PROBLEM 1 Auditing assurance
(a). The nature of auditing and accounting has changed dramatically over recent years as a result of environmental changes. However, these disciplines are still defined by the
Auditing is the process of providing assurance about the reliability of the information contained in a financial statement prepared in accordance with generally accepted accounting principles or other rules. The financial statements are first and foremost the
responsibility of the management of the reporting entity. But the independent auditor plays a crucial role in financial reporting. Users of financial statements expect external auditors to bring to the reporting process technical competence, integrity, independence and objectivity The main objective of an audit of financial statement is to enable the auditor to express an opinion on whether the overall financial statements (the information being verified) are prepared, in all material respects, in accordance with an identified financial reporting framework The financial statements most often included are the statement of financial position, income statement and statement of cash flows, including accompanying footnotes. Assurance services will be an advantage to all business reporting. That includes all information flows to parties whose decisions affect an entity – including investors, creditors, management, employees, customers, and governmental bodies. Managers in charge of business decisions seek assurance services to help improve the reliability and relevance of the information used as the basis for their decisions. Assurance services are valued because the assurance provider is independent and perceived as being unbiased with respect to the information examined.
(b)Code of Ethics
The Code of Ethics states the principles and expectations governing the behavior of individuals and organizations in the conduct of internal auditing. It describes the minimum requirements for conduct, and behavioral expectations rather than specific activities A code of ethics is necessary and appropriate for the profession of auditing, founded as it is on the trust placed in its objective assurance about governance, risk management, and control.
Other fundamental principles applied by professional
accountants in public practice (auditors) are’;
- Professional Appointment
-Conflicts of Interest-An auditor should be alert to any circumstances that ---could pose a conflict of interest
-Fees and Other Types of Remuneration
-Independent in mind and independent in appearance
(a) During the planning stage, an auditor will gain an understanding of their client, their client’s internal controls, their client’s information technology (IT) environment, their client’s corporate governance environment, and their client’s closing procedures. An auditor will identify any related parties, factors that may affect their client’s going concern status, and significant accounts and classes of transactions that will require close audit attention to gauge the risk of material misstatement.
The audit process is generally a ten-step procedure as outlined below.
1. NotificationFirst, you will receive a letter to inform you of an upcoming audit. The auditor will send you a preliminary checklist. This is a list of documents (e.g. organization charts, financial statements) that will help the auditor learn about your unit before planning the audit.
2. PlanningAfter reviewing the information, the auditor will plan the review, conduct a risk workshop primarily to identify key risks and raise risk awareness, draft an audit plan, and schedule an opening meeting.
3.Opening MeetingThe opening meeting should include senior management and any administrative staff that may be involved in the audit. During this meeting, the scope of the audit will be discussed. You should feel free to ask the auditors to review areas that you are concerned about. The time frame of the audit will be determined, and you should discuss any potential timing issues (e.g. vacations, deadlines) that could impact the audit. It doesn't take as much of your time as you might expect!
4.CommunicationThroughout the process, the auditor will keep you informed, and you will have an opportunity to discuss issues noted and the possible solutions.
5.Report DraftingAfter the fieldwork is completed, the auditor will draft a report. The report consists of several sections and includes: the distribution list, the follow-up date, a general overview of your unit, the scope of the audit, any major audit concerns, the overall conclusion, and detailed commentary describing the findings and recommended solutions. You should read the draft report carefully to make sure there are no errors. If you find a mistake, inform the auditor right away so that it can be corrected before the final report is issued.
6.Management ResponseOnce the report is finalized, we will request your management responses. The response consists of 3 components: whether you agree or disagree with the problem, your action plan to correct the problem, and the expected completion date.
7.Closing MeetingA closing meeting will be held so that everyone can discuss the audit report and review your management responses. This is an opportunity to discuss how the audit went and any remaining issues.
8.Report DistributionThe report is then distributed to you, your manager(s), senior university administrators, internal audit, and the university's external auditors. We also distribute an audit survey to the audited unit to solicit feedback about the audit. Feedback is important to us, since it can help us improve the audit process.
