Introduction

Every activity or undertaking entered into by a person has certain targets. In order to
attain these targets, one of the first things performed is to plan the courses of action needed to be
taken. Preparing for the future enables people to future enables people to consider the impact
they would like to have and to find a way to attain those targets. Planning helps people to
identify and achieve these targets through making or carrying out plans and avoiding doing some
random activities. Planning helps people to identify and achieve these targets through making or
carrying out plans and avoiding doing some random activities. This makes planning a very
necessary and important procedure in any undertaking.

Differences Similarities
External Audit Financial Audit
Manual
Definition of Under ISSAI 1300, planning is
planning not a discrete phase of an audit
but rather a continual and
iterative process that often
begins shortly after the
completion of the previous and
continues until the completion
of the current audits.

Steps that It does not have. But The Corporate - Establishing an overall
the planning it highlights the Manual provided audit strategy that sets
activities following: steps in planning the scope, timing and
involves - Reducing the activities direction for the audit,
risk to an 1. Conducting and that guides the
acceptably Preliminary development of the
low level. Risk more detailed audit
Assessment plan. (Similar to Step
2. Conducting 1)
Final Risk - Develop an audit plan
Assessment that addresses the
various matters
identified in the overall
audit strategy. (Similar
to Step 4)

In Establishing the audit strategy

establishing involves settings the scope,
the overall timing and direction of the
audit audit towards the development
strategy of an Audit Engagement Plan.
In establishing the overall
audit strategy, the auditor
 shall:

a. Identify the
characteristics of the
engagement that define
its scope;
b. Ascertain the reporting
objectives of the
engagement to plan the
timing of the audit and
the nature of the
communications
required;
c. Consider the factors
that, in the auditor's
professional judgment,
are significant in
directing the
engagement team's
efforts
d. Consider the results of
preliminary
engagement activities
and, where applicable,
whether knowledge
gained on other
engagements
performed by the
engagement partner for
the entity is relevant
e. Ascertain the nature,
timing and extent of
resources necessary to
perform the
engagement.

Preparation The standards does • The overall

of overall not specify who are audit
audit responsible in strategy is
strategy preparation, review prepared
and approval. by the
Audit
Team
Leader
• The
Supervisin
g
 Auditor/Re
gional
Supervisin
g Auditor
will review
it.
• The Cluster
Director/Re
gional
Director
will
approved
it.

Modifying Modifying is Modifying is

the overall allowed allowed, but must
audit be approved by the
strategy CD/RD upon the
recommendation
of the SA/RSA.
Risk Agency Risk Risk
The threat that an Is the probability of an act or
event, action or event occurring that would
inaction will have an adverse effect in the
adversely affect achievement of an
the agency’s achievement of an agency’s
ability to objectives.
successfully
achieve its Audit Risk
mandate and The risk that the auditor may
objectives and express an inappropriate
execute its opinion on the FS.
strategies.
Components of Audit Risks
a. Inherent risk is the
susceptibility of an
assertion, about a class
of transaction, account
balance or disclosure to
a misstatement that
could be material,
either individually or
when aggregated with
other misstatements,
before consideration of
any related controls.
 (IRRBAM, par. 2.6.1
(b))

b. Control risk is the risk

that a misstatement that
could occur in an
assertion about a class
of transaction, account
balance or disclosure
and that could be
material, either
individually or when
aggregated with other
misstatements will not
be prevented, or
detected and corrected,
on a timely manner by
the entity's internal
control. (IRRBAM,
par. 2.6.1)

c. Detection risk is the

risk that the auditor's
procedures will not
detect a misstatement
that exists in an
assertion that could be
material, individually
or when aggregated
with misstatements.

