cash book or other record 
    kept. 
    • Count all cash at same time and ensure all work is done in presence 
    of staff. 
    • Obtain a certificate of cash in hand from staff member.
    • Enquire about IOUs or cheques cashed.
    • Confirm balances are in agreement with the accounts. 
    • In addition, check whether the IOUs and un-cashed cheques have 

    subsequently been cleared timely.

    12.3.5. Liabilities

    Liabilities are classified into:
    • Accounts payables and accruals 
    • Non-current Liabilities 
    • Capital and 

    • Reserve

    During the audit of these balances, the auditor should consider the nature and 
    transactions that effect each balance. Below are audit procedures for each of 

    the balances of the above highlighted balances:

    a) Audit procedure for accounts payables and accruals

    Note that payables are audited with purchases/expenses. This therefore 
    requires the auditor to adopt some audit procedures for income statements 
    items (classes of transactions and events). In this regard, some of assertions 

    like cut off and occurrence are tested.

    • Substantive audit procedures for provisions

    The auditor should observe the requirements of IAS 37 during the audit of 
    provisions. As per IAS 37 provision, a provision is a liability of uncertain timing 
    and amount. It is therefore of paramount importance for audit to apply appropriate 
    audit procedures while carrying the audit of the provisions. The auditor should 

    endeavour to apply these audit procedures.

    – Obtain details of all provisions which have been included in the 
    accounts and all contingencies that have been disclosed

    Obtain a detailed analysis of all provisions showing opening 
    balances, movements and closing balances.

    – Determine for each material provision whether the company has a 
    present obligation as a result of past events 

    – Review of correspondence relating to the item

    – Discussion with the directors. Have they created a valid 

    expectation in other parties that they will discharge the obligation? 

    Determine for each material provision whether it is probable that 
    a transfer of economic benefits will be required to settle the 

    obligation by:

    – Checking whether any payments have been made in the post year 

    end period in respect of the item by reviewing after-date cash

    – Review of correspondence with solicitors, banks, customers, 

    insurance company and suppliers both pre and post year end

    Sending a letter to the solicitor to obtain their views (where 

    relevant) 

    Discussing the position of similar past provisions with the 

    directors. Were these provisions eventually settled? 

    – Considering the likelihood of reimbursement.

    – Recalculate all provisions made.

    – Compare the amount provided with any post year end payments 

    and with any amount paid in the past for similar items.

    – In the event that it is not possible to estimate the amount of the 
    provision, check that a contingent liability is disclosed in the 

    accounts.

    – Consider the nature of the client’s business. Consider likely 
    provisions not disclosed by the management of a company under 

    audit.

    – Consider the adequacy of disclosure of provisions, contingent 

    assets and contingent liabilities in accordance with IAS 37.

    b) Audit procedures for Non-Current Liabilities

    c) Substantive audit procedures for capital and related issues

    The auditor should review transactions and events could have affected the 
    equity. This helps the auditor in collecting sufficient and appropriate audit 
    evidences. Thus, come up with the appropriate audit conclusion. The following 
    are some of audit procedures auditors perform during the review of capital 

    balance disclosed in the financial statements of a company.

    • Share capital

    Agree the authorised share capital with the statutory documents 

    governing the company’s constitution.

    – Agree changes to authorised share capital with properly 

    authorised resolutions.

    • Issue of shares

    Verify any issue of share capital or other changes during the year 

    with general and board minutes.

    Ensure issue or change is within the terms of the constitution, and 

    directors possess appropriate authority to issue shares. 

    Confirm that cash or other consideration has been received or 

    receivable(s) is included as called-up share capital not paid.

    • Transfer of shares
    – Verify transfers of shares by reference to: 
    • Correspondence
    • Completed and stamped transfer forms
    • Cancelled share certificates

    • Minutes of directors’ meeting

    Review the balances on shareholders’ accounts in the register of 
    members and the total list with the amount of issued share capital in 

    the general ledger.

    – Agree dividends paid and declared pre year end to authority in 
    minute books and reperform calculation with total share capital 
    issued to ascertain whether there are any outstanding or unclaimed 

    dividends.

    Agree dividends payment to documentary evidence (say, the 

    returned dividends warrants).

    – Test that dividends do not contravene distribution of provisions by 

    reviewing the legislation.

    • Reserves

    – Agree movements on reserves to supporting authority.

    – Ensure that movements on reserves do not contravene the
    legislation and the company’s constitution by reviewing the 

    legislation.

    Confirm that the company can distinguish distributable reserves 

    from those that are non-distributable.

    – Ensure that appropriate disclosures of movements on reserves 
    are made in the company’s accounts by inspection of the financial 

    statements.

    12.3.6. Substantive audit procedures for expenses

    During the audit of expenses, the auditor should focus on potential risks. The 

    following are key potential risks:

    • Occurrence- recorded transactions may have not occurred /not valid
    • Completeness- not all transactions are recorded
    • Accuracy- some transactions are inaccurate 

    • Cut- off- some transactions are recorded in wrong accounting period

    The following are some of audit procedures for expenses;
    • For transactions sample, obtain their relevant supporting documents 
    such as invoice, goods received note and payment advice note 
    • Review the supporting documents and check whether the transactions 
    occurred and relate to the entity
    • Check whether all expenses were recorded in the books of accounts 
    at the correct amounts by agreeing the recorded amounts with their 
    relevant supporting documents such as invoices, good delivered note 
    and good received note and invoice register, verify the accuracy of the 
    amounts shown on the invoices by reconciling the invoices with good 
    received note and payment advice.
    • Ensure that the transactions were recorded in the correct accounts 
    following the entity’s chart of accounts by agreeing the entries passed 
    with the entity’s chart of accounts
    • Confirm whether the expenses relate to the correct period( accounting 
    period) by comparing when services have been consumed/benefited( 
    in accrual basis of accounting) and the period of accounting for the 

    expenses.