9.Follow-UpFollow-up reviews are performed on an issue-by-issue basis and typically occur shortly after the expected completion date, so that agreed-upon corrective actions can be implemented. The purpose of the follow-up is to verify that you have implemented the agreed-upon corrective actions. The auditor will interview staff, perform tests, or review new procedures to perform the verification. You will then receive a letter from the auditor indicating whether you have satisfactorily corrected all problems or whether further actions are necessary. If further corrective action is required, you will need to write a management response. Otherwise, the issue will be reported as resolved.
(b) Materiality and Audit Risk
Materiality refers to quantative and qualitative omissions or misstatements that make it probable the judgment of a reasonable person would have been changed or influenced. The auditors' responsibility when conducting an audit is to provide reasonable assurance that the financial statements are fairly presented in all material respects. Financial statements are materially misstated when they contain misstatements whose effect, individually or in the aggregate, results in financial statements that are not fairly presented. The auditor's consideration of materiality is a matter of professional judgment and is influenced by the auditor's perception of the needs of users of financial statements.
Tolerable misstatement is the maximum error in a population (for example,
the class of transactions or account balance) that the auditor is willing
to accept. This term may be referred to as tolerable error in other standards.
Auditors may consider the following factors to allocate planning materiality:
- The cost of collecting evidence for a particular account,
- The competency of evidence available for a particular account,
- Expected misstatement,
- Size of account balances, and
- Relevance of the account balances to user decisions.
The auditor should determine a materiality level for the financial statements
taken as a whole when establishing the overall audit strategy for the
Audit risk is the risk that an auditor will fail to modify his or her opinion when the financial statements contain a material misstatement. For each line in the financial statements, auditors want audit risk to be low for each assertion. The auditor should assess the risk of material misstatement at the relevant assertion level as a basis for further audit procedures. Examples of audit risk include:
1. Detection risk is the risk that the auditor will not detect a misstatement
that exists in a relevant assertion that could be material, either individually or when aggregated with other misstatements.
2. Control risk is the risk that a misstatement that could occur in
a relevant assertion and that could be material, either individually or
when aggregated with other misstatements, will not be prevented or
detected on a timely basis by the entity's internal control
3. Inherent risk is the susceptibility of a relevant assertion to a misstatement
that could be material, either individually or when aggregated
with other misstatements, assuming that there are no related
Audit evidence is all the information used by the auditor in arriving at the conclusions on which the audit opinion is based and includes the information contained in the accounting records underlying the financial statements and other information. Auditors are not expected to examine all information that may exist. Audit evidence, which is cumulative in nature, includes audit evidence obtained from audit procedures performed during the course of the audit and may include audit evidence obtained from other sources, such as previous audits and a firm's quality control procedures for client acceptance and continuance. Management is responsible for the preparation of the financial statements based on the accounting records of the entity. The auditor should obtain audit evidence by testing the accounting records, for example, through analysis and review, re-performing procedures followed in the financial reporting process, and reconciling related types and applications of the same information.
Other information that the auditor may use as audit evidence includes
minutes of meetings; confirmations from third parties; industry analysts' reports;
comparable data about competitors (benchmarking); controls manuals;
information obtained by the auditor from such audit procedures as inquiry, observation,
and inspection; and other information developed by or available tothe auditor that permits the auditor to reach conclusions through valid reasoning. Methods of obtaining Audit Evidence
Audit evidence is one of the basic principles that govern an audit. There are various methods that can be adopted to obtain audit evidence. The most common ones include:
- Inspection This is the most efficient method of obtaining audit evidence. Inspection refers to checking all the documents, records, and physical assets. The reliability of these documents and records depends upon the nature and effectiveness of internal control.
- Observation Another important method of obtaining audit evidence is observation. This method involves the auditor to look at a process of procedure being executed by others. This method can be exemplified by the auditors’ presence at the clients’ physical stock count.
- Inquiry and confirmation The two aspects of this method include searching about the info from a knowledgeable person inside or outside the company, and responding to any inquiry to substantiate information in the accounting records. These responses might provide the auditor with info which is not previously possessed by him or even with corroborative evidence.
