Session2 solutions

Self study questions

3.11 Explain the relationship between the risk assessment, risk response and reporting
phases of an audit.
Planning is an ongoing process during the audit because the plan is modified if necessary
based on the results of the audit procedures. Planning an audit usually precedes the risk
response phase, and the reporting phase is last stage of the audit.
The risk assessment phase includes gaining an understanding of the client, identifying
significant accounts and transactions, setting planning materiality, identifying the factors that
can go wrong in the audit, gaining an understanding of key internal controls and developing
an audit strategy. Risk assessment is in the first phase of audit
Planning an Audit of a Financial Report requires an auditor to plan their audit to reduce audit
risk to an acceptably low level. Therefore, the auditor must identify the risks to the audit so
that the auditor can plan to gather the evidence required to reduce those risks.
Effective and efficient planning ensures that sufficient appropriate evidence is gathered for
those accounts at most risk of material misstatement.
3.13 List and briefly explain the key factors that the auditor would consider during
preliminary risk assessment.
The auditor would consider the following factors during preliminary risk assessment:
1. Understand the client consider issues at the entity, industry, and economy level. What
does the client do? How does the client function? What is its ownership structure and sources
of finance? Who are its customers and suppliers? Does it import or export? How does the
client adapt to changes in technology? Is it liable for warranties? What are its operations?
Who are its employees? What industry does it operate in? What are the industrys issues
competition, government support, demand and supply constraints? How does the economys
health affect the client?
2. Identify related parties (ASA 550) who are the related parties, including parent
companies, subsidiaries, joint ventures and associates?
3. Fraud risk factors indicating high risk of fraud, identify incentives, pressures, and
opportunities for fraud, management attitudes (ASA 240)
4. Going concern risk risk and mitigating factors, is it appropriate to assume that the client
will remain as a going concern?
5. Corporate governance board structure, listing status, audit committee is governance
likely to be effective?

6. Understand internal controls what are the control risks, how will auditor gain an
understanding of the system?
7. Understand IT environment risks to processes, security, changes, and controls
8. Significant accounts identify so that enough time spent on testing these accounts
9. Significant classes of transactions - identify so that enough time spent on testing these
transactions
10. Closing procedures types of procedures, monitoring, pressure on results
Set planning materiality For all questions, define what will be considered to be a material
misstatement or risk
3.14 When gaining an understanding of a client an auditor will be interested in an
entitys relationships with both its suppliers and customers. What aspects of these
relationships will the auditor be interested in and how would they affect the
assessment of audit risk?
Customers:
Auditors are interested in the relationship between the audit client and its customers because
this could affect the reliability of cashflow due to problems with collectability of debts from
customers.
If the relationship is poor, customers could withhold payment, hence, increases the
settlement period for the accounts receivable (debtor). If the customers are not satisfied with
the goods or services provided due to poor quality the audit client could be liable for warranty
claims, therefore the auditor should check the reasonableness of provision for warranty
claims (liability).
Auditors are also interested in risks associated with the clients reliance on a few major
customers because non-payment or leaving of major customers can have significant effect on
cashflow in the short term. However, in the long term, can be a going concern issues for the
audit client
Suppliers:
Poor relations between the audit client and its suppliers could be indicators of cash flow
problems for the client. The supplier could be supplying faulty goods, leading to issues with
customers and problems with warranty claims.
Poor relationship between the audit client and its suppliers could potentially affect the
business operation of audit client and therefore affect the production and sales of the audit
client.
For audit client who entered into a contract with their suppliers could be locked into
unfavourable arrangement over a period of time affecting its ability to survive as a going
concern. If the client is not paying its suppliers on a timely basis, it might lose access to that
supplier, affecting its ability to continue to trade.

In both cases, the auditor would be interested in whether the other parties are located overseas
because of the additional risks associated with international transactions and foreign
exchange (which could apply to domestic trading partners as well).
3.15 In the context of fraud, explain the differences between (1) incentives and
pressures, (2) opportunity and (3) attitudes and rationalisation. Why is it important
for an auditor to consider client systems relevant to all three concepts?
Incentives and pressures are the motivating factors for the clients personnel to commit fraud.
For example, a regional manager could be under pressure to achieve a sales target to keep
their job or to receive a bonus. This motivates the manager to consider fraud possibilities.
The manager would be able to commit a fraud only if there is an opportunity to do so. An
example of an opportunity would be an unlocked storeroom (for asset misappropriation) or
loose controls over cut-off (to push a sale from one period to the next to create fraudulent
financial reporting). If the manager did not have the incentive or pressure to commit the
fraud, the opportunity would not lead to a fraud.
Attitudes and rationalisation refer to the ethical beliefs of the manager and the more senior
management of the client. If there is an attitude at the top that achieving sales targets is more
important than following policies and procedures, then the manager could use this attitude to
justify misstating sales for the period. Rationalisation refers to the view about the fraud, for
example They push me very hard and I work a lot of weekends, I am entitled to this bonus.
An auditor must consider client systems relevant to all three because they would be more
likely to detect fraud by doing so. Perpetrators of fraud are likely to take great care to conceal
the fraud, and considering only one set of indicators increases the risk that the auditor will not
detect a material misstatement resulting from fraud.