    12.3.7. Substantive procedures for revenue

    During the audit of revenue both test of controls and substantive audit procedures 
    are applied. The following are some of substantive audit procedures that should 

    be executed by the auditor during the audit of revenue:

    • Compare the total revenue with that reported in previous years and the 

    revenue budgeted, and investigate any significant fluctuations. 

    • For a sample of customer orders, trace the details to the related 
    despatch notes and sales invoices and ensure there is a sale recorded 

    in respect of each (to test the completeness of revenue). 

    For a sample of sales invoices for larger customers, recalculate the discounts 

    allowed to ensure that these are accurate. 

     Select a sample of despatch notes in the month immediately before and 
    month immediately after the year end. Trace these through the related 
    sales invoices and resultant accounting entries to ensure each sale 
    was recorded in the appropriate period.
    • Obtain an analysis of sales by major categories of toys manufactured 
    and compare this to the prior year breakdown and discuss any unusual 
    movements with management. 
    • Calculate the gross profit margin for the year and compare this to the 
    previous year and expectations. Investigate any significant fluctuations. 
    • Recalculate the sales tax for a sample of invoices and ensure that the 
    sales tax has been correctly applied to the sales invoice. 
    • Select a sample of credit notes issued after the year end and trace 
    these through to the related sales invoices to ensure sales returns were 

    recorded in the proper period.

    Note that the audit of revenue should always linked with audit of 

    receivables.

    Application activity 12.3

    You are the Senior auditor at MK CPA Ltd and you are requested to perform 

    the audit of the following balances disclosed in the financial statements of 

    MT Ltd for year ended 30 October 2022.

    a) Stock of FRW 10,000,000

    b) PPE of FRW 50,000,000

    c) Receivables FRW 50,000,000 

    d) Revenue FRW 100,000,000

    Identify four substantive audit procedures you would perform during the audit 

    of the above balances.

    Skills lab activity 12

    With the guidance of the teacher, the learners should be shared the school 
    financial statements and underlying records (accounting information).

    • Students will use financial information and carry out analytical 
    review of different informations presented in financial statement 
    where deemed necessary. They will be asked to carry out the 
    comparison of the current financial information with the previous 
    year and asses the relationships of the identified differences , and 
    be helped to assess the explanations 

    • Students will use financial information and evaluate the reliability 
    of the data from which the expectation has been developed

    • Students will be helped on how to establish substantive audit tests 
    on each balance, class of transactions and disclosure included in 
    the financial statement

    • Students will be helped on how to obtain audit evidences 
    during performance of the substantive audit tests on individual 

    transactions, balances and disclosures

    End unit 12 assessment

    1. What is the purpose of substantive audit procedures? 

    2. Differentiate substantive audit procedures from analytical procedures

    3. What are the different methods of collecting audit evidences?

    4. What is the main purpose of audit evidences? 

    5. What are the key audit procedures you would perform on the 

    following financial statements balances

    a) Cash and bank balances

    b) Liabilities

    c) Property plant and equipment

    d) Revenue

    e) Expenses

  • UNIT 13: AUDIT JUDGEMENT

    Key unit competence: To be able to form an audit judgement
    Introductory activity
    Auditors are required to plan and conduct the audit in conformity 
    withIinternational Standards on Auditing. The standards require an auditor 
    to plan and conduct the audit accordingly and provide the appropriate audit 
    opinion on the audited financial statements. 
    The auditors may issue unqualified or qualified opinion. In the process of 
    deciding on the appropriate audit opinion, there are cases where an auditor 
    is obliged to make judgements. Making the appropriate judgements depends 
    on the auditor’s experience and skills. This calls for an auditor to perform 
    the audit of financial statements and make proper judgments with view of 
    forming an audit opinion. 
    1. In what circumstances do you think the auditor can make judgements?
    13.1. Form of audit judgement
    Learning activity 13.1