Understandi PSA 315 requires The resident

ng the Audit the auditor to obtain auditors assigned
Entity sufficient in their respective
understanding of the agencies perform,
entity and its among others,
environment financial and
including its internal compliance audits.
control. Such Thus, auditors
understanding have practically
involves obtaining broad knowledge
knowledge, about of agency
entity’s: operations which
 Industry, should be
regulatory, summarized in the
and other UTA Template
external
 factors, The UTA template
including may include the
financial following
reporting a A general
framework overview of the
 Nature of the entity's
entity, organization and
including operations,
entity’s b. The agency's
selection and main activities and
application critical processes;
of c.
accounting Projects/Programs/
policies. Activities
 Objective d. Results of
and previous audit
strategies e. Auditor's notes
and the on any component
related that may be
business risk significant to the
that may conduct of
resulting a financial audit
material
misstatement
of the
financial
statements
 Measuremen
t and review
of the
entity’s
performance
 Internal
Control
Control  Management and staff
Environme demonstrate personal
nt and professional
integrity and ethical
values;.
 Management sets the
“tone at the top” (i.e.
management’s
philosophy and
operating style);
 Management
establishes an
 appropriate government
organizational
structure;
 Management and staff
exhibit commitment to
competence; and,
Management establishes
human resource policies and
practices.
Risk  Management identifies
Assessment and defines appropriate
objectives and risk
tolerance in specific
and measurable terms;
 Management identifies,
evaluates and assesses
agency’s risks; and,
Management determines
appropriate response to the
identified, evaluated, and
assessed agency’s risks.
Information This is only This is applicable  Management develops
and applicable on the to financial and and maintains reliable
Communica financial non-financial and relevant
tion System information. information. information;
 Management
communicates
information throughout
the agency; and,
 Management
communicates
information with
external parties.

Control  Management designs

Activities control activities which
are appropriate,
function consistently
according to plan
throughout the period,
cost effective,
comprehensive,
reasonable and directly
relate to the control
objectives and to
address risks;
  Management develops
control activities which
include a range of
diverse policies and
procedures; and,
 Management develops
an effective
information technology
control activities.
.
Monitoring  Management
establishes and
operates activities to
monitor the internal
control system and
evaluates the results;
and,
 Monitoring activities
ensure that audit
findings and
recommendations are
adequately and
promptly resolved
The  Inquiring
Auditor  Observing
uses The  Inspecting relevant
Understand
documents
ing of
Internal
Control To.
Classificatio Preventive Controls
n of - Controls are designed
Internal to discourage errors or
Controls irregularities from
According occurring.
to Purpose Detective Controls
- Controls are designed
to find errors or
irregularities after they
have occurred.
Considering  The The internal auditor may be
The Work internal presumed to be objective if the
of Internal auditor is following criteria are met and
Auditors sufficiently the internal auditor’s function
removed is established by legislation or
regulation:
 from  The internal auditor is
political accountable to top
pressure to management and to
conduct those charged with
audits and governance;
report  The internal auditor
observation reports the audit results
s, opinions, both to top
management and those
and
charged with
conclusions governance;
objectively  The internal audit unit
without is located
fear of organizationally
political outside the staff and
reprisal; management function
of the unit under audit;
 The top management
permits internal
auditors to audit
operations for which
they have previously
been responsible for to
avoid any perceived
conflict of interest; and,
The internal auditor has access
to those charged with
governance.
General The external The GAP shows
Accounting audit aims to the overall
Plan increase confidence accounting system
in the information of the agency/unit
mentioned in its including the
financial statements standard source
and ensure its documents, the
integrity. It also flow of
aims to improve that transactions and
information by recording in the
detecting its errors, books of accounts,
early modification, and their
and detecting any conversion into
manipulation that financial
occurs. information/data
presented in the
financial reports.
The general flow
 of transaction as
well as the
possible source
documents, books
of accounts and
monitoring reports
generally required
by affected
accounts using the
GAM for national
government
agencies

Financial Two types of FS Two types of FS

Statement analysis analysis
Analysis 1. Horizontal 1. Variance
analysis analysis
2. Vertical 2. Tie in
analysis analysis
Understand Misstatements in the FS can
ing Fraud rise from either fraud or error.
Risks Although fraud is a broad legal
concept, the auditor is
concerned with fraud that
causes a material statement in
the FS.

Two types of intentional

misstatements
1. Misstatements resulting
from fraudulent financial
reporting
2. Misstatements resulting
from misappropriation of
assets

Non- Transactions, Non-compliance by the entity

compliance which are non- with laws and regulations may
with laws compliant with result in a material
and existing laws and misstatement of the FS
regulations regulations, are
considered illegal
and irregular and,
thus, disallowed in
audit as required
under existing
 COA regulations.
Related parties pertain to
i. Persons or other
entities that have
control or significant
influence, directly or
indirectly through one
or more intermediaries,
over the reporting
entity.
ii. Entities over which the
reporting entity has
Assessing
control or significant
Related
influence, directly or
Parties
indirectly through one
or more intermediaries.
iii. Other entities under
common control with
the reporting entity
through having
common controlling
ownership and
common key
management.