3.16 What does it mean when we say that a business is a going concern or,
alternatively, has going concern issues? Why must an auditor specifically consider
evidence about the going concern assessment for each client?
ASA 570.2 states that under the going concern assumption, an entity is viewed as continuing
in business for the foreseeable future. It also notes that a general purpose financial report is
prepared on the going concern basis, unless management intends to liquidate the entity or to
cease operations, or has no realistic alternative but to do so. When the going concern
assumption is appropriate, assets and liabilities are recorded on the basis that the entity will
be able to realise its assets and discharge its liabilities in the normal course of business.
Therefore, if the going concern basis is not appropriate, the management should prepare a
special purpose report which reflects that state. Going concern issues mean that there is
doubt about the going concern assumptions applicability to the clients financial report, and
if these doubts are serious enough, the entity should prepare a special purpose report.
The auditor must consider evidence about the appropriateness of the going concern
assumption for the client in order to express the appropriate audit opinion. If there is not
sufficient evidence to support the assumption, the auditor cannot issue an unqualified opinion
on general purpose reports. If the going concern uncertainty is appropriately disclosed in the
financial report by management and those charged with governance, the auditor can issue an
unqualified audit opinion with an emphasis of matter paragraph. However, if adequate
disclosure is not made in the financial report, the auditor shall express a qualified or adverse
opinion.
3.17 What are mitigating factors in the context of the going concern assessment? Give
some examples of mitigating factors for a loss-making client.
Mitigating factors are factors that reduce the risk that the going concern assumption may be
in doubt. For example, if the client has lost a key customer, this could raise doubt about its
ability to continue as a going concern. However, this doubt would be mitigated by ongoing
negotiations with a potential new customer.
If the client is making a loss, doubt about its ability to continue in business could exist. This
doubt could be mitigated by:
- plans to introduce new profitable products

management planning to merge with another company

plans and progress towards expansion into another market

financial support from a parent (or any other factor indicating that the losses can be
borne for some time without defaulting on debts etc.)

restructuring, retrenchment, downsizing plans (to cut costs)

3.20 Why does an auditor need to understand a clients IT system? Explain how IT
affects the financial report.
IT is part of a companys accounting processes, from transaction initiation to the financial
reports. ASA 315.18 requires the auditor to gain an understanding of clients IT systems and
its associated risks .Paragraphs ASA315 A62 &63 (Application and other explanatory
material) explain how IT benefits an entitys internal controls but also poses specific risks to
that internal control. For example, IT allows an entity to consistently perform complex
calculations in processing large volumes of transactions or data. However, if that processing
is inaccurate, reliance on those systems would be inappropriate because of the risk of material
misstatement in the entitys financial report. The auditor needs to understand where the risk
of inaccurate processing lies within the IT system and whether the client has other controls
(e.g. manual controls or other automated controls) over processing systems which would
provide greater assurance that the reported figures are accurate.
3.21 Give an example of a client closing procedure. Using your example, explain the
accounts that would be affected if the closing procedure is performed
inadequately.
Examples of client closing procedures include:
Depreciation or amortisation of assets (debit depreciation expense, credit accumulated
depreciation)
Accruals e.g. salaries, interest expense (debit expense, credit accrued expense)
Prepayments e.g. prepaid insurance, prepaid rates, prepared registration of motor vehicles
(debit prepaid expense, credit prepayment)
Other closing procedures include procedures to test the identification of revenues and
expenses which belong in the current reporting period or the next and to include the item in
the correct period (i.e. clients entries to ensure correct cut-off).
For each example, the following are the accounts affected:
Depreciation/amortisation: depreciation expenses are understated and accumulated
depreciation is understated
Accruals: expenses are understated and liabilities are understated (e.g. salaries expense are
understated and accrued salaries are overstated)
Prepayments: expenses are understated and assets are overstated (e.g. Insurance expense is
understated and prepaid insurance is overstated).
Cut-off entries are required to ensure that late expenses (e.g. invoice for goods or services
received) are identified as belonging to the current financial year. If this is not done, expenses
are understated and liabilities are understated.
For revenue items, ensure that revenue is not recognised until goods are despatched or
delivered (depending on the terms of sale). If this is not done and the sale is recorded in the
current financial year instead of the next financial year, revenue in the current year is
overstated and assets (debtors) are overstated.