    Look at the image above and answer the following questions: 
    1. What do you see on the above image? 
    2. When and why an auditor needs to make judgement.
    13.1.1. Overall review of financial statement
    a. The meaning of audit judgement
    Audit judgement can be defined as any decision or evaluation made by an 
    auditor, which influences or governs the process and outcome of an audit of 
    financial statements.
    b. Financial statements and related disclosures refer to a company’s 
    financial statements and notes to the financial statements as presented in 
    accordance with Generally Accepted Accounting Principles (GAAP)
    c. Review of financial statements
    Auditors must perform and document an overall review of the financial statements 
    before reaching an opinion. This review should include a review of accounting 
    policies and a review for consistency and reasonableness.
    The auditors will have a draft set of financial statements which should be 
    supported by appropriate and sufficient audit evidence when the bulk of the 
    substantive procedures have been carried out. At the beginning of the end of 
    the audit process, it is usual for the auditors to undertake an overall review of 
    the financial statement.
    Compliance with accounting regulations/policies
    The auditors should consider whether:
    • The information presented in the financial statements is in accordance 
    with local/national statutory requirements
    • The accounting policies employed are in accordance with accounting 
    standards, properly disclosed, consistently applied and appropriate to 
    the entity.
    When examining the accounting policies, auditors should consider:
    • Policies commonly adopted in particular industries
    • Policies for which there is substantial authoritative support
    • Whether any departures from applicable accounting standards are 
    necessary for the financial statements to give a true and faire view
    • Whether the financial statements reflect the substance of the underlying 
    transactions and not merely their form.
    Review for consistency and reasonableness
    • The auditors should consider whether the financial statements are 
    consistent with their knowledge of the entity’s business and with the 
    results of other audit procedures, and the manner of disclosure is fair. The 
    principal considerations are as follows: whether the financial statements 
    adequately reflect the information and explanations previously obtained 
    and conclusions previously reached during the course of the audit.
    • Whether it reveals any new factors which may affect the presentation 
    of, or disclosure in, the financial statements.
    • Whether analytical procedures applied when completing the audit, 
    such as comparing the information in the financial statements with 
    other pertinent data, produce results which assist in arriving at the 
    overall conclusion as to whether the financial statements as a whole 
    are consistent with the knowledge of the entity’s business.
    • Whether the presentation adopted in the financial statements may have 
    been unduly influenced by the director’s desire to present matters in a 
    favourable or unfavourable light.
    • The potential impact on the financial statements of the aggregate of 
    uncorrected misstatements (including those arising from bias in making 
    accounting estimates) identified during the course of the audit and the 
    preceding period’s audit, if any.
    Analytical procedures 
    Analytical review procedures are used as part of the overall review procedures at 
    the end of an audit, but key factors which should be reviewed include: important 
    accounting ratios, variances and variations caused by industry or economic 
    factors.
    The auditors would also discuss business matters with the directors, such 
    as changes in the sales mix, price rises, wages increases, and see if the 
    directors’ comments about such matters made sense of the figures in the 
    financial statements.
    For example: if a director said that everyone had received a pay increase of 3%, 
    this would make sense of small rise in wages cost although no new staff had 
    been hired. The auditors would verify this explanation by looking to see if the 
    payroll reflects this 3% rise.
    The auditors also assess if there are any areas in the financial statements which 
    are significantly different from the previous financial statements and obtain 
    explanations from these. At this stage, the auditor is concerned whether the 
    financial statements are internally consistent, so predictable relationships in 
    particular will be important.

    ISA 700 states that forming an opinion as to whether the financial statements 
    give a true and fair view involves evaluating the fair presentation of the financial 
    statements.
    The auditor must consider:
    • Whether the financial statements (after any adjustments as a result of 
    the audit process) are consistent with the auditor’s understanding of 
    the entity and its environment
    • The overall presentation, structure and content of the financial 
    statements
    • Whether the financial statements, including disclosures in the notes, 
    faithfully represent the underlying transactions and events.
    Analytical procedures performed at or near the end of the audit help corroborate 
    conclusions formed during the audit and assist in arriving at the overall 
    conclusions regarding fair presentations.
    13.1.2. Events after the end of the period
    The auditors should consider the effect of subsequent events on the financial 
    statements, up to the date the financial statements are signed
    a) Subsequent events
    Subsequent events are events occurring between the date of the financial 
    statements and the date of the auditor’s report, and facts that become known 
    to the auditor after the date of the auditor’s report. (ISA 560).
    Subsequent events include: 
    • Events occurring between the end of the reporting period and the date 
    of the auditor’s report
    • Facts discovered after the date of the auditor’s report
    b) Events after the reporting period
    Events after the reporting period deal with the treatment in financial statements 
    of events, both favourable and unfavourable, occurring after the period-end.
    There are two types of events:
    Adjusting events: are those that provide further evidence of conditions that 
    existed at the end of reporting period
    Non-adjusting events: are those that are indicative of conditions that arose 
    after the end of the report period.
    Events occurring up to the date of the auditor’s report ISA 560.6
    The auditor shall perform procedures designed to obtain sufficient appropriate 
    audit evidence that all events occurring between the date of the financial 
    statements and the date of the auditor’s report that require adjustment of, or 
    disclosure in, the financial statements have been identified.
    These procedures should be applied to any matters examined during the audit 
    which may be susceptible to change after the period end. They are in addition 
    to tests on specific transactions after the date of the financial statements, e.g. 
    cut-off tests.
    Depending on the auditor’s risk assessment, procedures may involve the review 
    or testing of accounting records or transactions occurring between the date of 
    the financial statements and the auditor’s report. 
    The ISA lists procedures to identify subsequent events which may require 
    adjustments or disclosures. They should be performed as near as possible to 
    the date of the auditor’s report. (ISA 560.7)