Assertions The potential misstatements

in may be groups into three
considering categories considering the
misstateme following assertions
nts
 CATEGO ASSERTION
RY
Occurrence
Transactio Completeness
n level Accuracy
assertions Cutoff
Classification
Existence
Rights and
Account Obligations
balance Accuracy,
assertions valuation and
allocation
Classification
Presentation
Presentati
Understandabil
on and
ity
other
Accuracy
disclosure
Completeness
s
Occurrence
 III.
Conducting
     
Final Risk
Assessment
Materiality is
defined in
Materiality
accounting literature
threshold pertains
in the following
to the amount of
terms: “Information
materiality set as
is material if its
benchmark to
Materiality omission or
evaluate the
misstatement could
significance of
influence the
misstatements or
economic decision
omissions noted
of users taken on the
during audit.
basis of the financial
statements.”
Materiality may be ISSAI 1320
viewed as: explains that
 The largest misstatements and
amount of omissions are
 considered to be
material if they,
misstatement
individually or in
that the
aggregate, could
auditor could
reasonably be
tolerate in
expected to
the financial
influence the
statements;
economic
or
decisions of users
The smallest
of the FS.
aggregate amount
The users are
that could misstate
considered as a
any one of the
group of users of
financial statements.
FS rather than as
individual users.
According to PSA The concept of
320, materiality materiality is
should be applied both in
considered by the planning and
auditor: performing the
 In the audit, and also in
planning evaluating the
stage, to effect of identified
determine misstatement in
the scope of the FS.
audit
procedures; It is also based on
and the concept that
 In the items of little
completion importance do not
phase of the require to be
audit, to audited since these
evaluate the will not affect the
effect of judgment or action
misstatement of a reasonable FS
s on the user.
financial
statements. While materiality
is primarily based
The auditor should on the auditor’s
determine the professional
amount of judgment, such
misstatement that judgment should
could be material to consider both
the financial qualitative and
statements taken as quantitative
aspects to reduce
a whole.

