AU 4013 Introduction to Auditing

SUNWAY DIPLOMA STUDIES

AU4012
Introduction to Audit
 AU 4013 Introduction to Auditing

Programme : Diploma in Accounting

Diploma in Finance
Subject Code and Title AU4012 Introduction to Audit
Credit Value : 3 Credit
Contact Hours 50 Hours/semester (42 hours of lecture + 8 hours of tutorial + 0 hour
of practical or demonstration)
Prerequisite(s) : Nil
Lecturer : Mr Lim Wee Leek
E-mail address : [email protected]
Telephone No :
Consultation Day/time :

Subject description

This subject introduces the student to the nature and purpose of an audit, including the duties
and liability of auditors, the regulation that auditors must adhere to and the areas relating to
the process of an audit of financial statements

Learning Outcome

Upon successful completion of this subject, the student will be able to acquire the following
learning and skill outcomes:

1. Explain the purpose and scope of an audit and its regulatory framework
2. Explain how an auditor assesses risk and plans an audit
3. Identify the principles of internal control and describe and evaluate the features of
information systems

Delivery Methods

The mode of delivery for this subject is on a conventional basis of face to face interaction.
This will include different methods of blended learning i.e. group discussion, peer learning and
quizzes to ascertain students’ understanding at the end of each topic
Assessment Methods and Types

Coursework 1 : Written Assignment 30%

Coursework 2 : Mid-term examination 20%

Coursework 3 : Final Examination 50%

The material has been compiled for classroom use purpose.

 AU 4013 Introduction to Auditing

CONTENT

Pages

Chapter 1: Introduction 1

Chapter 2: Regulatory Framework 8

Chapter 3: Professional Ethics 16

Chapter 4: Appointment of Auditors 23

Chapter 5: Audit Planning 30

Chapter 6: Risk Assessment 52

Chapter 7: Internal Control 73

Chapter 8: Test of Control (Sales, Purchase, wages) 96

Chapter 9: Test of Control (Cash, Inventory, Assets) 115

AU 4013
AU 4013 Introduction to Auditing

CHAPTER 1: INTRODUCTION
1.0 STEWARDSHIP, ACCOUNTABILITY AND AGENCY

The concept of separate legal entity means the separation of ownership and the management of
the company. For listed companies, the owners (shareholders) of company may not be
involved in the daily operation of company. The company will be manage by directors, who
are elected by shareholders. Therefore, the directors have the stewardship of the company on
behalf of the shareholders who appoint them. In essence, the agency theory applies to the
directors, therefore, they are accountable to the shareholders.
The shareholders expect a return on investment, while the directors expect to be paid for salary.
Thus shareholders need to have confidence that accounts prepared by directors are accurate and
comply with the required standards and regulations. To ensure that the financial statements are
drawn accurately, they appoint auditors to check its financial statements and to report on its
truth and fairness. Therefore, the auditors are accountable to the shareholders and the agency
theory applies.

Hence, both the directors and the auditors are the agents of the shareholders and they are all
accountable to the shareholders as a body. They a have fiduciary relationship with the
shareholders. Fiduciary relationship refers to a ‘relationship of good faith’. In this case, the
directors must manage the company in good faith, i.e., in the best interest of the shareholders.
As for the auditors, they have to act in good faith, i.e., report their audit opinion objectively. To
do so, the auditors will need to be independent in many aspects.

Shareholders
Report to the shareholders
-Audit Report

Appoint Own Appoint

Manage The Company – Financial Audit

Director statements (prepared by the Auditor
directors to the shareholders)

pg. 1
AU 4013
AU 4013 Introduction to Auditing

An overview of the Principal-Agent relationship

The concepts of accountability, stewardship and agency.

• Accountability means that people in positions of power can be held to account for their
action. For example, they are compelled to explain their decision/action or be punished if
they have misuse their power.

• Stewardship is the responsibility to take good care of resources. A steward is someone

employed to manage another person's property.

• A fiduciary relationship is a relationship of good faith such as between directors and

shareholders. The directors must take their decisions in the interests of the shareholders
rather than in their own personal interest.

• Agents are people employed or used to provide a particular service. In the case of a
company, the people being used to provide the service managing the business also have the
second role of being people in their own right trying to maximise their personal wealth

• Directors’ Accountability and Responsibilities.

Directors are accountable to the shareholders for the assets that they control on their behalf.
It means that the directors are responsible for the preparation of the accounts of the
company. If the directors ask accounting firm to perform its accounting functions, they
could not escape their responsibilities to the shareholders.

Under the Companies Act, 1965, the statutory duties of company directors in relation to
accounting functions are:

➢ Ensuring proper accounting records are kept. Directors are required to design the
accounting system and keep all the accounting records of the companies in a proper
manner.

➢ Taking reasonable steps to safeguard the assets of the company and prevent and detect
fraud and errors. Directors are responsible for designing an effective internal control
system to protect the companies‟ assets from any possibility of fraud and error.

➢ Preparing financial statements that give true and fair view. Though, directors may
delegate the preparation of financial statements to accountant, they are still responsible
for ensuring the financial statements are drawn up in accordance with the standards and
regulation.

➢ Adopting good accounting policies and establish adequate internal control.

Directors are responsible for compliance to the best practice of accounting standards
and effective internal control system.
pg. 2
AU 4013
AU 4013 Introduction to Auditing

2.0 TYPES OF AUDIT

There are generally TWO types of audit – external and internal
External audit – statutory audit and non-statutory audit. In brief, statutory audit is required
under company law while non-statutory audit is mainly the audit of unincorporated
organizations.

2.1 STATUTORY AUDIT

In Malaysia, external audit of financial statements is mandatory. Under the Companies Act,
1965, there are two main requirements relating to the auditor’s reporting duties:

➢ The auditor must state, whether in his opinion, the financial statements have been
properly drawn up in accordance with the provisions of the Act and applicable approved
accounting standards, so as to give a true and fair view of the company’s state of affairs
and result of operations; and matters required by section 169 to be dealt with in the
financial statements; and

➢ The auditor must state, whether in his opinion, the accounting and other records and the
registers required by the Act to be kept by the company, have been properly kept in
accordance with the Act.
The key terms are as follow:
• ‘financial statements’ – normally include a statement of financial position, an income
statement, a statement of cash flow, and the accompanying notes to the financial statement.

• ‘opinion’ – based on judgment; not a certificate or guarantee. After all, the auditors cannot
examine every single transaction or account balance, thus they cannot give a guarantee
anyway!

• ‘true and fair view’ – see below.