- Computation This method of obtaining evidence involves the examination of arithmetical accuracy of source documents and accounting records. The method might also involve performing individual calculations.
- Analytical review This method involves conducting a study of important ratios and trends and examining unusual fluctuations and items.
Sufficiency is the measure of the quantity of audit evidence. Appropriateness is the measure of the quality of audit evidence, that is, its relevance and its reliability in providing support for, or detecting misstatements in, the classes of transactions, account balances, and disclosures and related assertions. The auditor should consider the sufficiency and appropriateness of audit evidence to be obtained when assessing risks and designing further audit procedures.
The quantity of audit evidence needed is affected by the risk of misstatement
(the greater the risk, the more audit evidence is likely to be required) and also by the quality of such audit evidence (the higher the quality, the less the audit evidence that may be required). Accordingly, the sufficiency and appropriateness of audit evidence are interrelated.
The reliability of audit evidence is influenced by its source and by its nature and is dependent on the individual circumstances under which it is obtained. Generalizations about the reliability of various kinds of audit evidence can be made; however, such generalizations are subject to important exceptions
Opinion is said to be unqualified when the Auditor concludes that the Financial Statements give a true and fair view in accordance with the financial reporting framework used for the preparation and presentation of the Financial Statements. An Auditor gives a Clean opinion or Unqualified Opinion when he or she does not have any significant reservation in respect of matters contained in the Financial Statements. The most frequent type of report is referred to as the "Unqualified Opinion", and is regarded by many as the equivalent of a "clean bill of health" to a patient, which has led many to call it the "Clean Opinion", but in reality it is not a clean bill of health, because the Auditor can only provide reasonable assurance that there are no material misstatements within the Financial Statements. This type of report is issued by an auditor when the financial statements presented are free of material misstatements and are represented fairly in accordance with the Generally Accepted Accounting Principles (GAAP), which in other words means that the company's financial condition, position, and operations are fairly presented in the financial statements. It is the best type of report an auditee may receive from an external auditor.Mr. J.J westwards should not worry because:
An Unqualified Opinion indicates the following –
(1) The Financial Statements have been prepared using the Generally Accepted Accounting Principles which have been consistently applied;
(2) The Financial Statements comply with relevant statutory requirements and regulations;
(3) There is adequate disclosure of all material matters relevant to the proper presentation of the financial information subject to statutory requirements, where applicable;
(4) Any changes in the accounting principles or in the method of their application and the effects thereof have been properly determined and disclosed in the Financial Statements.
(B) Qualified audit opinionA qualified audit opinion is given in an audit if the auditor disagrees with the treatment or disclosure of information in the financial statements, or if the auditor does not feel that the audit has been too limited in its scope.The implication an auditor to issue this opinion
(i) Single deviation from GAAP – this type of qualification occurs when one or more areas of the financial statements do not conform with GAAP but do not affect the rest of the financial statements from being fairly presented when taken as a whole. Examples of this include a company dedicated to a retail business that did not correctly calculate the depreciation expense of its building. Even if this expense is considered material, since the rest of the financial statements do conform with GAAP, then the auditor qualifies the opinion by describing the depreciation misstatement in the report and continues to issue a clean opinion on the rest of the financial statements.
(ii) Limitation of scope – this type of qualification occurs when the auditor could not audit one or more areas of the financial statements, and although they could not be verified, the rest of the financial statements were audited and they conform GAAP. Examples of this include an auditor not being able to observe and test a company's inventory of goods. If the auditor audited the rest of the financial statements and is reasonably sure that they conform with GAAP, then the auditor simply states that the financial statements are fairly presented, with the exception of the inventory which could not be audited .
(iii) The company misstated or misclassified an accounting entry (e.g., an expense item that should have appeared above the Income Statement gross profit line is inappropriately listed below gross profit, resulting in misleading gross profit and gross margin figures)
Post audit activities -This section outlines the activities undertaken by the auditors after the investigative phase, starting with preparation of the audit report through to assisting management with corrective action and eventual close-out of the audit.