Materiality is a
matter of
professional
the risk of audit
judgement and
decisions which
necessarily involves
are either overly
quantitative factors
liberal or
(amount of the item
conservative.
in relation to the
financial statements)
and qualitative
factors (the nature
of misstatement).
Items of little
importance are
considered trivial.
Clearly trivial as
mentioned in
ISSAI 1450, par.
A2 does not mean
If the materiality
“not material.”
level is set too low,
Misstatements that
auditor will be
are clearly trivial
wasting his time
will be of wholly
auditing accounts
different (smaller)
that are not
order of
important. However,
magnitude, or of a
if materiality level is
wholly different
set too high, auditor
nature than those
may not be able to
that would be
detect misstatements
determined to be
that could be
material, and will
material to some
be misstatements
readers of the
that are clearly
financial statements.
inconsequential,
whether taken
individually or in
the aggregate and
whether judged by
any criteria of size,
nature or
circumstances.
ISSAI 1320 describes
qualitative considerations
specific to determining
 materiality levels in the public
sector: When determining
whether a particular class of
transactions, account balance,
disclosure, or other assertion
which is part of the financial
reporting framework, is
material by virtue of its nature,
public sector auditors take into
account qualitative aspects
such as:
a) The context in which the
matter appears; for example, if
the matter is also subject to
compliance with authorities,
legislation or regulations, or if
law or regulation prohibits
overspending of public funds,
regardless of the amounts
involved;
b) The needs of the various
stakeholders and how they use
the financial statements;
c) The nature of the
transactions that are considered
sensitive to users of the
financial statements;
d) Public expectations and
public interest, including
emphasis placed on the
particular matter by relevant
committees in the legislature,
such as a public accounts
committee, including the
necessity of certain
disclosures;
e) The need for legislative
oversight and regulation in a
particular area; and
f) The need for openness and
transparency; for example, if
there are particular disclosure
requirements for frauds or
other losses.
The auditor should Quantitative
determine the materiality
amount of thresholds or the
misstatement that maximum errors
could be material to are established at
the financial three levels:
statements taken as a. Overall
a whole. materiality (for the
FS as a whole) is
If the materiality an amount set to
level is set too low, establish whether
auditor will be or not the financial
wasting his time statements can be
auditing accounts regarded as
that are not materially
important. However, misstated.
if materiality level is Misstated,
set too high, auditor individually or in
may not be able to aggregate, above
detect misstatements this threshold is
that could be considered
material to some significant enough
readers of the to influence the
financial statements. decision of users
and thus,
Planning the audit considered the FS
solely based on the materially
materiality misstated. This can
guidelines discussed be changed during
in the preceding the audit
section leaves no depending on the
margin for possible information
undetected received by the
misstatements. Auditor. This is
When auditing used to determine
financial statements, the level of
it is common for performance
auditors to exercise materiality and
prudence by setting specific
materiality at an materiality.
amount lower than b. Performance
the overall materiality is the
materiality. By amount set at less
using a lower level than the overall
of materiality in the materiality to
performance of the lower the risk of
audit, the extent of not being able to
the audit procedures detect uncorrected
is increased thereby
reducing the risk and undetected
that the amount of misstatements
uncorrected and which in the
undetected aggregate, may be
misstatements will considered
exceed the overall material for the
materiality. The overall financial
reduced level of statements. Some
materiality which known advantages
the auditors use both of setting
at the financial performance
statement and materiality
account balance include:
level is. called the i. Providing some
"performance assurance that the
materiality". undetected and
uncorrected
The determination misstatements will
of performance not accumulate to
materiality involves reach an amount
the exercise of that would cause
professional the FS to be
judgment. It is materially
affected by the misstated;
auditor's ii. Serving as a
understanding of the guide to the
entity, updated Auditor to require
during the adjustment in the
performance of the FS, aggregate
risk assessment errors reaching this
procedures; and the amount;
nature and extent of iii. Assessing the
misstatements risks of material
identified in misstatement and
previous audits and determining the
thereby the auditor's nature, testing and
expectations in extent of further
relation to audit procedures;
misstatements in the and
current period. Also, iv. Serving as the
the level of assertion testing
performance level/threshold to
materiality can be identify high value
set at different items or as
levels for different sampling interval
accounts. when selecting
items for testing or
calculating sample
size. The audit has
to cover all items
or transactions or
accounts above the
value set as
performance
materiality.
c. Specific
materiality refers
to the amount or
amounts set at less
than overall
materiality for
particular classes
of transactions,
account balance or
disclosures which
may reasonably be
expected to
influence the
economic
decisions of users
taken on the basis
of FS.
Specific
Materiality could
relate to sensitive
areas such as
particular note
disclosures (that is,
management
remuneration or
entity key-specific
data), compliance
with legislation or
certain terms in a
contract, or
transactions upon
which
remunerations are
based. It could also
relate to the nature
of a potential
misstatement such
as an illegal act,
non-compliance
with loan
covenants and
statutory/regulator
y reporting
requirements.
Some of the
disclosures that
would normally be
subject to a
Specific
Materiality level
are:
i. Related party
transactions and
balances;
ii. Significant
management
estimates or
valuations;
iii. Non-
compliance with
legislation or terms
in a contract;
iv. Significant
events and
important changes
in operations (e.g.,
expansion or