Rule of thumb as follows:-
True
Information is factual and conforms with reality, not false. In addition the information
conforms with required standards and law. The accounts have been correctly extracted from the
books and records
Fair
Information is free from discrimination and bias in compliance with expected standards and
rules. The accounts should reflect the commercial substance of the company’s underlying
transactions.

pg. 3
AU 4013
AU 4013 Introduction to Auditing

2.1 THE LEVELS OF ASSURANCE

The International Framework for Assurance Engagement, hereafter known as The Framework,
stated that there are only TWO (2) types of assurance engagement, namely a reasonable
assurance engagement and a limited assurance engagement.

Reasonable assurance means the auditor obtains certain degree of comfort that the financial
statements do not contain material misstatement.

Why reasonable (less than 100%) assurance? Or why not absolute (100%) assurance?

This is because auditing has some inherent limitations. These inherent limitations are:

• Use of sampling testing.

Auditors must work within the time constraint, the technical knowledge needed as well as
the consideration of Cost vs. Benefits when carrying out the audit. Auditors use samples to
test the transactions because it is impossible for auditor to check every transaction. When
applying sampling, there is always a risk of taking the wrong samples.

• Inherent limitations of internal control.

Accounting and internal control systems cannot cover every aspect of the company’s
operations therefore we cannot have perfect assurance that everything is perfectly correct.
There is always possibility of
- employee collusion
- management override or
- human errors.

• Audit evidence is persuasive, not conclusive.

Persuasive means giving evidence to believe; whereas, conclusive means 100% correct or
wrong. Any evidence we collected can only persuade us to believe the substance of the
evidence but there is no assurance that the evidence is a genuine one.

• Use of auditor’s judgement.

Auditors often use professional judgement to make decision where there is always a risk that
the judgement may be inappropriate. The auditors need to determining the nature, timing
and extent of audit procedures, the drawing of conclusions based on audit evidence gathered,
etc. Therefore, there is no assurance that the judgment is perfectly correct. Therefore, the
auditors, in performing the audit, can only be reasonably certain, but not absolutely certain,
that the financial statements are not materially misstated.

pg. 4
AU 4013
AU 4013 Introduction to Auditing

2.2 BENEFIT OF A STATUTORY AUDIT

The audit is to enable the auditor to issue an audit report to be attached to the financial
statements, which will add credibility to the financial statements. Users of financial statements
require reliable information for decision-making purposes and audited financial statements will
invite greater reliance being placed by the users and hence facilitate the economic decision-
making of the users.
Advantages of a statutory audit
a. Dispute between management may be more easily settled
b. shareholders will have more confidence in the directors whom they have entrusted with in
managing the company when the company is subject to an audit.
c. Major changes in ownership may be facilitated if the past accounts contain an unqualified
audit report
d. To enhance the loan application
e. To serve as a basis for preparation of tax returns

Disadvantages of an Audit
a. Audit fee is incurred
b. Disruption of work to the client’s staff

2.4 AUDIT REPORT

The audit report is the final product of the whole exercise of an audit of financial statements. It
sets out, among other things, what the auditor has done to enable him to form the audit option
(“Basis of opinion”) and whether the financial statements give a true and fair view (“Opinion”).

3.0 Fraud and Error

3.1 Fraud
Fraud means an intentional act by one or more individuals among management, employees or
third parties, which results in a misstatement of the financial statements.
Fraud may involve the following:
• Manipulation, falsification or alteration of records or documents
• Misappropriation of assets
• Suppression or omission of the effects of transactions from records or documents
• Recoding of transactions without substance
• Misapplication of accounting policies.

pg. 5
AU 4013
AU 4013 Introduction to Auditing

3.2 Error
Error means unintentional misstatement in financial statements
An auditor is a ‘watchdog’, not a ‘bloodhound’. It is not the auditor’s responsibility to discover
frauds. However, the auditor should design audit procedures to obtain reasonable assurance that
misstatements that are material to the financial statements taken as a whole, arising from frauds
or otherwise, are detected. The auditor should plan and perform the audit with an attitude of
professional scepticism, recognizing that conditions or events may be found that indicate that
fraud or error may exist.

4.0 Distinction between Auditing and Accounting

These activities are closely related but separated activities. It is very common that some
companies engage the same accountant from the same accounting and audit firm to prepare the
accounts. It should make clear that the directors are still responsible for the preparation of
accounts.
a) A………………… is the recording, classifying and summarising of transactions in a
systematic manner for the purpose of providing financial information for decision making.
b) A……………… is a process of reviewing the transactions and balances of accounting
records to project a true and fair view of the financial position of the company.
c) Different types of audits and auditors

pg. 6
AU 4013
AU 4013 Introduction to Auditing

5.0 INTERNAL AUDIT (IA)

It covers wide areas, e.g. financial audit, operational audit, etc. The reason for its wide
coverage is due to internal audit being defined and decided by the management. Thus, the
management will determine the need for internal audit. It is employed to ensure the orderly and
efficient running of the business. A properly function of IA is part of a good corporate
governance, as recognised by national and international codes on corporate governance. IA
enable management exercises proper risk management

Difference between internal audit and external audit

Internal Audit External Audit
Scopes Cover all area including operation and Financial focus
finance
Approach Risk based, assess risk, evaluation on Risk based, test on transactions
control system, test on operations of that form the basis of the final
system, and make recommendations financial statement
for improvement.
Advise and make recommendations on Form opinion on financial
Responsibility internal control and corporate statements.
governance.
Advise to protect organisation against
Provide opinion on financial
Objectives loss due to weak internal control statement whether provide True &
Fair view
Legal No legal requirement. But Legal requirement to have an
recommended to have internal audit audit on their financial statement
dept for good corporate governance
practice

Apart from audit, there are other types of non-audit engagements known as review
engagements. Examples of review engagements are review of financial statements and
agreed-upon procedures, etc.

pg. 7
 AU 4013 Introduction to Auditing

CHAPTER 2 : REGULATORY FRAMEWORK

1.0 THE REGULATORY FRAMEWORK

The conduct of statutory audit is governed by rules and standards set by these groups:
(i) The professional bodies (MIA, ACCA etc) – They set the professional code of ethics.

(ii) International Federation of Accountants (IFAC) – It sets the accounting and auditing
standards. In Malaysia, we have to comply with the accounting and auditing standards
approved by the Malaysian Institute of Accountings, MIA.

(iii) The government – It sets the company law as well as the issuance of audit license.

2.0 INTERNATIONAL FEDERATION OF ACCOUNTANTS (IFAC)

IFAC is the organization for the accountancy profession of the whole world. IFAC comprises
157 members (of which ACCA is one of them) and associates in 123 countries, representing
more than millions accountants employed in public practice, industry and commerce, government,
and academic.
The roles of IFAC are to establish and promote adherence to high-quality international
standards, to facilitate collaboration and cooperation with member bodies, and to serve as
spokesperson for the international profession on relevant public-policy issues. IFAC is
responsible to protect the public interest by developing, promoting, and enforcing
internationally recognized standards as a means of ensuring the credibility of information
upon which investors and other stakeholders depend.

