AUDIT PROCESS ASSIGNMENT

GROUP 1

1 BHEBHE NICOLE N0232507W

2 BHEBHE PRECIOUS N0232893W

3 BUTETE KUDZWAI MISHBOUY N02315437W

4 CHAMUNORWA MUTSAWASHE N02313884Y

5 CHAPARIRA ROPAFADZO N0235696C

6 CHIBI REGINA BENNIGINA N0236391X

7 CHIFUWO PAIDAISHE N0237160S

8 CHIGADZA ELLA N0236155N

9 CHIGANDA LEARNMORE TADIWA N0235260J

10 CHIGURI TARIRO RUTH N0234074L

11 CHIGWERE BLESSING TAKURA N0231443W

1(a) Significant account balance(s) and or class(es) of ABC Ltd

Account balances:

- Trade Receivables

- Foreign Exchange Contract (FEC)

- Provision for Credit Losses

Classes of transactions:

- Sales Revenue (Local and Foreign)

- Forward Exchange Contracts

- Factoring of Trade Receivables

(b)

Account balance / Class

Risk of Material Misstatement (Described)
of transaction

Trade Receivables Valuation: Risk of not accurately valuing trade receivables due to
 foreign currency fluctuations.

Existence: Risk of inflated or non-existent receivables.(by

ignoring the normal credit terms of 30 days or data entry
mistakes, such as duplicating invoices)

Completeness: Risk of unrecorded Foreign Exchange Contracts.

Foreign Exchange
Contract (FEC) Valuation and Allocation: Risk of not accurately valuing the
contracts at year-end.

Accuracy: Risk of inappropriate provision percentage.

Provision for Credit

Completeness: Risk of unidentified bad debts due to lack of
Losses
segregation of duties (allowing the same person to handle credit
approval, sales and collections)

Accuracy: Risk of profit manipulation for increased bonuses.

Management Bonuses
Completeness: Risk of unrecorded expenses.

Existence: Risk of factored receivables still recorded as assets.

Factoring of Trade
Receivables
Rights and Obligations: Risk of contingent liabilities.

Overstatement of revenue due to management’s bonuses based

on profit.

Revenue (Sales to local

Foreign currency translation errors due to invoicing in various
and foreign customers)
currencies.

(c)

Account/Transaction Risk of Material Misstatement Assertions Affected

Existence, Valuation,
Trade Receivables Valuation, Existence
Completeness
Foreign Exchange Contract Completeness, Valuation, Completeness, Valuation,
(FEC) Rights and Obligations Rights and Obligations

Provision for Credit Losses Accuracy, Completeness Accuracy, Completeness

Management Bonuses Accuracy, Completeness Accuracy, Completeness

Factoring of Trade Existence, Rights and Existence, Rights and

Receivables Obligations Obligations
2(a) The Five elements of an internal control system:

1.Control Environment:

The control environment is the element that sets the tone of an organization and influences
the control consciousness of its people. It is the foundation of an organisation’s internal
control system, providing discipline and structure. Key factors include the integrity, ethical
values, and competence of the entity’s people as well as management’s philosophy and
operating style; the way management assigns authority and responsibility; and the attention
and direction provided by the board of directors.

2. Risk Assessment:

Risk assessment element involves identifying and analysing relevant risks to the
achievement of objectives, forming a basis for how the risks should be managed. This
includes looking at both external and internal factors that could prevent the organization
from achieving its objectives and determining how these risks should be mitigated or
controlled.

3.Information system, (including the related business processes, relevant to financial

reporting, and communication):

An information system consists of hardware components, software, people, procedures and

data. Under manual systems there will be no infrastructure or software. The information
system relevant to financial reporting objectives, which includes the accounting system,
consists of the procedures and records established:

-To initiate, record, process, and report entity transactions (as well as events and
conditions).

-To maintain accountability for the related assets, liabilities, and equity.

-An important feature of the information system is the audit trail.

Audit trail is also part of the information system element, where individual transactions can
be traced through each step of the accounts to their inclusion in the financial report and,
similarly, from the financial report the amounts can be vouched or traced back to original
source documentation.