Post audit activities include:
- Report writing
- Submitting the report and requesting a response
- Evaluating the response
- Assisting with the action plan
- Verifying corrective action has been taken and is effective
- Close out.
The audit report is normally available within two weeks of the closing meeting. Although organizations differ in what they want to see within the report, it should always include the findings as they were presented at the closing meeting and should be signed by the lead auditor. It should be a true record of the audit. The audit report may become a public document
Requesting a Response
The report is submitted to the auditee management via the 'client', i.e. the function or department that commissioned the audit. In most cases, the client requests a response from the auditee. The response might consist of a simple commitment to rectify problems identified by a certain date or might take the form of a fully developed action plan.
Evaluating the Response
It is recommend that the auditor is involved in evaluating the auditee's response to the report. Their role is to ensure that the auditee has correctly interpreted the findings and to make a judgement as to whether or not the proposed corrective action is an appropriate response to the deficiences observed.
Assisting with the Action Plan
Any further involvement of the auditors will depend on the nature of the corrective action proposed and the auditors' related technical expertise.It is possible that the auditors' findings result in the process owner initiating a process improvement project, involving a more indepth analysis of the process characteristics. In this case, the auditors' first hand knowledge of the deficiencies may be of value to the project
Verifying Effectiveness of the Corrective Action
Verifying the effectiveness of the corrective action may involve observing or sampling a part of the process to see that problems identified during the audit have been rectified, or it may involve a re-audit of the process.
Close Out-Close out is achieved once all parties are satisfied that no further corrective action in relation to the audit observations needs to be.
1. To ensure that the audit results are clearly communicated to the appropriate levels of management.
2. To ensure that all audit findings are addressed by management through the implementation of a formal corrective action process
3. To evaluate the effectiveness of the audit and provide suggestions for improving future efforts.
4. To share lessons learned during the audit, especially to similar facilities.
(A) internal control
It is defined as a process effected by an organization's structure, work and authority flows, people and management information systems, designed to help the organization accomplish specific goals or objectives. It is a means by which an organization's resources are directed, monitored, and measured. It plays an important role in preventing and detecting fraud and protecting the organization's resources, both physical and intangible
(b)limitations of internal controls
internal controls are measures taken by an organization for various purposes, such as protecting its resources against waste, fraud, and inefficiency; ensuring accuracy and reliability in accounting and operating data; securing compliance with the organization's policies; and evaluating the level of performance in its organizational units. Internal controls also help ensure the organization complies with laws and regulations, avoiding damage to its reputation and other consequences.
Limitations of Internal Controls:
No matter how well internal controls are designed, they can only provide reasonable assurance that objectives have been achieved. Some limitations are inherent in all internal control systems. These include:
The effectiveness of controls will be limited by decisions made with human judgment under pressures to conduct business based on the information at hand.
Even well designed internal controls can break down. Employees sometimes misunderstand instructions or simply make mistakes. Errors may also result from new technology and the complexity of computerized information systems.
3. Management Override:
High level personnel may be able to override prescribed policies and procedures for personal gain or advantage. This should not be confused with management intervention, which represents management actions to depart from prescribed policies and procedures for legitimate purposes.
Control systems can be circumvented by employee collusion. Individuals acting collectively can alter financial data or other management information in a manner that cannot be identified by control systems.
professionals who are broadly evaluating their career options will exercise an
appropriate level of skepticism while performing audits prior to their departure from the
firm.A former firm professional now employed by the client cannot circumvent the audit
because of familiarity with its design, approach, or testing strategy; and the remaining members of the audit team maintain objectivity when evaluating the work and representations of a former firm professional now employed by the audit client.
The procedures should be adapted depending on several factors, including whether the
professional served as a member of the audit team, the positions he or she held at the firm and
has accepted at the client, the length of time that has elapsed since the professional left the
firm, and the circumstances of his or her departure.
