ACCA noter answer paper f8 acca f8 int aa final assessment answers june09

• In practice, the work of internal audit often focuses on the adequacy and effectiveness of internal control procedures for the prevention, detection and reporting of fraud and error..

ACCA Paper F8 (INT)

Audit and Assurance

June 2009

Final Assessment – Answers

To gain maximum benefit, do not refer to these answers until you have completed the final assessment questions and submitted them for marking

© Kaplan Financial Limited, 2008

All rights reserved No part of this examination may be reproduced or transmitted in any form

or by any means, electronic or mechanical, including photocopying, recording, or by any information storage and retrieval system, without prior permission from Kaplan Publishing

ANSWER 1 Marks

(a) Weakness

• Management override

• Lack of proper consultation or appraisal in respect of acquisition of

non-current assets

Consequences

• Weak control environment may encourage breaches of the control system

• Assets surplus to requirements/inappropriate assets acquired/assets for

personal use

• Adverse impact on cash flow

• Over-gearing

Weakness

• No formal policy in respect of obtaining quotes for major items of expenditure

Consequences

• Assets may not be acquired on the most favourable terms

Weakness

• No physical checks between assets and register

Consequences

• Assets may not exist/disposals not recorded

• Assets may not be recorded

• Assets which need to be written down may not be identified

14

(b) (i) Consequences

• Unauthorised/incorrect changes may be made, resulting in late

payment and loss of supplier goodwill and/or non-existent suppliers

• No evidence of changes which should have been made

Recommendations

• All amendments should be recorded on standard forms which should

be authorised by the financial controller and evidenced by signature

The suppliers' details should have high level password protection, and the amendments should not be undertaken by the purchase ledger clerk

• Printouts of amendments should be obtained and checked by the

financial controller, and evidenced by signature

Marks

• Supplier details should be checked, periodically, on a one-for-one

basis independently of the ledger clerk

(ii) Consequences

• The reconciliation may not be undertaken

• Unauthorised payments may not be prevented or detected

• Unrecorded liabilities may not be identified on a timely

basis/purchases and payments may not be recorded in the correct period

Recommendations

• The reconciliation should be performed independently of the

purchase ledger clerk

• It should be reviewed by a responsible official, and signed as

evidence of review

• All suppliers' statements should be retained until the completion of

the audit

(iii) Consequences

• Claims may be made for excessive amounts or expenses which have

not been incurred

• Recovery of input VAT could be jeopardised, and excessive

disallowance of such expenditure for Corporation Tax purposes

Recommendations

• All expense claims should be on standard claim forms, and

supported by receipts which should be countersigned and cancelled

to prevent resubmission

• All employees should be informed, in writing, of the breach in

company procedure

16

30

Marking guide – 1 mark per point (1/2 mark if not well explained)

ANSWER 2 Marks

(a) Internal audit function

• The internal audit function in any entity is part of the overall corporate

governance function of an entity Corporate governance objectives include the management of the risks to which the entity is subject that would prevent

it achieving its overall objectives such as profitability Corporate governance objectives also include the overarching need for the management of an entity

to exercise a stewardship function over the entity’s assets

• A large part of the management of risks, and the proper exercise of

stewardship, involves the maintenance of proper controls over the business

Controls over the business as a whole, and in relation to specific areas, include the effective operation of an internal audit function

• Internal audit can help management manage risks in relation to fraud and

error, and exercise proper stewardship by:

− commenting on the process used by management to identify and

classify the specific fraud and error risks to which the entity is subject (and in some cases helping management develop and implement that process)

− commenting on the appropriateness and effectiveness of actions

taken by management to manage the risks identified (and in some cases helping management develop appropriate actions by making recommendations)

− periodically auditing or reviewing systems or operations to determine

whether the risks of fraud and error are being effectively managed

− monitoring the incidence of fraud and error, investigating serious

cases and making recommendations for appropriate management responses

• In practice, the work of internal audit often focuses on the adequacy and

effectiveness of internal control procedures for the prevention, detection and reporting of fraud and error Routine internal controls (such as the controls over computer systems and the production of routine financial information) and non-routine controls (such as controls over year-end adjustments to the financial statements) are relevant

• It should be recognised, however, that many significant frauds bypass normal

internal control systems and that, in the case of management fraud in particular, much higher level controls (those relating to the high level governance of the entity) need to be reviewed by internal audit in order to establish the nature of the risks and to manage them effectively