The Information Systems element also include Information Technology controls to enhance
the timeliness, accuracy and availability of information. These include Access controls (to
limit data access to only authorised individuals), Data and backup controls (to avoid loss of
data or to enable retrieval of data when lost).

4.: Control Activities:

Control activities are the policies and procedures that help ensure management directives
are carried out. These comprise the techniques, methods and principles that are needed for
the application of internal controls and consists the following:

-Physical controls (safeguarding assets)

-Authorisation procedures (a preventive control)

-Performance Reviews (checking if results are according to expectations)

-Information processing (manual or automated procedures and general controls)

-Segregation of duties (assigning responsibilities)

The auditor must obtain a sufficient understanding of the control activities to assess all risks
of material misstatement at the assertion level and to design further audit procedures
responsive to the levels of assessed risk.

5.Monitoring:

Monitoring is a process that assesses the quality of internal control performance over time.
This includes regular management and supervisory activities, as well as other actions
personnel take in performing their duties. Monitoring can be done through ongoing
activities or separate evaluations. It ensures that the internal control system continues to
operate effectively and identifies areas that need improvement.

Monitoring is also done to avoid the effect of personnel failing to comply with the controls
or the controls becoming obsolete as management will fail to consider whether the controls
are operating as they should be.

(b) Purpose of Internal Controls: (Hayes, et al., 2019)

1.Enhancing Accuracy and Reliability:

Ensuring the accuracy and reliability of financial reporting and operational data. This also
means internal controls ensure that financial reports and operational data are consistent
and reliable. For instance a company implements a double-entry accounting system where
every financial transaction is recorded in two accounts. This helps ensure that all
transactions are accurately recorded and discrepancies are promptly identified and resolved.
2.Compliance:

Helping to ensure compliance with laws, regulations, and internal policies. An example can
be a pharmaceutical company adheres to regulatory requirements by maintaining accurate
records of drug trials and ensuring that all marketing practices comply with the guidelines
set by health authorities. Regular audits are conducted to ensure compliance with industry
standards.

3.Safeguarding Assets:

Protecting assets from unauthorized use, theft, or fraud. For example a retail chain installs
surveillance cameras and employs security personnel to prevent theft. Additionally,
inventory is regularly counted, and access to the warehouse is restricted to authorized
personnel only.

4.Operational Efficiency:

Promoting efficiency and effectiveness in operations by implementing best practices. By

way of illustration, a manufacturing company can adopt lean manufacturing principles to
streamline production processes. By reducing waste and optimizing workflows, the
company improves efficiency and reduces costs.

5.Risk Management:

Identifying and mitigating potential risks that could impact the organization's objectives. For
instance, a financial institution conducts regular risk assessments to identify potential
threats to its operations, such as cyberattacks or market volatility. It implements robust
cybersecurity measures and diversifies its investment portfolio to mitigate these risks.
(c) Circumstances to be considered by management when assessing risk:

1.Internal Factors:

These include the organization’s internal processes, systems, and personnel. Management
must evaluate the effectiveness of existing internal controls, the competence and integrity
of employees, and the organization’s overall culture. For example a tech company that
evaluates its internal processes and realizes that their current cybersecurity measures are
outdated. They decide to implement a new, more robust system to protect against data
breaches and ensure that their IT team is regularly trained on the latest security protocols.

2.External Factors:

These encompass the broader environment in which the organization operates. For
instance, a clothing retailer can notice a shift in market trends towards sustainable fashion.
To stay competitive, they start sourcing eco-friendly materials and revamping their supply
chain to meet the growing demand for sustainable products. Thus external factors include
economic conditions, regulatory changes, market trends, and technological advancements
that could impact the organization's operations.

3.Operational Factors:
Management should assess the risks associated with the organization’s day-to-day activities.
Lets say, a food manufacturing company assesses the risk of supply chain disruptions and
decides to diversify its suppliers. This way, if one supplier faces an issue, they have
alternatives to ensure continuous production and avoid delays.Therefore, operational
factors include evaluating the efficiency of production processes, supply chain reliability,
and the potential for disruptions in operations.