discontinued
operations, new
services);
v. Significant
accounting
policies or changes
in accounting
policies; and,
vi. Sensitive
income and
expense accounts
such as
management fees
and research and
development costs.
The Audit Team Leader shall
determine the materiality
thresholds particular to the
audited entity, subject to the
review of the Supervising
Auditor and to the approval of
the Cluster/Regional Director
concerned.
In an audit of the financial
statements of stand-alone
agencies (not a
component/regional/head
office), the Audit Team Leader
shall determine and use the
overall materiality,
performance materiality,
specific materiality (if
applicable), and testing
threshold throughout the audit.
In an audit of a
consolidated/combined FS of
groups with components or
agencies with regional offices:
i. The Audit Team
Leaders in the
head/component/region
al office preparing ML/
SAOR (whichever may
be applicable) shall
determine and compute
the overall materiality,
performance
materiality, specific
materiality and testing
threshold using their
respective FS. In case
of separate FS for each
type of fund (e.g.,
General Fund, Special
Education Fund, Trust
Fund), the auditor shall
compute materiality
thresholds using the
specific FS for each
fund.
ii. The Supervising Auditor
(head of audit group) preparing
 the CAAR and issuing the IAR
shall determine the overall
materiality, performance
materiality, specific materiality
and testing threshold (if
applicable) based on the
consolidated/combined
financial information of the
whole group/agency. The
computed overall materiality
will be used in determining
whether the
consolidated/combined FS is
misstated or not, and in
determining the type of audit
opinion to be issued on the
consolidated/combined FS.
Calculating materiality is
established through these
steps:
a. selecting an
appropriate benchmark;
b. identifying
appropriate financial
data for the selected
benchmark; and,
c. calculating materiality based
on established percentages.
Among the factors that may
Step 1. affect the identification of an
Selecting an appropriate benchmark include
Appropriate the elements of the FS (for
Benchmark example, assets, liabilities,
equity, revenue, expenses).
ISSAI 1320 (A9) notes that in
an audit of public sector entity,
the total cost or net cost
(expenses less revenues or
expenditures less receipts) may
be appropriate benchmarks for
program activities. Where a
public sector has custody of
public assets, these may be the
appropriate benchmark. There
are no hard and fast rules for
determining whether an agency
 is to be considered as asset or
expenditure driven. However,
the following may facilitate in
identifying where the agency is
driven:
a. The agency mandate
and even the targeted
outputs will determine
the appropriate
benchmark.
For instance, if outputs
are identified in terms
of physical assets such
as number of buildings,
kilometers of roads
among others, then it
must be asset driven. If
outputs are in terms of
number of workshops,
number of trainings,
number of services
rendered, then it must
be expenditure driven.
b. If the agency’s targets are
both in terms of physical assets
and expenditures, the auditor
may consider the mandate or
major activity of the agency,
whether assets acquisition or
expenditures.
The ATL shall determine the
benchmark to be used, either
total expenditures or total
assets or total revenues, subject
to the review of the SA/RSA
and approval of the CD/RD.
This benchmark shall be
consistent yearly unless the
agency’s mandate is changed.
Step 2. The benchmark figures shall
Identifying be based on the unaudited FS
Appropriate for the current year-end unless
Financial the same is not available. In
Data for the such case, the audited FS
Selected figures for the past year-end is
Benchmark used to be adjusted upon
 availability of the current year-
end unadjusted FS.
If the base is asset, the total
assets of the latest year-end
SFPos available is used.
If the base is expenditure or
revenue, the reported total
expenditure or revenues of the
latest yearend SFPer is used.
The levels of materiality
thresholds are set and applied
in the following manner,
unless a different materiality
benchmark/computation is
required thru the issuance of a
materiality circular or
guidelines:
Step 3. a. The overall materiality shall
Calculating be set at 1 percent of the total
Materiality selected benchmark.
Based on b. The performance materiality
Established shall be set at 50 percent of the
Percentages overall materiality. Testing
threshold for high value items
shall be set at 25 percent of
performance materiality.
c. The specific materiality shall
be set at 0.20 percent for the
chosen class of transactions,
account balances or
disclosures.
The percentage set for overall
materiality can be increased up
to 2 percent upon the
recommendation of the
SA/RSA and approval by the
CD/RD. The decision to
change the rate shall be based
on assessment that the entity
has a strong internal control
and has implemented audit
recommendations to address
misstatements and ensure
reliability of FS.
The performance materiality
and specific materiality can be
 decreased upon the
recommendation of the
SA/RSA and approval by the
CD/RD.
To illustrate how these levels
are computed, the following
financial information based on
the latest FS are used as
sample:
Assessing The steps are broken into: (a)
Risks and performing risk assessment;
Determining and (b) determining risk
Risk responses.
Responses
a. As discussed in the
Performing preliminary risk assessment,
Risk the SRPIR becomes the initial
Assessment basis for further risk
assessment. The Auditor shall
conduct
Audit risk model: Risk assessment
Audit Risk = involves the
Inherent Risk * identification of
Control Risk * sources of risk and
Detection Risk assessment as to
whether
information
obtained could
result in a material
misstatement in
the financial
statements. Risk of
material
misstatement at the
assertion level
(risk that the
financial
statements are
materially
misstated prior to
audit) consists of
inherent risks and
control risks which
were discussed
earlier. (ISSAI
1003)
 The Auditors should, however,
not limit their evaluation on
the risks identified during
Preliminary Assessment as
there could be intervening
events or circumstances that
may need equal attention. This
include material items in the
FS even if initially, they have
no risk as these should
eventually be included in the
audit plan.
Step 1. In standard, inherent There are two
Inherent risk is one major