    Reviews and updates of these procedures may be required, depending on the 
    length of the time between the procedures and the signing of the auditor’s 
    report and the susceptibility of the items to change over time.
    ISA 560.8
    If the auditor identifies events that require adjustment of, or disclosure in, the 
    financial statements the auditor shall determine whether each such event is 
    appropriately reflected in those financial statements in accordance with the 
    applicable financial reporting framework.
    The ISA also requires the auditor to obtain written representations confirming 
    that all subsequent events have been adjusted or disclosed.
    ISA 560.9
    The auditor shall request management and, where appropriate, those charged 
    with governance, to provide a written representation that all events occurring 
    subsequent to the date of the financial statements and for which the applicable 
    financial reporting framework requires adjustment or disclosure have been 
    adjusted or disclosure.
    13.1.3. Going concern
    The auditor should communicate to the audit committee, when applicable, the 
    following matters relating to the auditor’s evaluation of the company’s ability to 
    continue as a going concern:
    • If the auditor believes there is substantial doubt about the company’s 
    ability to continue as a going concern for a reasonable period of time, the 
    conditions and events that the auditor identified that, when considered 
    in the aggregate, indicate that there is substantial doubt.


    • If the auditor concludes, after consideration of management plans, that 
    substantial doubt about the company’s ability to continue as a going 
    concern is alleviated, the basis for the auditor’s conclusion, including 
    elements the auditor identified within management’s plans that are 
    significant to overcoming the adverse effects of the conditions and 
    events.

    • If the auditor concludes, after consideration of management’s plans, 
    that substantial doubt about the company’s ability to continue as a 
    going concern for a reasonable period of time remains:

    – The effects, if any, on the financial statements and the 
    adequacy of the related disclosure; and

    – The effects on the auditor’s report.

    Factors considered when management make an assessment on going 

    • The degree of uncertainty about the events or conditions being 
    assessed increases significantly the further into the future the 

    assessment is made. 

    • Judgements are made on the basis of the information available at the 

    time.

    • Judgements are affected by the size and complicity of the entity, the 
    nature and condition of the business and the degree to which it is 

    affected by external factors.

    The examples of possible indicators of going concern problems are as follows:

    Financial indications

    • Net liabilities or net current liability position where the company has 
    more liabilities than assets
    • The company needs borrowing facilities which have not been agreed
    • Relying too heavily on short-term borrowing
    • Major debt repayment falling due where the company will need to 
    borrow again if it can
    • Major restructuring of debt – this may indicate difficulties in repaying 
    the debt which in turn may indicate going concern issues. 
    • Indications that creditors want to call in loans
    • Negative operating cash flows in budgets or financial statements
    • Major losses or cash flow problems which have arisen since the 
    reporting date
    • The company stopped paying dividends or falling behind in paying them
    • Inability to pay suppliers’ invoices (payables) on due dates
    • Inability to comply with terms of loan agreements
    • Reduction in normal terms of trade credit by suppliers
    • Change from credit to cash-on-delivery transactions with suppliers
    • Inability to obtain financing for essential new product development or 
    other essential investments

    • Substantial sales of non-current assets not intended to be replaced

    Operating indications
    • Loss of key management without replacement
    • Loss of key staff without replacement

    • Loss of a major market, franchises, licence, or principal supplier

    • Labour difficulties or shortages of important supplies as this would 
    prevent the company from carrying out its business and eventually its 
    ability to remain in business
    • Fundamental changes in market or technology
    • Excessive dependence on a few product lines where the market is 
    depressed

    • Technical developments which render a key product obsolete

    Other indications

    • Non-compliance with capital or other statutory requirements
    • Pending legal proceedings against the entity that may, if successful, 
    result in judgements that could not be met
    • Changes in legislation or government policy
    • Issues which involve a range of possible outcomes so wide that an 
    unfavourable result could affect the appropriateness of the going 

    concern basis

    The significance of such indications can often be mitigated/reduced by other 
    factors.
    • The effect of an entity being unable to make its normal debt repayments 
    may be counterbalanced by management’s plans to maintain adequate 
    cash flows by alternative means, such as by disposal of assets, 
    rescheduling of loan repayments, or obtaining additional capital.
    • The loss of a principal supplier may be mitigated by the availability of a 

    suitable alternative source of supply.

    13.1.4. Written representations 

    a) The meaning of key concepts

    • Written representation

    Written representations are written statements by management, provided to the 

    auditor, to confirm certain matters or to support other audit evidence.

    Management

    Management can be defined as the person (s) with executive responsibility for 

    the conduct of the entity’s operations.

    b) Acknowledgement by Management of their responsibilities

    The auditor shall request management to provide a written representation that: 

    • It has provided the auditor with all relevant information and access as 

    agreed in the terms of the audit engagement; and 

    • All transactions have been recorded and are reflected in the financial 

    statements.

    Audit evidence obtained during the audit that management has fulfilled the 
    responsibilities is not sufficient without obtaining confirmation from management 

    that it believes that it has fulfilled those responsibilities. 

    For example, the auditor could not conclude that management has provided the 
    auditor with all relevant information agreed in the terms of the audit engagement 
    without asking it whether, and receiving confirmation that, such information has 

    been provided. 

    c) Representations by management as audit evidence 

    The auditor should obtain written representations from management on matters 
    material to the financial statements when other audit evidence cannot reasonably 
    be expected to exist. It may be necessary to inform management of the auditor’s 

    understanding of materiality.

    The possibility of misunderstandings between the auditor and management is 
    reduced when oral representations are confirmed by management in writing.