4.Financial Factors:

Financial stability and performance are critical. Management must consider the
organization’s financial health, including liquidity, credit risk, and exposure to market
fluctuations. Here we can consider a real estate firm evaluating its financial stability and
identifying a high level of exposure to market fluctuations. To mitigate this risk, they decide
to diversify their portfolio by investing in both residential and commercial properties, thus
balancing potential gains and losses.

5.Strategic Factors:

These are related to the organization’s long-term goals and objectives. An example can be,
a software development company planning to expand into a new international market.
Before doing so, they conduct thorough market research to understand the local regulations,
competition, and consumer preferences. This helps them develop a strategic plan to
successfully enter and thrive in the new market.

Thus on the strategic factors, management must assess the risks associated with strategic
decisions, such as entering new markets, launching new products, or making significant
investments.
By considering these circumstances, management can identify, evaluate, and mitigate risks
to ensure success and stability of the organisation.

3(a) Before accepting the engagement as the external auditor of Sports Electronics (Pty) Ltd
(SET), CTZ should have considered the following factors in accordance with the principles of
International Standards on Auditing (ISA) and the Code of Ethics for Professional
Accountants issued by the International Ethics Standards Board for Accountants (IESBA):

1. Independence and Objectivity:

CTZ has previously provided accounting services to SET, including setting up its accounting
function and preparing financial statements. This raises self-review and familiarity threats,
as CTZ may be auditing financial information it helped prepare. The firm must assess
whether it can maintain independence and objectivity while performing the audit.

2. Professional Competence and Capabilities:

SET operates in the IT sector, manufacturing wearable connected devices. Auditing a
technology company requires industry-specific knowledge. CTZ must determine if it has the
expertise to understand SET’s operations, financial risks, and accounting policies related to
technology and manufacturing.

The firm should assess whether it has sufficient resources, given that it has only two
partners and fifteen professional staff members. The assessment may include evaluating
experience of audit staff in the IT sector as the engagement might require specialized
expertise that CTZ may lack.

3. Management Integrity and Attitude Towards Financial Reporting:

The directors are highly ambitious and determined to maximize business value at all costs,
which might create pressure to manipulate financial results to obtain additional funding and
prepare for the future listing.

The urgency with which management wants the audit completed for the bank raises
concerns about undue pressure and whether sufficient audit evidence can be obtained in
the limited timeframe.

Except for the financial director, the other directors have limited financial and regulatory
knowledge, increasing the risk of material misstatements due to error or fraud.

4. Going Concern Risk:

SET has exhausted its overdraft facilities, and additional financing is conditional on receiving
a clean audit report. This creates a going concern risk, as there is uncertainty about the
company’s ability to continue operating without securing additional funds.

CTZ must assess whether sufficient audit evidence is available to support a going concern
assumption and whether any material uncertainty should be disclosed in the financial
statements.

5. Scope and Complexity of the Engagement:

As this is SET’s first audit, the auditors will need to perform extensive work to verify opening
balances, assess internal controls, and review prior financial information.

The company’s rapid growth suggests that its accounting systems and controls might not
have kept pace with expansion, thus increasing the audit risk.

6. Expectation Management and Non-Assurance Services:

The directors expect CTZ to assist with SET’s listing in two years. This raises potential
independence threats, as CTZ may be involved in advisory services that could impair its
ability to provide an objective audit.

CTZ must clarify its role and ensure that it does not provide prohibited non-assurance
services, such as preparing financial statements while also auditing them.

7. Legal and Regulatory Considerations:

SET’s financial statements must comply with International Financial Reporting Standards
(IFRS), which the directors may not fully understand. CTZ must assess whether SET’s
accounting policies and reporting framework are appropriate.

CTZ should verify whether SET is required to have an audit under the Companies Act of
South Africa and whether there are any regulatory requirements related to the planned
listing.

8. Audit Fees and Commercial Considerations:

As SET is a rapidly growing company with funding challenges, there is a risk of fee pressure.
CTZ should ensure that the audit fees are adequate to cover the time and resources
required.