Risk components of risk classifications of
Identificatio material inherent risk:
n misstatement agency risk and
(RMM) together fraud risk.
with control risk.
Step 2. They both assess the level of
Inherent inherent risk such as:
Risk a) Low
Assessment b) Medium, or
c) High
PSA 315 requires the auditor
to assess inherent risk at the FS
and account balance.
Risk Assess Level of There are two
assessment Inherent Risk such attributes:
consideratio as Low, Medium, or (i) the likelihood
n about High of a
inherent risk misstatement
occurring as a
result of the risk
with the
probability rated as
high, moderate or
low.; (ii)
the magnitude
(monetary impact)
if the risk would
occur.
Significant In the standard the Significant risks or
Risk significant risk of pervasive risks
relating to risk of affecting the FS as
material a whole are
 misstatement due to segregated
fraud.
Step 3. Require special audit
Identificatio consideration as in these cases:
n of a. large non-routine
Significant transactions;
Risks b. matters requiring judgment
or management intervention
such as changes in accounting
impairment policies;
c. error or fraud is high;
d. non-compliance with laws
and regulations; or,
e. unreliable internal control.
Step 4. The auditor shall Not all control
Understandi obtain an activities are
ng Internal understanding of relevant to the
Control internal control audit, an
relevant to the audit. understanding of
 The the controls related
reliability of to the
the entity’s risk of
financial misstatement is
reporting; necessary to
ensure that the
 The
relevant control is
effectiveness identified. This is
and initially
efficiency of undertaken during
its the preliminary
operations; risk identification.
and
Its compliance with
applicable laws and
regulations
Step 5. There is no The operating
Evaluation specified Internal effectiveness of
of Internal Control Design in internal control
Control the Standard but design can be
Design and there are Five (5) tested in the
Implementat Consideration of following manner,
ion of Internal Control, among others:
Internal which are: a. Identifying
Controls 1. Obtaining appropriate
understandin controls to be
g of the tested.
 internal b. Deciding on the
control appropriate testing
2. Documentin technique.
g the c. Determining the
understandin appropriate
g of documents to be
accounting tested.
and internal d. Determining the
control level of test
system (period to be
3. Assessing covered,
the level of representative
control risk sample, extent).
4. Performing
the test of
controls, and
5. Documentin
g the
assessed
level of
control risk
Step 6. Final It does not specify Review the results
Risk in the standard. of the risk
Assessment assessment
procedures
performed, and
assess the risks of
material
misstatements at
the FS level and
the assertion level
for classes of
transactions and
disclosures guided
by the Risk
Decision Table.
b. The acceptable level Responses to the
Determining of detection risk results of the risk
Risk depends on the assessment are
Responses assessed level of based on the
inherent risk and decision model.
control risk (Inverse Risk responses:
relationship). a. When both
The auditor’s inherent
reaction to level of and control
detection risk: risks are
 a. Lower low, the
acceptable overall
level of RMM is
detection also low.
risk, higher b. When the
assurance. inherent
risk is low
Higher acceptable but the
level of detection control risk
risk, low assurance. is
moderate, a
low overall
RMM is
established.
c. When
inherent
risk is low
but control
risk is high,
the RMM
is
moderate.
d. When
inherent
risk is
moderate
and control
risk is low,
the RMM
is low.
e. When both
inherent
and control
risks are
moderate,
the RMM
is also
moderate.
f. When
inherent
risk is
moderate
and control
risk is high,
the RMM
is high.
 g. When
inherent
risk is high
and control
risk is low,
the RMM
is
moderate.
h. When
inherent
risk is high
and control
risk is
moderate,
RMM is
high.
When both
inherent and
control risks are
high, RMM is
high.
Fundamental ISSAI 1450 requires the
elements in auditor to revise the overall
preparing audit strategy if:
the audit (a) the nature of identified
engagement misstatements and the
plan: circumstances of their
A. Updating occurrence indicate that other
the Overall misstatements may exist that,
Audit when aggregated with
Strategy misstatements accumulated
during the audit, could be
material; or
(b) the aggregate
misstatements accumulated
during the audit, approaches
the materiality level
determined in accordance with
ISSAI 1320.
B. Preparing An audit program contains the
the Audit audit procedures to be
Program performed for a specific audit
objective for the
financial account and the risks
identified by assertion. Audit
Program for each audit areas
 included in
the overall audit strategy
should be prepared.
C. Preparing There is no EPM sets out the
the specified EPM in objectives of the
Engagement the standard. audit and spells
Planning out how the
Memorandu auditor aims to
m achieve these
objectives.
This Memorandum
contains the
following:
Part 1 – Audit
Coverage,
Objective and
Methodology
a. Audit
Scope/coverage-
should be clearly
described;
b. Audit objectives
-should be clearly
defined; and,
c. Audit
methodology-
should be clearly
established
supported with
audit programs.
Part 2 -
Significant
contents of the
Overall Audit
Strategy
A brief narration
of the major
activities to be
performed
supported by the
final overall audit
strategy updated
brought about by
new conditions,
unforeseen events,
or audit evidence
obtained from the
results of audit
procedures which
includes the
following, among
others:
a. Materiality
thresholds;
b. The number of
staff to conduct the
audit;
c. The major
timelines: entrance
conference, exit
conference,
securing
management
representation
letter, audit report
issuance;
d. Coordination
activities relative
to a nationwide
audit;
e. Inspections to be
conducted; and,
f. External
confirmations to
be performed.
Part 3 –
Summary of
major accounts
and assertions for
audit
considerations
a. Accounts and
Assertions with
high risks of
material
misstatements and
significant risks
identified in the
final risk
assessment
template.
(Appendix 2-8)
 b. Other Material
Accounts (OMA)
refer to financial
statement accounts
above or equal to
the performance
materiality but
were not
considered as
significant based
on the results of
the Final Risk
Assessment.
c. Special
Considerations:
Related Parties,
Litigation and
Claims, Segment
Reporting and
Subsequent Events
Part 4 – Audit
Program