3.22 What is a related party? Why is an auditor interested in identifying related parties
during the risk assessment phase of an audit?
AASB124 Para 9 defines related party as a person or entity that is related to the entity
preparing the financial statement( e.g. close member of the family has control or significant
influence or holds a key management position in the reporting entity ; an entity is in joint
venture or an associate of the reporting entity.)
Auditors search for related parties during the risk assessment phase of an audit so that they
consider the risks associated with transactions between the client and the related parties (such
as whether sales between them are genuine and recorded at arms length), and to assess
whether the client has made the required disclosures under AASB124.Omission of required
disclosure would require the auditor to issue a modified report
ASA 550 is a guidance for auditors responsibilities relating to related party relationships and
transactions in an audit of a financial report As per Para 2, the standard notes that many
related party transactions are in the normal course of business and pose no greater risk than
any other transaction. However, under certain circumstances, transactions between the client
and related parties can give rise to higher risks of material misstatements. The examples
provided include: increased complexity of the arrangements and transactions; ineffective
information systems for identifying or summarising the transactions and outstanding balances
for related parties; transactions not conducted under normal market terms and conditions (e.g.
no consideration).

Workshop questions
1.23 Audit reports
Required:
(a) Explain the relevance of the paragraphs Directors responsibility for the
financial report and Auditors responsibility in the audit report to the audit
expectation gap.
These paragraphs highlight to readers that the directors of the company and the auditors have
separate and distinct responsibilities. The directors are responsible for maintaining the
accounting systems and preparing the reports, and the auditors are responsible for conducting
an audit of these reports by evaluating their contents against the criteria of the accounting
standards and relevant legislation. The auditors responsibilities do not include preparing the
reports and the auditor must use judgement when choosing procedures and evaluating the
evidence.
(b) Find the lines in the audit report that express the auditors opinion is it an
unqualified or modified audit opinion?
The paragraph is headed Opinion. It states that in the auditors opinion the reports are
consistent with the relevant legislation including giving a true and fair view of the financial
position and performance of the company. This means that the opinion is unqualified and
unmodified.

(c) Find the lines in the review report that express the auditors conclusion is it an
audit opinion? Is it a positive or negative statement?

The auditor expresses a conclusion, not an opinion, in the review report. It is not an opinion
because they did not conduct an audit. The statement is a negative one we have not
become aware is not in accordance.

1.30 Expectations gap

Discuss the expectations gap that could exist for the audit of Securimax. Consider the
existence of any special interests of the users of Securimaxs financial reports.
The expectations gap is the difference between the expectations of financial report users and
the auditors performance.
Special users for Securimax could include:
Government agencies, including Department of Foreign Affairs and Trade, who would
be interested in the purchases by foreign governments and individuals of this type of
security vehicle.
Competing companies and/or governments who would be interested in sensitive
information about the construction of the vehicles and the identity of the purchasers.
Wollongong local government and NSW State Government, who would be interested
in the financial viability of the business and its impact on local employment and
economic activity.
Suppliers of technological equipment it is possible that the Terrain Master uses
specialised components. These suppliers would be interested in the financial viability
of the business and the likelihood of its timely payment for goods purchased on credit.
Such equipment could be made to specialised order with limited alternative
customers. The suppliers would have large investments to support eh manufacture of
these specialised components.
Other potential customers
Usual relationships would exist with lenders, shareholders, employees.
Discussion:
Consider how well Securimaxs financial reports would provide the information that these
users would require, given the highly sensitive and confidential nature of the manufacturing
process. Management is responsible for preparing the reports, but the users may look to the
auditors to make sure that the required information is provided. Also consider how well the
audit process would be able to meet the users needs for this information.