There is a risk that SET may later dispute fees or delay payments if financial difficulties
persist.

9. Ethical Considerations and Acceptance Procedures:

CTZ must follow client acceptance procedures, including conducting background checks on
the directors to assess their integrity and financial history.

The firm should document any threats to independence and objectivity and apply
appropriate safeguards before accepting the engagement.

In conclusion, before accepting the audit engagement, CTZ must have evaluated whether it
could maintain independence, has the necessary expertise, and could address the risks
associated with SET’s financial condition and management’s expectations. If any significant
threats seemed impossible to be mitigated, CTZ should have reconsidered accepting the
engagement.

(b) Contents of an Engagement Letter:

According to International Standards on Auditing (ISA) 210 an engagement letter is a

document that formalizes the terms of the audit engagement and clarifies expectations
between the auditor and the client. What it typically includes is as follows:

Objective and Scope of the Audit, where it clearly defines the purpose of the audit for
example giving an opinion on the financial statements in accordance with International
Financial Reporting Standards and opinion on the extent of audit work. The scope and
objectives also specify the period covered by the audit for example financial year 2014 in
SET’s case.

An Engagement letter also shows responsibilities of the Auditor. This describes the auditor’s
role, including planning, acting on the plans and reporting on the audit. In addition, on
responsibilities of the Auditor, there is also explanation of how the audit will be conducted
in accordance with relevant auditing standards and there are also the needs for professional
judgment and the possibility of material misstatements.

Responsibilities of Management are also included in an Engagement letter. These include

responsibilities such as managers preparing accurate financial statements. They also
emphasise the importance of providing complete information to the auditor and also states
the need to work hand in hand with the auditor during the audit process. Management
responsibilities also include maintaining effective internal controls to prevent and detect
fraud.

An Engagement letter also identifies Applicable Financial Reporting Framework. These

specify the accounting standards that will be used for preparing the financial statements,
the period covered by the financial statements and clarify any specific reporting
requirements unique to SET’s type of operations.

Engagement Fees and Payment Terms: Information regarding the fees for the audit
services, including the basis for calculating fees (e.g., hourly rates, fixed fee) is also found in
the engagement letter as well as the time when invoices will be issued and payment due
dates.
 Timing of the Audit: A timeline or time estimate for the audit process, including key dates
for the start and completion of the audit, and deadlines for delivering the audit report.

Use of Internal Audit Work: If applicable, a statement regarding the extent to which the
auditor may rely on the work of the internal audit function can also be included in an
engagement letter.

Limitations of the Audit: Acknowledgment of the inherent limitations of an audit, such as

the possibility of undetected errors or fraud.

Confidentiality and Data Protection: A clause regarding the confidentiality of the client's
information, specifying that the auditor will not disclose any proprietary information
without consent, except as required by law. Thus avoiding oversharing information
concerning the audit with third parties, meaning the auditors obligation to maintain
confidentiality.

Termination Clause: Conditions under which either party may terminate the engagement,
including notice periods and any obligations upon termination.

Signatures: Space for signatures from authorized representatives of both the auditor and
the client, indicating acceptance of the terms laid out in the engagement letter.
Therefor from the above contents, the engagement letter serves as a formal agreement and
could help manage expectations between the auditors and client in question (CTZ Auditors
and SET). It provides clarity on roles, responsibilities, and the overall audit process, helps
manage expectations, promotes transparency, and fosters a smooth and effective audit
engagement.
4(a) Sources of Audit Evidence:

1.Inspection of Records and Documents:

Here , the auditor reviews documents such as invoices, contracts, and meeting minutes. By
examining these records, the auditor can verify the authenticity of transactions and ensure
they are accurately recorded. For example, an auditor might check an invoice against the
corresponding purchase order and delivery receipt to confirm the transaction's legitimacy.