The standard also specifies the circumstances under which capital and retirement balances
owed to the departing professional should be liquidated or settled to preserve the firm’s
independence. If a professional accepts employment with the audit client, the on-going engagement team gives active consideration to the appropriateness or necessity of modifying the audit plan to adjust for risk of circumvention
The following are circumstances where professional accountants are or
may be required to disclose confidential information or when such
disclosure may be appropriate:
(a)Disclosure is permitted by law and is authorized by the client or the employer
(b)Disclosure is required by law, for example:
-Production of documents or other provision of evidence in the course of legal proceedings; or
(C)Disclosure to the appropriate public authorities of infringements of the law that come to light; and
(d)There is a professional duty or right to disclose, when not prohibited by law:
-To comply with the quality review of a member body or professional body;
-To respond to an inquiry or investigation by a member body
or regulatory body;
-To protect the professional interests of a professional
accountant in legal proceedings; or
(e)To comply with technical standards and ethics requirements if any.
Professional ethicsProfessional people and those working in acknowledged professions exercise specialist knowledge and skill. How the use of this knowledge should be governed when providing a service to the public can be considered a moral issue and is termed professional ethics e.g accountants. Professionals are capable of making judgments, applying their skills and reaching informed decisions in situations that the general public cannot, because they have not received the relevant training
Auditors are expected to apply and uphold the following principles .Some of the professional ethics guiding the conduct of accountants by (ACCA) are:
A professional accountant should be straightforward and honest in all professional and
A professional accountant should not allow bias, conflict of interest or undue influence of
others to override professional or business judgments.
(c) Professional Competence and Due Care
A professional accountant has a continuing duty to maintain professional knowledge and
skill at the level required to ensure that a client or employer receives competent
professional service based on current developments in practice, legislation and
A professional accountant should respect the confidentiality of information acquired as a
result of professional and business relationships and should not disclose any such
information to third parties without proper and specific authority unless there is a legal or
professional right or duty to disclose.
(e) Professional Behavior
A professional accountant should comply with relevant laws and regulations and should
avoid any action that discredits the profession.
(a)At times, upon completion of a financial audit, the auditor may have a need to express written concerns to the Directors (outside of the audit itself) outlining deficiencies/issues pertaining to the financial management of the association Management letters serve to identify the area and to propose improvements to resolve problems and strengthen operations. These concerns, with noted recommendations, would come in the form of a management letter. management letter is an analysis of findings prepared by a certified public accountant as part of an auditor’s report to a company’s board of directors. An auditor’s report is a though, third party review of a company’s bookkeeping practices and financial position along with the preparation of financial statements, including a balance sheet, income statement, and statement of cash flows. Other sorts of reports in different contexts can include a summary address to readers called a management letter, but the most common use is as part of a formal audit report.
(B)sample of management letter
MM Motor limited
Certified public accountants
management letter for the year ended 30th June 2012
25 June 2012,
The executive Board,
p.o.box 235-00100 Nairobi
Observations and Recommendations
We have recently completed our independent examination of books of accounts that were prepared by the management. we wish to let the users of the financial documents that we audit that our responsibity was to examine and form an opinion concerning such, we planned and did our examinations of financial without infringement of our independence
The financial statements we audited were actually prepared as per GAAP and that there were no reservations not believe on them as true and fair.
Under generally accepted auditing standards, we are encouraged to report on significant deficiencies in the design or the operation of the internal control structure that of our client, the auditor's judgment, could adversely affect the organization's ability to record, process, summarize, and report financial data consistent with the assertions of management in the financial statements. In addition, auditors are encouraged to report, in a separate management letter, less material
Property and Equipment
Although it taken some steps to improve internal controls related to property and equipment, we continued to find issues. For instance, accountability for property located at field offices has been a long-standing issue. In prior years, management did not perform physical inventories of capitalized property at all of its field offices, which was corrected in 2010. However, the inventory identified had numerous pieces of equipment either lacked or had incorrect fixed asset identification numbers. These issues were not addressed in a timely manner.
In case of any inquiries, please conduct us via firstname.lastname@example.org or our postal address