3.0 INTERNATIONAL AUDITING AND ASSURANCE STANDARDS BOARD (IAASB)

IAASB is a subsidiary of IFAC. The goals of IAASB is to serve the public interest by setting
high quality auditing, assurance, quality control and related services standards and by facilitating
the convergence of international and national standards, thereby enhancing the quality and
uniformity of practice throughout the world and strengthening public confidence in the global
auditing and assurance profession.
More than 100 countries are using or are in the process of adopting or incorporating International
Standards on Auditing (ISAs), issued by the IAASB, into their national auditing standards or
using them as a basis for preparing national auditing standards.

8
 AU 4013 Introduction to Auditing

4.0 THE PROCESS OF SETTING ISAs

The process of setting ISAs involves many stages. These are as follows:

1. IAASB will set up a project task force. The primary responsibility of the task force is to
develop a draft standard or practice statement. The task force will develop its draft based
on appropriate research and consultation.

2. A proposed standard is presented as an agenda paper for open discussion and debate at
an IAASB meeting.

3. The exposure drafts (ED) will be placed on the IAASB’s website as well as distributed to
the public for comment for a period of not fewer than 120 days.

4. IAASB will consider all the comments and suggestions received and the exposure draft
will be revised where necessary. If the changes made are substantive, IAASB may
consider re-issuing the exposure draft for further comment.

5. When it is finalised, approval of exposure drafts, re-exposure drafts, international

standards and practice statements is made by the affirmative vote of at least two- thirds
of the members.

5.0 ISAs AND THE NATIONAL STANDARDS AND REGULATIONS

IFAC have no legal backing in the individual countries as it is just a group of professional bodies
in the world. Therefore, individual countries must set up its own regulations and standards for
both auditors’ regulations as well as the standards to carry out audit.
In Malaysia, the Malaysian Institute of Accountants (MIA) is responsible for these roles. It is a
statutory body set up by the government to regulate accountants and auditors in Malaysia. The
following are main responsibilities of MIA:

• To determine the qualifications of persons for admission as its members;

• To regulate the practice of the profession of accountancy in Malaysia;

• To provide for the training and education by the Institute or any other body, of persons
practising or intending to practice the profession of accountancy;

• To approve the Malaysian Institute of Accountants Qualifying Examination (QE) and to

regulate and supervise the conduct of that Examination.

Malaysia has adopted many ISAs, IASs and IFRSs as its standards. Some of these standards have
been modified to suit the local environment.

9
 AU 4013 Introduction to Auditing

THE AUDITORS

6.1 Eligibility to act as Auditor

In Malaysia, to be eligible to act as a company auditor one must have a valid audit license issued
by the Ministry of Finance. To have such a license, one must undergo interviews with panels
from the Ministry of Finance, Inland Revenue Board, MIA, Companies Commissioner of
Malaysia and other regulatory organizations.
6.2. Prohibitions to act as auditor
In most countries, the laws prohibit those who are closely connected to the employees and
officers of the company from acting as the auditor for that company. Officer here cover the
company directors and the company secretary.
Apart from the legal prohibitions, MIA’s Code of professional conduct also prohibits certain
people from acting as the company’s auditor. In general, those who are not independent from
the company’s operations will not be eligible to act as company auditor under the Code.

A person is prohibited from acting or accepting an appointment as the auditor of company if he

is:

• Indebted to the company or its related company in an amount exceeding RM2,500.

• An officer of the company.
• A partner, employer or employee of an officer of the company.

6.3. Appointment of Auditors

The shareholders (or members) is responsible for the appointment of the company auditor. The
directors may then nominate the auditors in the annual general meeting and it is the
shareholders who will approve the appointment. The duration of the tenure of the auditor is
usually one year, i.e., from one AGM to the next.
There are instances where the Directors of the Company is allowed to appoint the company
auditors:-

• To fill a casual vacancy, whereby the auditor resigns or dies during the accounting period;
and

• From the date of incorporation to the 1st AGM.

Where after an AGM, the shareholders cannot agree on the appointment of the company auditors,
the Secretary of Company will then choose the company’s auditors.

10
 AU 4013 Introduction to Auditing

6.4 Removal and resignation of auditors

Departure from auditor’s office. Auditors can leave office by one of the following reasons:-

• Being removed at a general meeting before their term of office is expired.

• Being removed at a general meeting at which their term of office is expired.
• Resignation
• Not seeking reappointment.

Any removal or resignation of auditor before the end of the audit contract implies serious
disagreement between auditor and client. If auditors disagree with the fee or accounting practices,
they simply do not offer themselves to be reappointed.

6.4.1. Removal of auditor by the company

• Removal must usually be notified to regulatory authority. 2/3 majority resolution is

required to remove an auditor. The concerned auditor is given the right to make written
representations and speak at the meeting or AGM.

• Removal procedures. The reasons to have removal procedures are to ensure that the
auditors are not removed for improper reasons without the knowledge of the shareholders
and auditors do not seek to avoid their responsibility by going quietly.

Removal Procedure Description

1. Notice of removal A special notice (28 days) of the intended resolution to be given to
the company and auditor. Directors must convene meeting to take
place within the stipulated time.

2. Representations Auditors can make written representations on why they ought to

stay in office, and may require company to state in the special
notice that representations have been made and send a copy to
members prior to the meeting. Unless the courts, on application of
the company, direct otherwise, the company must send out these
representations. If not sent out, perhaps due to some practical
issues, the auditor may request that the representations be read
out at the meeting

11
 AU 4013 Introduction to Auditing

3. If resolution is passed (a) Company must notify regulatory authority (CCM)

(b) Auditors must deposit statement of circumstances at
company's registered office within 14 days of ceasing to hold
office. Statement must be sent to regulatory authority.
4. Auditor rights Auditor can receive notice of and speak at:
(a) General meeting at which their term of office would have
expired
(b) General meeting where casual vacancy caused by their removal
to be filled
The auditor will have to issue a written statement either:
(i) Statement of ............................ (Some disagreement issues need to be highlighted to the
attention of the shareholders. E.g. Fraud, severe disagreement over accounting practice) ,OR
(ii) Statement of ............................. (No issues need to be brought to the attention of the
shareholders. E.g. Disagreement over auditor fee)

6.4.2. Resignation of auditor

Resignation usually requires written notice by the auditor to the company and to the registered
office. It also requires a statement of circumstances. The auditor concerned is permitted to speak
and communicate in writing with shareholders and other stakeholders.

Procedure
1. Inform Auditors deposit written notice together with statement of
circumstances or statement that no circumstances exist
relevant to members/creditors

2. Notice of resignation Sent by company to regulatory authority

3.Statement of circumstances Sent by: (a) Auditors to regulatory authority

(b) Company to everyone entitled to receive a
copy of accounts

4. Convening of general meeting Auditors can require directors to call extraordinary general
meeting to discuss circumstances of resignation.
Directors should call a meeting as soon as practicable upon
receiving the requisition by auditors.