2.Inspection of Tangible Assets: This involves physically examining assets like inventory,
equipment, or property. For instance, an auditor might count the inventory in a warehouse
to verify that the quantities recorded in the financial statements match the actual stock on
hand. This helps ensure that assets are properly accounted for and that there are no
discrepancies.
3.Observation: The auditor observes processes or procedures being performed by the
entity's staff. For example, the auditor might watch how students enter the school premises
to ensure that the use of Student Identity card procedures are followed and that there are
no irregularities. This helps the auditor assess the effectiveness of internal controls and
operational practices.

4.Inquiry: Seeking information from knowledgeable people within or outside the entity,
such as management and employees. The auditor asks questions to gather information from
knowledgeable individuals within or outside the entity, such as management, employees, or
external parties. For instance, the auditor might inquire about the procedures for approving
expense reports. This helps the auditor understand the processes in place and identify any
potential issues.

5.Confirmation: Obtaining written verification from independent third parties, such as bank
balances and accounts receivable. The auditor obtains written verification from
independent third parties, such as banks or customers. For example, the auditor might send
a confirmation letter to a bank to verify the balance of the company's bank account. This
provides external evidence that supports the accuracy of the financial records.

6.Recalculation: Checking the mathematical accuracy of documents or records. For example,

the auditor might recalculate the depreciation expense for an asset to ensure it has been
correctly computed. This helps verify that the calculations in the financial statements are
accurate.

7.Reperformance: Independently executing procedures or controls originally performed by

the entity. For instance, if the entity reconciles its bank statements monthly, the auditor
might perform the same reconciliation to verify its accuracy. This helps ensure that the
procedures are being carried out correctly.

8.Analytical Procedures: The auditor evaluates financial information by analysing

relationships among both financial and non-financial data. For example, the auditor might
compare current year sales figures to prior year figures and industry trends to identify any
unusual fluctuations. This helps the auditor identify areas that may require further
investigation.

(b) Audit Procedures:

1.Risk Assessment Procedures: These are performed to obtain an understand of the entity
and its environment, including the internal controls.

The risk assessment procedure will identify risk at:

- financial statement level, affecting the entity as a whole, as well as the overall audit
approach.

- the assertion level for classes of transaction and account balance.

It also involves inquiries of Management and Others: Asking questions to understand the
entity and its environment.

2.Tests of Control:

These are procedures that the auditor performs to obtain audit evidence of :

-suitability of a design of the accounting and internal control system to detect, prevent and
correct material misstatements, (fraud and error) and
-the existence and effective operation of the systems throughout the period of reliance.

Tests of control may involve

- Walkthroughs: Tracing transactions through the control system to assess its design and
implementation.

- Reperformance: Re-performing the control activities to ensure they are operating

effectively.

- Inspection of Documentation: Reviewing documents to confirm that controls have been

applied.

3.Substantive Tests:

- Substantive Analytical Procedures: These are audit procedures designed to detect

material misstatements at the assertion level. Involves comparing recorded amounts to
independently developed expectations.

- Tests of Details: Examining transactions, balances, and disclosures for accuracy and
completeness.

- Confirmation: Obtaining direct verification from third parties about account balances or
transactions.

(c) Linking transaction-related audit objectives to management asertions:

General Transaction-Related Audit Objective Management Assertion

Occurrence Occurrence

Completeness Completeness

Accuracy Accuracy

Classification Classification

Cutoff Cutoff

Posting and Summarization Valuation and Allocation

1.Occurrence:

Audit Objective: Ensure that recorded transactions actually occurred and relate to
the entity.

Management Assertion: Occurrence

2.Completeness:

Audit Objective: Ensure that all transactions and events that should have been
recorded are actually recorded.

Management Assertion: Completeness

3. Accuracy:

Audit Objective: Ensure that transactions are recorded at the correct amounts.

Management Assertion: Accuracy

4. Classification

Audit Objective: Ensure that transactions are recorded in the proper accounts.

Management Assertion: Classification

5. Cutoff:

Audit Objective: Ensure that transactions and events are recorded in the correct accounting
period.

Management Assertion: Cutoff

6.Posting and Summarization:

Audit Objective: Ensure that transactions are properly posted to the ledger and
summarized correctly.

Management Assertion: Valuation and Allocation.

References:

(Cooper, 1971)

(Hayes, et al., 2019)