    The auditor should obtain written representations from management that:

    – It acknowledges its responsibility for the design and implementation of 

    internal control to prevent and detect error; and 

    – It believes the effects of those uncorrected financial misstatements 
    aggregated by the auditor during the audit are immaterial to the 

    financial statements taken as a whole.

    During the course of an audit, management makes many representations to 
    the auditor, either unsolicited or in response to specific inquiries. When such 
    representations relate to matters which are material to the financial statements, 

    the auditor will need to:

    – Seek corroborative audit evidence from sources inside or outside the 

    entity, 

    – Evaluate whether the representations made by management appear 

    reasonable and consistent with other audit evidence obtained and 

    – Consider whether the individuals making the representations can be 
    expected to be well informed on the particular matters. 
    Representations by management cannot be a substitute for other audit evidence 
    that the auditor could reasonably expect to be available. If the auditor is unable 
    to obtain sufficient appropriate audit evidence regarding a matter which has a 
    material effect on the financial statements and such audit evidence is expected
    to be available, this will constitute a limitation in the scope of the audit, even if a 

    representation has been received on the matter. 

    In certain instances, audit evidence other than that obtained by performing 
    inquiry may not be reasonably expected to be available; therefore the auditor 

    obtains a written representation by management. 

    If a representation by management is contradicted by other audit evidence, the 
    auditor should investigate the circumstances and, when necessary, reconsider 

    the reliability of other representations made by management.

    ISA 580 lists a number of other ISAs which require specific written 

    representations. These include the following: 

    • The effect of uncorrected misstatements is immaterial, both individual 
    and in aggregate
    • All known actual possible litigation and claims have been disclosed
    • Whether assumption used in making accounting estimates are 
    reasonable
    • All subsequent events requiring adjustment or disclosure have been 
    adjusted for or disclosed 

    • Future actions and feasibility of plans relating to going concern issues.

    Documentation of written Representations by Management

    The auditor would ordinarily include, in audit working papers, evidence of 
    management’s representations in the form of a summary of oral discussions 

    with management or written representations from management.

    A written representation is ordinarily more reliable audit evidence than an oral 

    representation and can take the form of:

    • A representation letter from management, 
    • A letter from the auditor outlining the auditor’s understanding of 
    management’s representations, duly acknowledged and confirmed by 
    management, 
    • Relevant minutes of meetings of the board of directors or similar body 
    or a signed copy of the financial statements.

    Basic elements of a representation letter

    A representation letter should:
    • Be addressed to the auditors
    Contain specified information
    • Be appropriately dated and signed by the management. It would 

    ordinarily be dated the same date as the auditor’s report.

    Actions if management refuse to provide representations 
    If management does not provide one or more of the requested written 

    representations the auditor shall:

    • Discuss the matters with management;

    • Re-evaluate the integrity of management and evaluate the effect that 
    this may have on the reliability of representations and audit evidence in 

    general; and

    • Take appropriate actions, including determining the possible effect on 

    the opinion in the auditor’s report;

    In these circumstances, the auditors should consider whether it is appropriate 

    to rely on other representations made by management during the audit.

    13.1.5. Completion 

    a) Summarising uncorrected misstatements

    Misstatement is a difference between the amounts, classification, presentation, 
    or disclosure of a reported financial statement item and the amount, classification, 
    presentation, or disclosure that is required for the item to be in accordance with 
    the applicable financial reporting framework, and can arise either from error or 

    fraud. (IFAC, 2016)

    The auditor should consider the cumulative effect of uncorrected misstatements.

    The summary of uncorrected misstatements will not only list misstatements 
    from the current year, but also those in the previous year(s). This will allow 
    uncorrected misstatements to be highlighted which are reversals of uncorrected 
    misstatements in the previous year, such as in the valuation of closing/opening 
    inventory. Cumulative uncorrected misstatements may also be shown, which 
    have increased from year to year. It is normal to show both the statement of 
    financial position and the statement of profit or loss and other comprehensive 

    income effect, as in the example given here.

    b) Evaluating the effect of misstatements

    Misstatements, including omissions are considered to be material if they, 
    individual or in the aggregate, could reasonably be expected to influence the 
    decisions of users taken on the basis of the financial statements.
    The concept materiality is applied by the auditor both in planning and performing 
    the audit, and in evaluating the effect of identified misstatements on the audit
    and of uncorrected misstatements, if any, on the financial statements and in 

    forming the opinion in the auditor’s report.

    The aggregate of uncorrected misstatements comprises:

    • Specific misstatements identified by the auditors, including the net 
    effect of uncorrected identified during the audit of the previous period 

    if they affect the current period’s financial statements;

    • Their best estimate of other misstatements which cannot be 

    quantified specifically (ie .projected errors).

    If the auditors consider that the aggregate of misstatements may be material, they 
    must consider reducing audit risk by extending audit procedures or requesting 
    management to adjust the financial statements (which management may wish 

    to do anyway).

    If management refuses to correct some or all of the misstatements communicated 
    by the auditor, the auditor shall obtain an understanding of management’s 
    reasons for not making the corrections and shall take that understanding into 
    account when evaluating whether the financial statements as a whole are free 

    from material misstatement.

    The auditor shall request a written representation from management and, where 
    appropriate, those charged with governance whether they believe the effects of 
    uncorrected misstatements are immaterial, individually and in aggregate, to the 

    financial statements as a whole.