12
 AU 4013 Introduction to Auditing

5.Statement prior to general meeting Auditors may require company to circulate (different)
statement of circumstances to everyone entitled to notice
of meeting
6. Other rights of auditors Auditors can receive all notices and speak at:
(a) A general meeting at which their term of office would
have expired
(b) A general meeting where casual vacancy caused by
their resignation to be filled

In all cases of appointment and removal or resignation, the auditor must obtain permission from
the company to communicate with either the outgoing auditor or the incoming auditor and
indicate any reasons the appointment should not be accepted.

6.5 Duties, Rights and Responsibility of auditor

Auditor’s rights and duties

The audit is primarily a statutory concept, and eligibility to conduct an audit is often set down in
statute. Similarly, the rights and duties of auditors can be set down in law, to ensure that the
auditors have sufficient power to carry out an effective audit.

6.5.1 Auditor’s Duties

The duties of the auditors are:-

(a) To report the shareholders/directors on whether the financial statements show true
and fair view and have been properly prepared, in all material respect, in accordance
with legislation and applicable accounting standards.

(b) To consider whether the information in the management report is consistent with the
audited financial statement

(c) To give various details required by legislation in their report. Common details are
director’s transactions & emoluments.

(d) To report on any violation of law or the company’s constitution.

(e) To make a ‘statement of circumstance’ when they cease to hold office for any reason.

13
 AU 4013 Introduction to Auditing

6.5.2 Auditor’s Rights

The principal rights auditors should have, excepting those dealing with resignation or removal,
are set out in the table below, and the following are notes on more detailed points.

Rights

1. Access to records A right of access at all times to the books, accounts and
vouchers of the company.

2. Information and explanations A right to require from the company's officers such
information and explanations as they think necessary for
the performance of their duties as auditors.

3. Attend general meetings A right to attend any general meetings of the company
and to receive all notices of and communications relating
to such meetings which any member of the company is
entitled to receive.

4. To speak at general meetings A right to be heard at general meetings which they attend
on any part of the business that concerns them as auditors.

5. In relation to written resolutions A right to receive a copy of any written resolution

proposed.

6. Laying of accounts A right to give notice in writing requiring that a general

meeting be held for the purpose of laying the accounts and
reports before the company.

6.5.3 Auditors’ Responsibility for the Prevention & Detection of Fraud & Error

ISA 240: The Auditor’s Responsibility to Consider Fraud in an Audit of Financial Statements
states that:-

• Fraud is to intentional acts which may involve the falsification of documents or

misappropriation of assets.
• Error is the unintentional misappropriation of accounting policies, oversights or
misinterpretations of facts.

In the new audit engagement, auditors should be very careful to avoid accepting responsibility
for detection of fraud that they cannot discharge. The responsibility on prevention and detection
of fraud and errors are as follow:

14
 AU 4013 Introduction to Auditing

1. External Auditor’s responsibility is to ASSESS the risk that fraud or error may cause the
financial statements to contain material misstatement.

2. The objective of an audit is to report on the truth and fairness of the financial information
but not purposely to detect fraud and errors. However, in the course of conducting audit
if the auditor discovers the fraud and material misstatements affecting the financial
statements, auditor should investigate further.

3. Auditor must perform the auditing with an attitude of......................................... i.e. it

requires that the auditor objectively evaluate audit evidence. This means the auditor should
constantly maintain a critical and questioning mind in assessing the validity of audit
evidence he accumulates during the audit process.

4. An attitude of professional scepticism is necessary for the auditor to identify circumstances

that increase the risk of a material misstatement resulting from fraud or error, and
suspicious circumstances that indicate that the financial statements are materially misstated.
If the auditor suspected that there might be a material misstatement due to fraud or error, the
auditor would be more sensitive to the selection and type of evidence examined.

6.5.4 Management responsibility in preventing fraud & error

Management is responsible for the prevention and detection of fraud. They should implement
and operate adequate internal control system to safeguard the assets.

6.5.5 Internal Auditor’s responsibility in preventing fraud and error.

Internal auditor is to REVIEW the measures that designed by management to ensure adequate
control is in place.

Internal auditor can help management manage risks in relation to fraud and error by

1. commenting on the process used by management to identify fraud and error risks.

2. commenting on the appropriateness and effectiveness of actions taken by management to

manage the risks identified

3. periodically auditing or reviewing systems or operations to determine whether the risks of

fraud and error are being effectively managed;

4. monitoring the incidence of fraud and error, investigating serious cases and making
recommendations for appropriate management responses

15
 AU 4013 Introduction to Auditing

CHAPTER 3 : PROFESSIONAL ETHICS

1.0 INTRODUCTION TO PROFESSIONAL ETHICS

In performing his or her professional work, whether auditing or anything else, the auditor must
comply with the rules of professional conduct laid down by the professional accountancy body
concerned. In Malaysia, there are the statements of professional ethics promulgated by the
Malaysian Institute of Accountants (MIA), which are binding on all its members.

Ethical rules laid down by different professional bodies are very similar and are basically derived
from the same principles and consideration.

2.0 CODE OF ETHICS AND CONDUCT

ACCA Code of Ethics and Conduct covers two main areas, i.e., the fundamental principles and
the threats and safeguards.

2.1 Fundamental Principles

The ACCA rules as well as the IFAC Code of Ethics and Conducts provide ethical guidance for
all members in its five fundamental principles of integrity, objectivity, professional competence,
and due care, confidentiality and professional behavior in all dealings.

• Integrity - member must be honest and act in probity in all business and professional
relationship. Members must act to the best interest of the clients and disclose any information
that is necessary to aid the clients in making sensible decisions.

Example: An accountant must prepare financial statements that reflect the true and fair view
of the financial position and the result of the company. Even if the management offers any
rewards for the accountant to falsify the financial records, the accountant is, under no
circumstances, to accept the rewards and prepare financial statements that mislead the users.

• Objectivity - members must act in an objective capacity and not allow bias, conflicts of
interest or undue influence of others to override professional and business judgement.

Example: An accountant should try not to accept the assignment as advisor for two rival
companies which are competing for the same tender.

pg. 16
 AU 4013 Introduction to Auditing

• Professional competence and due care - Members have a continuing duty to maintain
professional knowledge and skill at a level required to ensure that a client or employer receive
competent professional service based on current developments in practice, legislation and
techniques. Members must illustrate the diligence expected of a professional. The members
must also ensure its subordinates who are carrying out their assignment illustrate the same
competence and skills.