5

(b) External auditors: fraud and error in an audit of financial statements

• External auditors are required by ISA 240 The Auditor’s Responsibility to

material misstatements in the financial statements due to fraud Their audit procedures will then be based on a risk assessment Regardless of the risk assessment, auditors are required to be alert to the possibility of fraud throughout the audit and to maintain an attitude of professional scepticism, notwithstanding the auditors’ past experience of the honesty and integrity of management and those charged with governance Members of the engagement team should discuss the susceptibility of the entity’s financial statements to material misstatements due to fraud

Marks

• Auditors should make enquiries of management regarding management’s

assessment of fraud risk, its process for dealing with risk, and its communications with those charged with governance and employees They should enquire of those charged with governance about the oversight process

• Auditors should also enquire of management and those charged with

governance about any suspected or actual instance of fraud

• Auditors should consider fraud risk factors, unusual or unexpected

relationships, and assess the risk of misstatements due to fraud, identifying any significant risks Auditors should evaluate the design of relevant internal controls and determine whether they have been implemented

• Auditors should determine an overall response to the assessed risk of

material misstatements due to fraud and develop appropriate audit procedures, including testing certain journal entries, reviewing estimates for bias, and obtaining an understanding of the business rationale of significant transactions outside the normal course of business Appropriate management representations should be obtained

• External auditors are only concerned with risks that might cause material

error in the financial statements External auditors might therefore pay less attention than internal auditors to small frauds (and errors), although they must always consider whether evidence of single instances of fraud (or error) are indicative of more systematic problems

• It is accepted that, because of the hidden nature of fraud, an audit properly

conducted in accordance with ISAs might not detect a material misstatement

in the financial statements arising from fraud In practice, routine errors are much easier to detect than frauds

• Where auditors encounter suspicions or actual instances of fraud (or error),

they must consider the effect on the financial statements, which will usually involve further investigations They should also consider the need to report to management and those charged with governance

• Where serious frauds (or errors) are encountered, auditors need also to

consider the effect on the going concern status of the entity, and the possible need to report externally to third parties, either in the public interest, for national security reasons, or for regulatory reasons Many entities in the financial services sector are subject to this type of regulatory reporting and many countries have legislation relating to the reporting of money laundering activities, for example

5

10

Marking guide – 1 mark per point (½ mark if not well explained)

ANSWER 3

(a) Audit risk

Meaning

‘Audit risk’ is the risk that an auditor forms an inappropriate audit opinion on the

financial statements It has three components: inherent risk, control risk and detection

risk The following equation represents the relationship:

Audit risk = Inherent risk × Control risk × Detection risk

Why is it important?

If inherent risk is high, there is greater potential for material misstatement in the

financial statements This risk of misstatement is reduced if control risk is low, i.e the

accounting and internal control systems of the enterprise are effective in detecting

and correcting errors arising

Detection risk is under the control of the auditor and dependent on the assessment of

inherent and control risk In the audit risk model, detection risk is the balancing figure

to satisfy the ultimate risk accepted

As the auditor is at risk from non-detection of material misstatements, testing should

be concentrated on the material/high risk items This results in more efficient use of

resources

Risk is a principal determinant of the audit approach and materiality For example:

• if detection risk is to be rendered low (e.g because inherent and control risk

are high), this could mean more substantive procedures (e.g larger samples)

to ensure that the financial statements are not materially misstated

• if control risk is evaluated as being low (through tests of controls) then, as

expected, the level of substantive procedures will be reduced

The level of risk affects the nature and timing of audit work as well as its extent For

example, when risk is increased more reliable evidence should be sought, e.g more

independent/third party evidence

(b) Potential risk Why a risk

• Richard Pine, the

new audit manager, is from the property and service client base

• Errors in the financial statements may be

missed due to Richard’s non-familiarity with the Carnes’s business

• The Carnes are

expecting ‘another quick audit’

• Richard is likely to need to carry out more

work than usual to become familiar with the client This may be interpreted by the Carnes as mistrust, with the consequence that they are reluctant to volunteer

assistance

• The business is

run and managed

by a husband and wife team

• There is a limited scope for supervisory or

authorisation controls

• Those controls in place are likely to be

unreliable due to the risk of management override

• There has been a

loss of revenue from the original farming operations, which the Carnes are addressing by diversification