    If the aggregate of the uncorrected misstatements that the auditors have 
    identified approaches the materiality level, the auditors should consider 
    whether it is likely that undetected misstatements, when taken with aggregated 
    uncorrected misstatements, could exceed the materiality level. Thus, as 
    aggregate uncorrected misstatements approach the materiality level the auditors 

    should consider reducing the risk by:

    – Performing additional audit procedures; 
    – Requesting management to adjust the financial statements for 

    identified misstatements.

    The schedule will be used by the audit manager and partner to decide whether 
    the client should be requested to make adjustments to the financial statements 

    to correct the errors.

    c) Completion checklists

    Audit firms frequently use checklists (which must be signed off) to ensure that 
    all final procedures have been carried out, all material amounts are supported 

    by sufficient appropriate evidence, and so forth.

    For example, extracts from an audit checklist might contain the following points:

    Application activity 13.1

    Questions

    1. What are the principal considerations in a review of the financial 

    statements for consistency and reasonableness?

    2. In certain instances, audit evidences other than that obtained by 
    performing inquiry may not be reasonably expected to be available.
    Therefore the auditor obtains a written representation from 

    management. 

    Identify the actions that be taken by the auditor if the management 

    refuse to provide the representation.

    Skills lab activity 13

    In their learning team, with guidance of a teacher, students will formulate 

    audit judgement.

    End unit 13 assessment
    1. Identify the main purposes of a representation letter and how far can 
    auditors rely on the audit evidence it provides?
    2. What matters should auditors consider when examining accounting 
    policies?
    3. What are the two types of subsequent events? 
    4. What are the consequences regarding the realisation of assets and 
    liabilities if the going concern basis of accounting is not appropriate?
    5. Which of the following statements concerning written representations 
    is true?
    a. Written representations are appropriate evidence when evidence 
    the auditors expected to be available is unavailable.
    b. If written representations given do not agree with other evidence, 
    auditors should not trust any other representations made by 
    management during the course of the audit.
    c. The representation letter must not be dated after the auditor’s 
    report.
    d. The representation letter must contain a list of all material 

    adjustments to the final financial statements.

  • UNIT 14: AUDIT REPORT

    Key unit competence: To be able to prepare an appropriate report

    Introductory activity

    In modern world, organizations are required to report concerning the general 
    performance to their stakeholders on regular basis. In this regard, different 
    reports such as audit reports, activity reports, and financial reports are being 
    prepared and submitted timely to concerned stakeholders. Some of those 
    reports are statutory and some are not. Those reports are therefore used by 
    different stakeholders to make informed decisions. 

    Question: How do you call the document prepared by the auditor at the end of 

    audit process which contains his conclusion, opinion and recommendations?

    14.1. Auditor’s report

    Learning activity 14.1


    After observing pictures above, identify the documents related to the audit 

    work?

    14.1.1. Meaning of audit report

    An audit report is a document that expresses an auditor’s opinion on a company’s 
    financial performance and compliance with Generally Accepted Accounting 
    Principles (GAAP).An audit report is a written opinion of an auditor regarding 

    an entity’s financial statements.

    An audit report is a document from the auditor of a company that is the end result 
    of the audit process. It states the auditor’s opinion on whether the company’s 
    financial statements are in compliance with the Generally Accepted Accounting 

    Principles (GAAP) and if they are free from material misstatement.

    The audit report is the end-product of the external audit process. It is the 
    document in which the auditor expresses his/her professional judgment on 

    whether the financial statements present a ‘true and fair view’. 

    Is a document prepared by an auditor at the end of auditing process that 
    consolidates all of his/her findings and observations about a company’s financial 

    statements.

    14.1.2. Basic elements of an audit report

    a) Example of audit report

    An example of an unmodified audit report is set out below.

    INDEPENDENT AUDITOR’S REPORT

    (Appropriate addressee)

    Report on the financial statements

    We have audited the accompanying financial statements of BATAMU Ltd 
    Company, which comprise the statement of financial position as at 31 
    December 2021, and the statement of comprehensive income, statement of 
    changes in equity, and statement of cash flows for the year then ended, and a 

    summary of significant accounting policies and other explanatory information.

    Management’s responsibility for the financial statements

    Management is responsible for the preparation and fair presentation of these 
    financial statements in accordance with International Financial Reporting 
    Standards, and for such internal control as management determines is 
    necessary to enable the preparation of financial statements that are free from 

    material misstatement, whether due to fraud or error.

    Auditor’s responsibility

    Our responsibility is to express an opinion on these financial statements 
    based on our audit. We conducted our audit in accordance with International 
    Standards on Auditing. Those standards require that we comply with ethical 
    requirements and plan and perform the audit to obtain reasonable assurance 

    about whether the financial statements are free from material misstatement.

    An audit involves performing procedures to obtain audit evidence about 
    the amounts and disclosures in the financial statements. The procedures 
    selected depend on the auditor’s judgment, including the assessment of 
    the risks of material misstatement of the financial statements, whether due 
    to fraud or error. In making those risk assessments, the auditor considers 
    internal control relevant to the entity’s preparation and fair presentation of the 
    financial statements in order to design audit procedures that are appropriate 
    in the circumstances, but not for the purpose of expressing an opinion on the 
    effectiveness of the entity’s internal control. An audit also includes evaluating 
    the appropriateness of accounting policies used and the reasonableness of 
    accounting estimates made by management, as well as evaluating the overall 

    presentation of the financial statements. 