MULTIPLE QUESTIONS
1. An analysis that will show whether the figures presented and disclosed are reliable and
properly presented
A. Vertical Analysis
B. Horizontal Analysis
C. Tie-in Analysis
D. Variance Analysis
Answer: C
2. If the auditor is unable to determine whether non-compliance has occurred because of
limitations imposed by the circumstances rather than by management or those charged
with governance
A. The auditor shall, in accordance with ISSAI 1705, express a qualified opinion or an
adverse opinion on the FS
B. The auditor shall evaluate the effect on the auditor’s opinion in accordance with ISSA
1705
C. The auditor shall express a qualified opinion or disclaim an opinion on the FS on the
basis of a limitation on the scope of the audit in accordance with ISSA 1705
D. The Auditor will cry
Answer: B
 3. S1. Although the auditor may suspect, or in rare cases, identify the occurrence of fraud,
the auditor does not make legal determinations of whether fraud has actually occurred.
S2. Non-compliance by the entity with laws, rules and regulations may result in a
material misstatement of the financial statement.
S3. If the auditor concludes that the non-compliance has a material effect on the FS, and
has not been adequately reflected in the FS, the auditor shall express an adverse opinion
or a qualified opinion.
A. All statements are false
B. 3 statements are true
C. 2 statements are true
D. Only 1 statement is true
Answer: B
4. Statement 1. Establishing the audit strategy involves settings the scope, timing and
direction of the audit towards the development of an Audit Engagement Plan.
Statement 2. In establishing the overall audit strategy, the auditor shall consider the
results of preliminary engagement activities and, where applicable, whether knowledge
gained on other engagements performed by the engagement partner for the entity is
relevant.
Statement 3. The overall audit strategy is prepared by the Audit Team Leader while the
Regional Supervising Director will approve it.
Statement 4. Modifying the overall audit strategy is allowed, but must be approved by
the Regional Supervising Director.