Example: Accountants must pass stringent professional examinations before being

qualified. After qualification, accountants must undergo Continuous Professional
Development courses (CPDs) to ensure they are updated with relevant changes in legislations
and standards that affect them as accountants.

• Confidentiality – Members should respect the confidentiality of information acquired as a

result of professional and business relationships. Members must refrain from disclosing any
information to third parties without proper authority and consent from the clients. Members
can only disclose the information to a third party where there is professional or legal duty to
do so. In addition, members must not take advantage of the information for personal gain. The
exceptions to this rule will be if the auditor is called to testify in a criminal proceeding or a
civil action suit, for example a negligence claim, a disciplinary hearing from the professional
body, or suing for an outstanding fee.

Example: Auditor cannot disclose the fact that one of his clients is facing great risk
of liquidation to the client's suppliers even though he may know this supplier personally.

• Professional behaviour - members must behave with courtesy and consideration during the
course of work. They must observe all legislations and regulations and they must not, by
any means, bring discredit to the accountancy profession.

Example: A prospective auditor must not criticize the existing auditor with the aim of gaining
the appointment. Also, he or she must offer unduly low fees in order to secure an audit
assignment.

pg. 17
 AU 4013 Introduction to Auditing

2.2 Threats
Compliance with the fundamental principles may potentially be threatened by a broad range of
circumstances.
The Code of Ethics for Professional Accountants of the IFAC specify these threats into FIVE (5)
categories:
1) threat
2) threat
3) threat
4) threat
5) threat

1) Self-interest threat
There are many examples of a self-interest threat arising in the Code.
Example of self-interest threat:
➢ The audit firm has a financial interest in an audit client
The assurance firm, a member of the assurance team or an immediate family member of a
member of the assurance team are not allowed to hold direct financial interest or an indirect
material financial interest in a client.

If an auditor inherits shares in a client company he should try and sell them as soon as possible,
and keep the firm informed about what is going on.

➢ Audit staff move to work at the audit client

If a member of the audit team joins the audit client, the audit firm must assess whether a
‘significant connection’ still remains between the audit firm and the former employee.

A significant connection exists if the employee is entitled to benefits from the audit firm
(unless it is fixed and predetermined, and not material to the firm), or if the employee continues
to participate in the audit firm’s business or professional activities.

If significant connection exists, no safeguards could reduce the threat to an acceptable level.
Therefore, the audit firm should not undertake/ continue the engagement.

If there is no significant connection, the audit firm should assess the level of independence
threat and implement safeguards to mitigate the threat.

➢ There are family/personal relationship between audit staff and client.

The audit firm needs to take steps to ensure that neither the practice nor a partner or employees
of the firm are closely connected with a client or an officer or employee of a client. The firm
would generally need to consider close ties of blood, business or friendship. This is more of a
problem for partners and senior members of staff, as they are more important, and if there is a
close relationship involving a partner, the firm may need to reject the audit appointment in the
first instance.

pg. 18
 AU 4013 Introduction to Auditing

➢ Audit staff are offered gifts/hospitality by client staff

Unless the value of the gift/hospitality is clearly insignificant, a firm or a member of an

assurance team should not accept it.

➢ Audit fees from a single client are a high percentage of the audit firm’s total fees

▪ If an auditor receives a large proportion of his income from one client, he may be tempted
to give an unqualified audit report where one is not justified, due to fear of losing the client,

▪ In the UK, this has led to the '15% rule': The recurring fee income from one client or group
of connected clients should not generally exceed 15% of the gross fee income for two
consecutive years. If so, disclosure must be made to those charged with governance at the
entity, and external review should be carried out by an external professional accountant or
regulatory body

▪ For listed or public-interest clients, this is restricted to 10%.

▪ Where a branch within a partnership, but not the practice itself, exceeds these limits, the
firm may retain the audit so long as the final reporting responsibility is transferred to
another office.

▪ These limits are intended to be maximal and it is recognized that there may be financial
dependence even when the income falls below these limits. A review of the relationship
with the client should be carried out where a 'normal' client represents 10% of the gross fee
income to and where a public-interest or listed company is 5%, i.e., within 5% of the
maximum, to ensure that independence is maintained.

➢ Loan and guarantee arrangement with client

• The auditor must not make or guarantee loans to clients as this could be construed as
performing an audit at a discount in order to get consultancy work, i.e., ‘low-balling’.

• The auditor must take steps to ensure that his client pays overdue fees, as allowing
outstanding fees could be perceived as a loan.

• The auditor must not accept loans from a client, as this could be seen as a bribe to give an
unqualified report.

• The exception to this is where the client is a bank or similar institution and the loan is a
loan, overdraft or mortgage in the normal course of the business and on normal commercial
terms.

pg. 19
 AU 4013 Introduction to Auditing

➢ Contingent fees
A firm should not enter into any fee arrangement for an assurance engagement under which
the amount of the fee is contingent on the favourable result of the assurance work. For
example, a firm may charge a client seeking a listing on the stock exchange a contingent
fee which is payable if the listing is successful or fees which is based on a % of the
company’s profit.

2) Self-review threat

▪ This occurs where, prior to the audit, the auditor was involved in reviewing and
implementing the internal control systems of the client. Under such a situation, it will be
likely that the auditor may not highlight the shortcomings of his own work done earlier
when he audits the system subsequently.

▪ Individuals who have been a director or officer of the client, or an employee in a position
to exert direct and significant influence over the subject matter information of the
assurance engagement in the period under review should not be assigned to the assurance
team. If an individual had been closely involved with the client before the period covered
by the audit report, the audit firm should consider the threat to independence arising and
apply appropriate safeguard.

▪ If an accountant stops working for a client in order to work for the audit firm, he
should not personally take part in the audit if he has been an officer or employee of the
company at any time during the financial year or the preceding two years.

▪ Other services
Audit firms often offer a host of services other than audit. Examples include preparing
account and financial statement, valuation services, taxation services, internal audit
services, corporate finance services, IT services, temporary staff cover, recruitment
services, litigation support and legal services. Some of these (eg tax return) are not
perceived to threaten independence, others, particularly where it seems that audit firm
staff acting on behalf of management, do affect independence.
Generally, non-audit service which is considered as management responsibility is likely
to be prohibited. Activities which would be considered management responsibility include:

✓ Setting policies and strategic direction

✓ Directing and taking responsibility for the action of the entity’s employee
✓ Authorising transactions
✓ Deciding which recommendations of the firm or third parties to implement
✓ Taking responsibility for designing, implementing and maintaining internal cont rol.

pg. 20
 AU 4013 Introduction to Auditing

3) Advocacy threat
This occurs when the auditor is required to promote the client's position or represent them
in some way, and subsequently, his objectivity may be compromised.

Examples are auditor acting as the advisor or the promoter of a client in public listing through
public offer, or representing the client in court, or offering corporate service (pitches clients
reconstruction to bank).
Under these situations, the auditor cannot act objectively in reporting as auditor of the clients
as it will affect the outcome of the 'special assignment'.