    We believe that the audit evidence that we have obtained is sufficient and 

    appropriate to provide a basis for our audit opinion.

    Opinion

    In our opinion, the financial statements give a true and fair view (or present 
    fairly, in all material respects,) of the financial position of BATAMU Ltd 
    Company as at 31 December 2021, and of its financial performance and its 

    cash flows for the year then ended in accordance with International Financial 

    Reporting Standards.

    (Auditor’s signature)

    (Date of the report)

    (Auditor’s address)

    b) Qualities of a good audit report

    Qualities of a good audit report are: 

    • It should not be biased to any party with financial stake in the business.

    • It should be forceful.

    • It should be based on constructive criticism/ideas.

    • It should offer constructive and timely suggestions to the management 

    so as to solve problems highlighted in the report.

    • It should be clear and concise.

    c) Importance of audit report

    For the audited company

    • Helps to reveal a true and fair view of the company’s financial statements

    • Reveals errors and frauds committed or inherent in the company’s 

    books of accounts

    • Traces the strength and weaknesses of the internal control system

    • Shows if the internal auditing function is working properly

    • Helps to ensure if the company fulfils legal requirements 

     For the shareholders or associates

    • Helps them to ensure if their shares are earning interest by the company 

    and if it is profitable to continue to invest in the company

    • Helps to know if the statutory requirements are being implemented by 

    the company

    For the tax authorities 

    • The audit report ensures to the government if the taxes due by the 
    company are properly given by the company
    • Ensures if other legal requirements like social security contributions are 
    being implemented 
    • Ensures that the company respects accounting principles, company’s 
    Act and other regulations in application
    • Ensures if the public funds are being used properly by government 

    institutions and other private institutions

    For the thirds parties

    For employees audit report helps them to ensure the continuity of the 
    company’s activities so as to ensure their job security and continuity of 
    employment
    • For the customers they are proud of their relationships with their 
    supplier (audited company) if good management and fair and true 
    image are revealed by the audit report
    • For suppliers, they ensure their market with the audited company if true 
    and fair view is revealed by the auditor’s report
    • For banks and financial institutions, they ensure refund of their loans 

    granted to the audited company

    14.1.3. The auditor’s report on financial statements

    The auditor is required to produce an audit report at the end of the audit which 
    sets out his/her opinion on the truth and fairness of the financial statements. The 
    report contains a number of consistent elements so that users know the audit 

    has been conducted according to recognized standards

    The audit report refers to financial statements and you need to know what these 

    are. They consist of the following:

    • The statement of financial position (or balance sheet).sss

    • The statement of profit or loss ( Income statement )

    • The statement of changes in equity.

    • The cash flow statement.

    • The notes to the account

    ISA 700 Forming an opinion and reporting on financial statements establishes 
    standards and provides guidance on the form and content of the auditor’s 
    report issued as a result of an audit performed by an independent auditor on the 
    financial statements of an entity. It states that the auditor shall form an opinion 
    on whether the financial statements are prepared, in all material respects, in 

    accordance with the applicable financial reporting framework.

    In order to form the opinion, the auditor needs to conclude as to whether 
    reasonable assurance has been obtained that the financial statements are free 
    from material misstatement. The auditor’s conclusion need to consider the 

    following.

    • Whether sufficient appropriate audit evidence has been obtained (ISA 
    330)
    • Whether uncorrected misstatements are material (ISA 450)
    • Whether the financial statements adequately disclose the significant 
    accounting policies selected and applied
    • Whether the accounting policies selected and applied are consistent 
    with the applicable financial reporting framework and are appropriate
    • Whether accounting estimates made by management are reasonable
    • Whether the information in the financial statements is relevant, reliable, 
    comparable and understandable
    • Whether the financial statements provide adequate disclosures to 
    allow users to understand the effect of material transactions and events 
    on the information presented in the financial statements
    • Whether the terminology used in the financial statements is appropriate
    • The overall presentation, structure and content of the financial 
    statements
    • Whether the financial statements represent the underlying transactions 
    and events so as to achieve fair presentation
    • Whether the financial statements adequately refer to or describe the 

    applicable financial reporting framework

    Application activity 14.1

    1. John is a member of ABX ltd Company. Help him to understand the 
    importance of audit report.

    2. What are the qualities of a good audit report?

    14.2. Unmodified auditor’s report and Modified opinions

    Learning activity 14.2


    Read the words on the picture above and give it opposite

    Now we are going to look at the types of audit report that exist. First and simplest 

    is the unmodified audit report. 

    14.2.1. Unmodified audit’s report

    Definition of unmodified audit report

    An unmodified audit report is an audit report containing an audit opinion not 
    modified in any way – either by changing the unmodified opinion or by adding 
    an extra paragraph such as an ‘emphasis of matter’ or ‘other matters’ paragraph 

    after the opinion paragraph.

    An unmodified opinion is the opinion expressed by the auditor when the auditor 
    concludes that the financial statements are prepared, in all material respects, in 

    accordance with the applicable financial reporting framework. 