a. One statement is false

b. Two statements are false
c. Three statements are false
d. All the statements are false

Answer: B, Statement 3 and 4 are False it should be Cluster Director/Regional Director.

5. Statement 1. Risk is the probability of an act or event occurring that would have an
adverse effect in the achievement of an achievement of an agency’s objectives.
Statement 2. Agency Risk defines as threat that an event, action or inaction will
adversely affect the agency’s ability to successfully achieve its mandate and objectives
and execute its strategies.
Statement 3. The components of Audit risks are Inherent, Control and Detection Risk.
Statement 4. One of the bases in preliminary assessment of control risk is obtaining
information from the results of walkthrough procedures in understanding the process
activity

a. One statement is true

b. Two statements are true
c. Three statements are true
d. All the statements are true
Answer: D
6. Which of the following is incorrect regarding the developing of the audit program?
a. The auditor may use standard audit programs or audit completion checklist but should
appropriately tailor to suit the circumstances on particular engagement.
b. It provides a proof that the audit was adequately planned.
c. An audit program at the beginning of the audit process is temporary because a
complete audit program for an engagement generally should be developed before
evaluation of internal control.
d. The form and content of audit program may vary for each particular engagement.
Answer: C. An audit program at the beginning of the audit process is temporary because a
complete audit program for an engagement generally should be developed before evaluation of
internal control.
7. The risk that financial statements are likely to be misstated materially without regard to
the effectiveness of internal control is which type of risk?
a. Agency risk
b. Significant risk
c. Audit risk
d. Inherent risk
Answer: D. Inherent risk
8. S1: When both inherent and control risk are low, the overall RMM is also low. Hence,
further testing of controls is performed to firm up the audit conclusion reached together
with a low level of substantive tests.
S2: When inherent risk is moderate and control risk is low, the RMM is moderate. More
tests of controls are performed to firm up the audit conclusion, with a low level of
substantive tests.
S3: When inherent risk is moderate and control risk is high, the RMM is moderate. Hence
no reliance is placed on controls meaning, no tests of controls are necessary. A high level
of substantive tests is however needed.
S4: When inherent risk is moderate and control risk is high, the RMM is low. Hence no
reliance is placed on controls meaning, no tests of controls are necessary. A high level of
substantive tests is however needed
a. All statements are true c. 2 statements are true
b. 3 statements are true d. Only 1 statement is true
Answer: D. Only 1 statement is true. When both inherent and control risk are low, the overall
RMM is also low. Hence, further testing of controls is performed to firm up the audit conclusion
reached together with a low level of substantive tests.
 9. To enhance the Auditor’s understanding of the audit entity, the following steps shall be
undertaken except?
a. Creating a general overview of the entity’s organization and operations
b. Assessing related parties transactions
c. Assessing other matters for consideration
d. Updating information base for financial audit and conducting preliminary risk
assessment.

Answer: A

10. It is an integral process that is effected by an agency’s management and personnel, and is
designed to address risks and provide reasonable assurance that in pursuit of the agency’s
mission, the general objectives are being achieved.
a. Test of data
b. Substantive test
c. Internal control
d. Analytical procedure
Answer: C
11. Which statement is not correct regarding the component of internal control?
a. Information & Communication is effective processes and systems that identify,
capture and report operational, financial and compliance-related information in a
form and timeframe that enable people to carry out their responsibilities.
b. Monitoring is the process that assesses the quality of the internal control system’s
performance over time.
c. Risk Assessment is process of identifying and analysing relevant risks to the
achievement of the agency’s objectives and determining the appropriate response.
d. Control Activates is sets the tone of an organization, influencing the control
consciousness of its staff. It is the foundation for all other components of internal
control, providing discipline and structure.
Answer: D
12. what do you call the templates the use in evaluation of Internal Control structure?
a. Agency-Level Controls Checklist
b. Agency-Lower Controls Checklist
c. Account-Level Controls Checklist
d. Agency-Level Controls Check
Answer: A
13. These are examples of controls risk, except
a. Non preparation of bank reconciliation
b. Non-preparation of monitoring reports
c. Unreconciled accounts
d. Delay in recording transactions such as liquidation reports, issuances of supplies and failure to
recognize book reconciling items

Answer: B

14. Materiality is primarily based on the auditor’s professional judgment, such judgment should
consider:
a. Qualitative factors only
b. Quantitative factors only
c. Both quantitative and qualitative factors
d. Monetary factors

Answer: C

15. If its omission or misstatement could influence the economic decision of users taken on the
basis of the financial statements, it is
a. Material
b. Relevant
c. Significant
d. Threshold

Answer: A