4) Familiarity threat

➢ Relationship
We have already looked at the potential problems caused by relationship between audit
firm/staff and audit client/staff. These also cause familiarity threat when audit staff become too
familiar with a client, which causes them to lose objectivity, and professional skepticism.
A partner or employee of an assurance firm should not serve on the board of an assurance
client as it constitutes a self-review and self-interest threat. However, when a partner leaves
the firm to join as key management or director position of a client, having acted as audit
engagement or independent/key partner in relation to that audit in the previous two years, the
firm should resign as auditor for at least two years.

➢ Long association with assurance clients

It is a threat to independence if senior members of staff have a long association with a client.
Firms should monitor the relationship and use safeguards like rotating senior staff off the
assurance team and involving quality control reviews.

For listed companies, the Code of Ethics has more stringent rules:-

• No one should act as audit engagement partner or engagement quality control reviewer
for continuous period longer than five years.

• Where the engagement quality control reviewer becomes the audit engagement partner the
combined service in these two positions should not be more than five years.

• People who have held these positions for five years (continuously or in aggregate) should
not return to them for at least five years.

• No one should act as a key partner involved in the audit for a continuous period for seven
years (and when an audit quality reviewer becomes a key partner involved in the audit the
combined service should not be more than seven years).

pg. 21
 AU 4013 Introduction to Auditing

• Anyone who has acted as a key partner involved in the audit for seven years should not
return to that position for at least two years.

For non-listed clients, a rotation should take place after ten years in association.

Example: Long association

Joseph has been the audit engagement partner for Cheetah Ltd for a number of years. Intuitively,
his relationship has grown with the Finance Director (FD) by playing tennis with the FD
regularly.

This will pose a familiarity threat as the relationship has grown as time evolves. Joseph should
then request an independent quality control reviewer to review the audit file to ensure that the
risk is not too significant for the firm. On the other hand, the firm might decide to remove
Joseph from this engagement for a period of time to ensure independence is not affected.

5) Intimidation threat
This may occur where the audit staff have reason to be intimidated by audit client. Examples
are situations when the client threatens the firm with litigation. If an audit client threatens the
audit firm with any serious litigation, the audit firm should stand down as auditors as the threat
would be too significant to avoid by other means.

4.0 ‘Low-Balling’ in audit tender

This refers to a practice where an audit firm provides for an audit fee below cost in order to secure
non-audit contracts.
Ethical issues involved:
• The auditor may not willing to argue over some audit issues and thus risk those other non-
audit appointments. Then the client is in a position to threaten the auditor on some
accounting/management decisions.

• In order to reduce operating costs, there is a temptation to reduce the quality of the audit
work. Examples are reducing the audit hours on the job by reducing the audit tests or reducing
the number of staff involved.

• A firm’s reputation will be questioned where the revenue derived from non-audit services
from audit clients is of material compare to the audit services.
The tender for the audit should be submitted as it stands and there may be some scope to revise
the estimated hours or staff allocations. Nevertheless, the final fee estimate should be a fair
reflection of the resources need and the quality of staff needed to perform the audit adequately.
Ethically speaking, there should be no attempt to compete with other firms purely based on fees.

pg. 22
 AU 4013 Introduction to Auditing

CHAPTER 4 : APPOINTMENT OF AUDITORS

1.0 Introduction

The first part of this chapter deals with professional requirements governing the appointment of new
auditors.
The key requirement is for the current and proposed auditors to communicate about the clients
affairs.

One reason for this is to preserve the integrity of the auditors' position. Thus the current and
proposed auditors must ask the client for permission to discuss his affairs, but if the client refuses,
the proposed auditors should decline nomination.

A second reason for the two auditors communicating is to give the proposed auditors information
which will help them decide whether to accept nomination. Hence also there is a professional
requirement for the proposed auditors to seek references about the client.

Client acceptance procedures aim to identify the risks associated with taking on the client and assess
whether there are good high level controls such as management involvement and integrity.

Assuming appointment is accepted, the terms of the engagement are confirmed by means of an
engagement letter.

pg. 23
 AU 4013 Introduction to Auditing

Appointment decision chart

Approach by new audit

client

Is this the first audit? Yes No professional rule-

auditor to decide

Does client give permission No

to contact old auditors?

Yes

Write for all info pertinent Prospective auditor should

to the appointment section decline appointment

No
Does client give old auditor
permission to reply?
Yes

No
Does old auditor provide Give old auditor due notice then decide on
information to reply? basis of knowledge obtained otherwise

Yes

Accept/Reject appointment
decision

pg. 24
 AU 4013 Introduction to Auditing

2.0 Before acceptance of appointment

1. Independence
Before a new audit client is accepted, the auditors must ensure that there are no independence or
other ethical problems likely to cause conflict with the ethical code. Furthermore, new auditors
should ensure that they have been appointed in a proper and legal manner.

And the nominee auditors must carry out the following stringent checks on potential audit
clients and their management integrity.

2. Management integrity

The integrity of those managing a company will be of great importance. Auditors will be
particularly interested in management integrity if a potential client company is controlled by one or
a few dominant personalities.

3. Risk

The following table contrasts low and high risk clients.

LOW RISK HIGH RISK

Good long-term prospects Poor recent or forecast performance
Well-financed Likely lack of finance
Strong internal controls Significant control weaknesses
Conservative, prudent accounting policies Evidence of questionable integrity, doubtful
accounting policies
Competent, honest management Lack of finance director

Where the risk level of a company's audit is determined as anything other than low, then the
specific risks should be identified and documented. It might be necessary to assign specialists
in response to these risks, particularly industry specialists, as independent reviewers. Some
audit firms have procedures for closely monitoring audits which have been accepted, but which
are considered high risk.

4. Fees
Generally, the expected fees from a new client should reflect the level of risk expected. They
should also offer the same sort of return expected of clients of this nature and reflect the overall
financial strategy of the audit firm.

4. Relationship with client

The audit firm will generally want the relationship with a client to be long term. This is not only to
enjoy receiving fees year after year; it is also to allow the audit work to be enhanced by better
knowledge of the client and thereby offer a better service. Conflict of interest problems are
significant here; the firm should establish that no existing clients will cause difficulties as
competitors of the new client.

pg. 25
 AU 4013 Introduction to Auditing

5. Ability to perform the work

The audit firm must have the resources to perform the work properly (such as time and the
availability of suitably qualified staff), as well as any relevant specialist knowledge or skills. The
impact on existing engagements must be estimated, in terms of staff time and the timing of the
audit.

3.2 Communication with outgoing auditor

The present and proposed auditors must communicate about the client, prior to audit acceptance.
The client must be asked by the proposed auditors to give permission for this communication to
occur. If the client refuses to give permission, the proposed auditors must decline nomination.