    If the auditor concludes that the financial statements as a whole are not free from 
    material misstatement or cannot obtain sufficient appropriate audit evidence to 
    make this conclusion, the auditor must modify the opinion in accordance with 

    ISA 705 Modifications to the opinion in the independent auditor’s report.

    We discuss modifications to the opinion in the following sub heading.

    14.2.2. Modified opinions

    A modified opinion is required when:

    The auditor concludes that the financial statements as a whole are not free from 
    material misstatements or the auditor cannot obtain sufficient appropriate audit 
    evidence to conclude that the financial statements as a whole are free from 

    material misstatement.

    Types of modifications 

    There are three types of modified opinions: 
    a. A qualified opinion
    b. An adverse opinion

    c. A disclaimer of opinion

    Qualified opinion

    A qualified opinion must be expressed in the auditor’s report in the following 

    two situations:

    1. The auditor concludes that misstatements are material, but not pervasive to 

    the financial statements.

    Material misstatements could arise in respect of:
    • The appropriateness of selected accounting policies
    • The application of selected accounting policies
    • The appropriateness or adequacy of disclosures in the financial 

    statements

    2. The auditor cannot obtain sufficient appropriate audit evidence on which 
    to base the opinion but concludes that the possible effects of undetected 

    misstatements, if any, could be material but not pervasive.

    The auditor’s inability to obtain sufficient appropriate audit evidence is also 

    referred to as a limitation on the scope of the audit and could arise from: 

    • Circumstances beyond the entity’s control (e.g. accounting records 

    destroyed)

    • Circumstances relating to the nature or timing of the auditor’s work 
    (e.g. the timing of the auditor’s appointment prevents the observation 

    of the physical inventory count)

    Limitations imposed by management (e.g. management prevents 
    the auditor from requesting external confirmation of specific account 

    balances)

    Adverse opinion

    An adverse opinion is expressed when the auditor, having obtained sufficient 
    appropriate audit evidence, concludes that misstatements are both material and 

    pervasive to the financial statements.

    Disclaimers of opinion

    An opinion must be disclaimed when the auditor cannot obtain sufficient 
    appropriate audit evidence on which to base the opinion and concludes that 
    the possible effects on the financial statements of undetected misstatements, if 

    any, could be both material and pervasive.

    Summary of modifications and impact on the auditor’s report

    The following table summarizes the different types of modified opinions that can 

    arise:

    14.2.3. Emphasis of matter and other matter paragraphs in 

    the auditor’s report

    a) Emphasis of matter paragraphs 

    An emphasis of matter paragraph is a paragraph included in the auditor’s report 
    that refers to a matter appropriately presented or disclosed in the financial 
    statements that, in the auditor’s judgment, is of such importance that it is 

    fundamental to users’ understanding of the financial statements. 

    Emphasis of matter paragraphs are used to draw readers’ attention to a matter 
    already presented or disclosed in the financial statements that the auditor feels 
    is fundamental to their understanding, provided that the auditor has obtained 

    sufficient appropriate audit evidence that the matter is not materially misstated.

    b) Other matter paragraphs 

    Other matter paragraphs are used where the auditor considers it necessary to 
    draw readers’ attention to a matter that is relevant to their understanding of the 

    audit, the auditor’s responsibilities or the auditor’s report.

    The other matter paragraph must be included immediately after the opinion 
    paragraph and any emphasis of matter paragraph, or elsewhere in the auditor’s 

    report if the content of it is relevant to the other reporting responsibilities section. 

    The content of the other matter paragraph must reflect clearly that the other 
    matter is not required to be presented and disclosed in the financial statements, 
    and does not include information that the auditor is prohibited from providing 
    by law and regulations or other standards, or information that is required to be 

    provided by management.

    Application activity 14.2

    1. Explain unmodified auditor’s report.

    2. Identify three (3) types of modified auditor’s opinions.

    Skills lab activity 14

    In learning group, teacher presents to their students an unmodified audit 
    report in which some elements are missing, ask them to discuss about it. 
    Through discussions, the students must discover the missing elements 

    and rewrite the appropriate report. 

    End unit 14 assessment
    1. What is the importance of audit report to audited company?
    2. Explain two main types of audit report.
    3. Explain the basic elements of an audit report
    4. Define the term audit report
    5. Explain emphasis of matter paragraphs.
    6. Outline the qualities of a good audit report.
    7. What are the auditable finanancial statements

    References

    1. International, E. W. (2015). Audit and Assurance . Berkshire- United 

    Kingdom: Emile Woolf International.

    2. MANAS’SEH, P. N. (2000). PRINCIPLES OF AUDITING . NAIROBI: 

    McMore Accounting Books.

    3. MEDIA, B. L. (2009). AUDIT AND ASSURANCE (INTERNATIONAL).

    London: BPP Learning Media Ltd.

    4. MEDIA, B. L. (2019). Audit and Assurance . London: BPP Learning Media 

    Ltd .

    5. MEDIA, B. L. (2020). Audit and Assurance . London : BPP Learning Media.

    6. Sagwa, P. N. (2015). Auditing and Assurance . Nairobi-Kenya: Manifested 

    Publishers Ltd.

    7. SALEEMI, N. A. (1997). AUDITING SIMPLIFIED . NAIROBI, KENYA: Uni-Trade Printers Ltd