Summary AUE3701 notes latest exam prep.

Objective of an audit  To obtain reasonable assurance about whether financial statements are free from material misstatement due to fraud or error, enabling the auditor to express an opinion on whether financial statements are prepared in accordance with applicable financial reporting framework.  To report on the financial statements and communicate in accordance with the auditor’s findings. NOTES TO DEFINITION: To give assurance is to give someone confidence Reasonable assurance = an appropriate level of confidence Misstatement = information is not accurate or is omitted Material = something is material if it’s going to affect a user’s judgement Error = mistake, unintentional misstatement Fraud = intentional misstatement Business risk = company has 3 options to deal with business risk  Accept risk and do nothing  Transfer risk e.g. insurance  Mitigate risk e.g. put controls in place The auditor is only concerned with what can go wrong on in financial statements Benefits of being audited - Third parties can rely on the financial statements, they are more likely to “trust” audited financial statements - SARS accepts audited financial statements for tax calculation - Auditor can give valuable business/tax advice - Employees and/or management will be afraid to commit fraud Audit process 1. Pre-engagement  Auditor decides whether or not to take on client: do you want to? And are you able to? Engagement letter? 2. Planning  Identify and assess the risk of material misstatement, e.g. what can go wrong in the financial statements  Plan how to respond to this risk 3. Risk response  Gather audit evidence  Do test of controls and substantive procedures or only substantive procedures  Do further audit procedures 4. Evaluating and concluding  Auditor express opinion on the presentation of the financial statements PRE-ENGAGEMENT IS: 1. Investigate the client 2. Determine the skills, competence and resources of audit firm 3. Establish the terms of engagement(new clients) Stage 1 Pre-engagement activities  Each year you decide whether or not to do the audit even if you audited the client before  Do you want to perform audit?  Are you able to perform audit?  These activities happen before the actual audit  If you decide to accept a new client you define the terms of engagement (in a contract called an ‘engagement letter’)  Information obtained in the pre-engagement stage can be used in planning stage(risk assessment)  Considerations  Evaluate management and director competence/integrity  Compliance with laws  Did the company have fraud cases, scandals  Does the company follow good corporate governance, king IV  Adherence to IFRS  Assess auditor independence and objectivity (CPC)  Assess whether the auditor has enough time, resources and competence to complete the audit  Does the auditor want to be associated with the client, e.g. big 4 does not want to audit ‘adult world’  Communicate with previous auditor (new client), competence/integrity of previous auditor  Client’s ability to pay for audit fee  Likelihood of retaining client more than 1 year  Assess if there is any conflict of interest with existing client , e.g. auditor cannot take on Shoprite and pick’n pay because they are competitors and they do not want their trade secrets to be leaked  Discuss terms of engagement with management and prepare ‘engagement letter’  Everything is documented including criteria used to accept client  Actions and considerations:  Actions = ‘assess’ , ‘document’, ‘discuss’ Engagement letter must be signed by company (director, CFO) and the audit firm (partner) Computerised environment  IT general controls  Application controls  Automated controls, manual dependent controls, manual independent controls Internal control = process design, implemented and maintained by those charged with governance to provide reasonable assurance about the achievement of entity’s objectives General controls = controls that relate to the overall information processing environment IT general controls = controls for overall computer environment Application controls = specific controls within a cycle, e.g. payroll cycle Manual = done by human not computer Manual independent controls = done by human, without help of computer Manual dependent controls = done by human, with the help of a computer Automated controls = done by computer by itself, no human help Components of IT general controls 1. Control environment 2. Systems development and implementation 3. Access controls 4. Continuity of operations 5. System software and operations 6. Documentation 2). Systems development and implementation controls  Software and information systems are always changing  What can go wrong if you are changing your accounting software system:  Expense = it can be very costly to implement a new IT system  Suitability = make sure to get the correct system suited for your organisation  Errors = if system is not set up correctly, may give errors  Understanding = employees don’t understand the new system  Integrity of data transferred = make sure data from previous system does not get lost, or damage  Program change controls – making changes to existing system or application