This section covers the procedures that the auditors must undertake to ensure that their
appointment is valid and that they are clear to act. These matters are also covered in ACCA's Code
of Ethics and Conduct.

This is an example of an initial communication.

To: Retiring & Co

Chartered Certified Accountants

Dear Sirs

Re: New Client Co

We understand you are currently retained as the company's auditors.

We have been asked to allow our name to go forward for nomination as auditors of the
above company, and we should therefore be grateful if you would please let us know
whether there are any professional or other reasons why we should not accept
nomination

Acquiring & Co

Chartered Certified Accountants

Having carried out the steps illustrated in the appointment decision flow chart, the auditor will be
in a position to accept, or decline, the nomination, as the case may be.

pg. 26
 AU 4013 Introduction to Auditing

4.0 Procedures after accepting nomination

The following procedures should be carried out after accepting nomination.

(a) Ensure that the outgoing auditors' removal or resignation has been properly conducted in
accordance with the legislation.
The new auditors should see a valid notice of the outgoing auditors' resignation, or confirm
that the outgoing auditors were properly removed.

(b) Ensure that the new auditors' appointment is valid. The new auditors should obtain a copy
of the resolution passed at the general meeting appointing them as the company's auditors.
(c) Set up and submit a letter of engagement to the directors of the company.

5.0 Approval

Once all the relevant procedures and information gathering has taken place, the company can be
put forward for approval. The engagement partner should have completed a client acceptance
form and this along with any other relevant documentation, should be submitted to the
managing partner, or whichever partner is in overall charge of accepting clients.

Once a new appointment has taken place, the new auditors should obtain all books and papers
which belong to the client from the old auditors. The former accountants should ensure that
all such documents are transferred, unless they have a lien (a legal right to hold on to them)
over the books because of unpaid fees. The old auditors should also pass any useful information
to the new auditors if it will be of help, without charge, unless a lot of work is involved.

pg. 27
 AU 4013 Introduction to Auditing

Sample of Engagement Letter

pg. 28
AU 4013 Introduction to Auditing

pg. 29
 AU 4013 Introduction to Auditing

CHAPTER 5 : AUDIT PLANNING & RISK ASSESSMENT

1.0 Audit evidence

Auditors should evaluate all audit evidence in terms of its sufficiency and
appropriateness.

ISA 500.4
The objective of the auditor is to design and perform audit procedures in such a way as to
enable the auditor to obtain sufficient appropriate audit evidence to be able to draw
reasonable conclusions on which to base the auditor's opinion.

1.1 Sufficient, appropriate audit evidence

'Sufficiency' and 'appropriateness' are interrelated.

• Sufficiency is the measure of the quantity of audit evidence. The quantity of evidence
required will be affected by the level of risk in the area being audited, and the quality
of evidence obtained.

• Appropriateness is the measure of the quality or relevance and reliability of the

audit evidence.
Auditors are essentially looking for enough reliable audit evidence. Audit evidence usually
indicates what is probable rather than what is definite (is usually persuasive rather than
conclusive) so different sources are examined by the auditors. Not all sources of evidence
will be examined because auditors can only give reasonable assurance that the financial
statements are free from misstatement, for the following reasons:

(a) Auditors do not check every item in the accounting records. This would be too time-
consuming and not effective in a cost-benefit sense. Instead for many tests, they
check a sample of items in the population being tested.
(b) The limitations of accounting systems and internal control. The auditors will be looking
to rely on the accounting system, and may be looking to rely on internal control. The
accounting records may not give the level of detail the auditors require, or the
pg. 30
 AU 4013 Introduction to Auditing

accounting systems may be operated by staff who do not have a full understanding of
the system.
(c) The possibility that directors or staff may not tell the truth or collude in fraud.
(d) The fact that audit evidence indicates what is probable rather than what is certain.
Auditors have to make judgements, based on the available evidence, on whether to
include certain items in the accounts, for example provisions against specific debts.
They will also have to decide in the reasonableness of estimates.
(e) Auditors will often not be qualified to make judgements themselves on certain audit
evidence. They may need to call on expert assistance.

Audit Process

pg. 31
 AU 4013 Introduction to Auditing

3.0 Materiality

Information is material if its omission or misstatement could reasonably be expected to influence the
economic decisions of users taken on the basis of the financial statements. The calculation or estimation of
materiality should be based on the auditor's experience and judgement. The materiality chosen should be
reviewed throughout the audit.

To implement this the auditor therefore has to set his or her own materiality levels — this will always
be a matter of judgement and will depend on the level of audit risk. The higher the anticipated risk,
the lower the value of materiality will be.

Example
If a company has a profit of $100,000, a misstatement of $1,000 is unlikely to be
significant. If a company has a profit of $10,000, a misstatement of $1,000 will have a
more significant impact on the readers of the accounts.

Materiality considerations during audit planning are extremely important. The auditor must
established materiality for the financial statements as a whole, and also set performance
materiality levels.

pg. 32
 AU 4013 Introduction to Auditing

3.1 Materiality - Financial statements as a whole (Quantitative)

Determining materiality for the financial statements as a whole involves the exercise of professional
judgement.

Because many users of financial statements are primarily interested in the profitability of the company,
materiality is often thought of in terms of a value associated with the level of profit before tax.

The following benchmarks and percentages may be appropriate in the calculation of materiality for the
financial statements as a whole.

Value %
Profit before tax 5
Gross profit 1/2— 1
Revenue 1/2— 1
Total assets 1—2
Net assets 2—5
Profit after tax 5 — 10

For example, if profit before tax was $40,000, auditors might consider that all matters in the
financial statements equal to 5% of $40,000 (ie $2,000) will be important to users.

Materiality should be reviewed as the audit progresses and as any changes are made to the financial
information.

3.2 Performance Materiality

Consider what would happen if this materiality for the financial statements as a whole was applied
directly to, for example, different account balances (such as receivables, inventory etc). It could be
that a number of balances (or elements making up those balances) are untested or dismissed on the
grounds they are immaterial. However, a number of errors or misstatements could exist in those
untested balances, and these could aggregate to a material misstatement.

For this reason, the auditor is required to set performance materiality levels, which are lower than the
materiality for the financial statements as a whole and this means a lower threshold is applied
during testing. The risk of misstatements which could add up to a material misstatement is therefore
reduced.

This indicates the auditor sets a level or levels of materiality lower than overall materiality for the
purposes of performing procedures in general (for example on a low risk area) and this is just to
account for aggregation.