• The loss of revenue from the original

business may threaten the viability of the farm as a going concern

• Although the Carnes are addressing this by

diversification, the process of change also carries a risk as it involves adapting to new markets and learning new skills

• The Carnes are

raising organically fed geese as an alternative to turkey

• This source of revenue assumes that

customers of the meat distributors used can

be persuaded to change from the traditional turkey There is a significant possibility that this market will not materialise

• Organic food supplies for the geese will

carry a higher price tag There is no evidence to suggest that John Carnes has evaluated if this cost can be recouped It is possible that, in spite of generating

revenue, the sale of geese may realise no overall profit

• This is a markedly seasonal business

Income will have ceased before the first holidaymakers arrive in May, thereby putting a strain on the servicing of debt

• Pastures are being

let for sheep grazing

• If John Carnes has entered into contracts

for the supply of grazing, this could prohibit future expansion of holiday/fishing facilities

by restricting the availability of land

• As these are the most successful elements

of Golden Pond Fisheries, their curtailment could threaten the going concern status of the company

• If no such contracts exist, then grazing

revenues could cease at any time – there is

no evidence that such a prospect has been considered

Potential risk Why a risk

appears to imply that blue carp are

to be imported illegally

• Any such breach of import regulations –

when discovered – will result in severe penalties, extending to fines, quarantine of stocks, etc

• The consequence would be a loss of

revenue and reputation in the core business

• The importing of alien species will threaten

existing stocks with diseases and parasites

to which they are not resistant

cottages are a seasonal business

• Cash flow will fluctuate widely over a

12-month period This places strain on debt repayment terms

of the holiday cottages was financed by borrowing

• Financing a business by way of borrowing

always carries the risk that repayment of capital and interest could cease in less successful periods

• The provider of finance will want a review of

the financial statements, increasing the risk

of management bias in preparing the financial statements to show a favourable position

• Accounting records

are maintained on

a PC

• The use of a PC, with its associated risks of

data corruption and lack of sufficient controls, increases the risks regarding the completeness and accuracy of accounting records

• The amount of

paperwork has decreased

• Audit trail may be lost without hard copies,

increasing the risk that insufficient evidence will be available

• Data has recently

been transferred to the computer system

• Increased risk of errors due to inaccurate

transfer of data onto the PC

• Claire trained as a

bookkeeper 30 years ago

• Claire’s bookkeeping training may prove to

be of limited advantage as there has been

a significant amount of change over recent years Again, this reduces confidence in the accuracy of the financial statements

• Part-time staff are

employed for six months of the year and are paid in cash

• It is important to ensure that these

individuals appear on the payroll, and that tax and insurance regulations have been complied with

• Insufficient records may be available due to

the cash nature of transactions

Potential risk Why a risk

• The current audit

firm has resulted from a merger of two firms with very different client bases from different parts of the country

• It will take time to create and adopt a truly

uniform audit approach, and this will increase the detection risk associated with all work undertaken

• This arises from non-familiarity, and

increases the risk of procedures being omitted or conducted inefficiently

• Mergers of any type always increase the

risk of ‘culture clashes’, and this can reduce the efficiency of audit work undertaken

MARKING GUIDE

(b) Potential audit risks (1/2 mark for risk, ½ mark for

ANSWER 4

(a) It is the directors’ responsibility to assess the company’s ability to continue as a going

concern when they are preparing the financial statements If they are aware of any material uncertainties that may affect this assessment, then they are required to disclose such uncertainties in the financial statements

The auditor, when performing the going concern review, should determine how well the directors have performed this assessment and whether they have taken all relevant factors into consideration

Auditors should generally look ahead at least one year from the date of the directors’ approval of the accounts, in assessing the validity of the going concern basis

• The auditors will need to satisfy themselves that the going concern

assumption is reasonable

• Auditors should not assume that the going concern concept will continue to

apply, but need to regularly conduct a specific examination of the relevant factors to reach a decision

• This will involve an overall review of financial factors, preferably before the

client’s year end, in order to establish whether there are factors which cast doubt on the going concern basis

• If there are, further investigation is required

(b) (i) Issues to consider (only ten were required)

Issues that the audit manager should have considered when assessing whether or not Caffyn is a going concern are as follows:

• Has the company been relying heavily on short-term finance?

• Does the company’s market share seem to be declining?