2.29 Auditor liability for misleading accounts

Required
Discuss the auditors liability for losses suffered by (a) Mega Shopping Centres
investors, and (b) other parties.
The misclassification of liabilities as non-current instead of current potentially means that
anyone analysing the financial position of Mega Shopping Centres would be misled. If the
liabilities are current, it is likely that they are due to be paid within 12 months, although they
could also be renegotiated and the repayment date extended. The reader of the accounts
would not be sure if Mega had to repay the debt, and would have doubt about the ability of
the company to continue in business.
The directors and managers of Mega are likely to say that they relied on information provided
to them by the finance department. The reports from the finance department probably did not
state that the debts were due to be repaid soon. However, the directors and managers are
under an obligation to ask questions about important matters such as large debts. They are
also obliged to monitor the financial position of their company. They cannot just rely on
others.
The auditors are likely to say that they relied on information provided by the managers about
the due date for the debt repayments. However, the auditors should gather evidence about the
repayment date, not just rely on what the managers tell them.
(a) The investors in Mega could bring legal action against the auditors, arguing they
suffered financial loss as a result of the misclassification of the debt. The auditors
reported that the financial accounts were in accordance with the Corporations Act and
accounting standards (which they were not, because the debt was misclassified), and
that the accounts were true and fair (which they were not because they gave a
misleading picture).
It is likely that the auditors are liable to the investors in Mega Shopping Centres because
of their loss and the failure of the auditors to following auditing standards, such as those
requiring auditors to gather sufficient and appropriate evidence about the liabilities and
their disclosures. The auditor could be liable under both contract law (failure to perform
the audit they were contracted to do) and tort of negligence. The investors would need to
establish that the auditor owed them a duty of care and the duty of care was breached, and
that the investors suffered a loss as a result of that negligence.
(b) Third parties cannot rely on contract law. Other parties would try to rely on tort law.
In addition, to duty of care, breach of the duty and loss, they have to establish that
there was reasonable foreseeability. This means that the other parties would have to
establish that the auditor was aware, or should have been aware, that any negligence
on their part could cause a loss to the third parties. This is more difficult than
establishing foreseeability of the loss suffered by investors. Caparo (1990) established
the concept of reasonable proximity, where the auditor must be aware of the third
party as a group and the decision they intend to make when using the audited report.
Third parties would have a better case if they obtain a Privity Letter which can be

used to prove that a duty of care was owed to them. Otherwise, there would need to be
some special circumstances before the auditor was liable to them in this case.

2.35 Code of Ethics threats and safeguards

Required
(a) Are there any threats to independence for KFP in its audit of Securimax?
(b) Can you propose any recommendations to safeguard KFP against the potential
independence threats you have identified? Explain.
Issues raised in the case:
(i) The clients internal audit department is headed by an ex-partner of KFP.
APES 110: 290.133(extract)
A former Partner of the Firm being a Director or Officer of the Client or an
employee in a position to exert direct and significant influence over the subject
matter of the Engagement.
This would certainly include the CFO or CEO, but it is unlikely to include the head of the
internal audit department Rydell Creek.
*Safeguards:
Ensure that Rydell Creek is not regarded as able to exert direct and significant influence over
the subject matter of the external audit.
Ensure that there wasnt a significant and personal relationship between Rydell Creek and the
other members of the audit team based on their previous association as colleagues (to deal
with the general familiarity threat).
(ii) Clarke Field has been the partner for 5 years and will remain as review partner
when Sally Woodrow is appointed as partner for the audit.
APES 110: 290.148 identifies familiarity and self- review threats with senior personnel
engaged on audit over a long period of time
APES 110: 290.149 requires rotation of senior audit partner for a
Listed Entity and safeguards should be applied in such situations to reduce such threat to an
acceptable level. Accordingly in respect of the Financial Statement audit of Listed Entities:
should not participate in the Audit Engagement for more than 7 consecutive years until a
further period of time, no less than two years, since the end of the financial year following the
end of the pre-defined period has elapsed.
However, the Corporations Act (N.B. students are not expected to know that Acts specific
requirements for the Auditing unit) is more restrictive with a 5 consecutive year limit.
*Safeguards:
No issue with APES110
To comply with the Corporations Act Clarke Field should not participate in the audit for
two years(N.B. students are not expected to know that Acts specific requirements for the
Auditing unit).

(iii)

Appointment of Sally Woodrow to position of partner and as partner in

charge of the Securimax audit.
APES110 210.6 requires under principle of professional competence and due care
that auditors only provide services that they are competent to perform.

Is Sally Woodrow experienced enough to lead the audit? She is being promoted to partner to
enable her to take over the audit. If she is not sufficiently experienced and qualified to lead
the audit there is a risk that the independence of the audit will be compromised.
(* Safeguards:
An independent (i.e. not previously involved with Securimax) senior audit partner
should be appointed as review partner to assist Sally Woodrow