However, an even lower level is set for certain balances, transactions or disclosures where there is an
increased risk (for example, the auditor will set a lower performance materiality level for bank balances
if he/ she considers bank balances to be a sensitive area).

pg. 33
 AU 4013 Introduction to Auditing

3.3 Qualitative aspect of Materiality

Materiality has qualitative aspects. Examples of this are given ISA 320:

• Recurring errors as these may indicate weaknesses in the accounting system

• Errors that would mean breaches of statutory requirements
• Critical point errors, for example those that change a loss into profit
• Lack of disclosure ( eg ongoing litigation)

Example
Jo Price has made enquiries with the directors and has been told that draft profit before tax for Brown
Co for the year is $527,000. She has therefore proposed that planning materiality is $26,350 (5%). She
will use this figure to assist her in setting sample sizes and when drafting the detailed audit work to be
carried out in the audit plan.

Practice Question
Which measures of a client's business is an auditor likely to use when setting a level of materiality:

(a) For a client that has a stable asset base, steady revenue over the last few years but has only made a
small pre-tax profit this year owing to a large one-off expense?

(b) For a client where the outside shareholders have expressed concern over declining profits over the
last few years?

Answer
a) Because the business is stable, auditors are likely to base overall materiality on a % of revenue or
total assets, or possibly an average of both. Profit before tax is unlikely to be used overall as its
fluctuation does not appear to be significant. However a different materiality level may be set when
considering the one-off expense, since it may be particularly significant to readers of the accounts.

b) Auditors are likely here to pay some attention to the level of profit when setting materiality,
because the outside members regard profit as significant. However the auditors are also likely to take
into account total and net assets. Low profits will be of less significance if the business has a strong
asset base, but more significance if the business is in long-term financial difficulty.

Practice Question
Profit before tax at Rilla Ltd is $10,000.
Which one of the following balances are the auditors unlikely to plan to test in detail?

A Receivable $5,000
B Bank interest $ 450
C Director's bonus $ 400
D Addition to non-current assets $2,000

Answer
B. Bank interest is less than 5% of profit before tax and so it likely to be immaterial. Although the
director's bonus is also immaterial by value, it is material by nature, and so is likely to be tested in detail.
pg. 34
 AU 4013 Introduction to Auditing

4.0 Understanding the entity and its environment

ISA 315 Identifying and assessing the risks of material misstatement through understanding the entity and
its environment states that 'the auditor shall perform risk assessment procedures to provide a basis for
the identification and assessment of risks of material misstatement.

The ISA gives guidance on performing these risk assessment procedures in order to obtain the required
understanding of the business. The table below summarises some of the key points.

WHY? To identify and assess the risks of material misstatement in the financial
statements
To enable the auditor to design and perform further audit procedures
To provide a frame of reference for exercising audit judgement, for example,
when setting audit materiality
WHAT? Industry, regulatory and other external factors, including the applicable
financial reporting framework
Nature of the entity, including operations, ownership and governance, investments,
structure and financing
Entity's selection and application of accounting policies

Internal control
HOW? Inquiries of management and others within the entity
Observation and inspection
Analytical procedures
Prior period knowledge
Discussion by the audit team of the susceptibility of the financial statements to
material misstatement.
Information from other engagements undertaken for the entity.

pg. 35
 AU 4013 Introduction to Auditing

Analytical procedures consist of the evaluations of financial information made by a study of

relationships among both financial and non-financial data. Analytical procedures include investigation of
fluctuations and relationships that are inconsistent with other relevant information.
There are many sources of information available to the auditor at this stage including interim financial
information, budgets and industry information.

Analytical procedures such as these can be extremely helpful at the risk assessment and planning
stages of an audit and help the auditor to identify the areas of greatest risk, and therefore the
areas where the risk of misstatement in the accounts is highest. These are the areas where the
most work will be required during the audit.

For example
Ratios (such as the receivables days, inventory turnover and the current ratio) can be calculated using
information from the financial statements. The financial statements can also be compared to prior
years, or similar firms in the same industry.

pg. 36
 AU 4013 Introduction to Auditing

5.0 Risk assessment

5.1 Introduction to risk

Audit risk

➢ Risk that the auditors give an inappropriate audit opinion on the financial statements.

AUDIT RISK = RISK OF MATERIAL MISSTATEMENT X DETECTION RISK

FINANCIAL STATEMENT Auditor

Company

Inherent risk Control risk

It has two elements: the risk that the financial statements contain a material misstatement (inherent
risk and control risk) and the risk that the auditors will fail to detect any material misstatements
(detection risk).

pg. 37
 AU 4013 Introduction to Auditing

5.1.1 Risk of material misstatement in the financial statements (Inherent and Control Risk)

➢ Inherent risk is the susceptibility of an assertion to a misstatement and that could be material
individually or when aggregated with other misstatements, assuming there were not related
internal controls.

Inherent risk is affected by many factors, including:

• the nature of the entity, for example, the industry it is in and the regulations it falls under,
• the attitudes and experience of management,
• the geographic spread of the operations,
• the future business strategy of the entity, and
• the presence of complex wage structures, for example, a bonus- or commission-based salary
structure, and
• the information system, for example, computer-based accounting systems.

➢ Control risk is the risk that a misstatement that could occur in an assertion and that could be
material, individually or when aggregated with other misstatements, will not be prevented or
detected and corrected on a timely basis by the entity's internal control.

➢ Detection risk is the risk that the auditor's procedures will not detect a misstatement that
exists in an assertion that could be material, individually or when aggregated with other
misstatements.

Detection risk is the component of audit risk that the auditors have a degree of control over,
because, if risk is too high to be tolerated, the auditors can carry out more work to reduce this
aspect of audit risk, and therefore audit risk as a whole.

Example

Let us assume that an auditor is prepared to accept a 5% chance that he may give an inappropriate
audit opinion on the financial statements.

From his assessment of the client's risk environment, the auditor has determined the inherent risk
factor to be 80% and the control risk factor for a given area of the financial statements to be 25%.

By re-arranging the audit risk model [Audit risk (AR) = Inherent risk (IR) x Control risk (CR) x Detection
risk (DR)] we can find the level of detection risk required:

DR = AR
IR x CR
DR = 0.05
0.8 x 0.25

So, the level of detection risk would need to be set at 25%.

pg. 38
 AU 4013 Introduction to Auditing

However, let us now assume that for a different area of the client's financial statements, the auditor
has assessed control risk at 121/2 %. How does this affect the level of detection risk?

DR = 0.05
0.8 x 0.125

Now the level of detection risk should be set at 50%.

These examples illustrate a very important point: that detection risk has an inverse relationship
with financial statement risk (inherent risk x control risk). The lower the level of financial statement
risk, the higher the level of detection risk which can be accepted, and therefore the lower the
level of detailed testing required.

QUESTION Detection risk

The audit partner has set the overall level of audit risk for a client as 5%.

Your risk assessment of the client has indicated that inherent risk is 90% and control risk is 50%.
What level of detection risk should be prescribed for this client?

A N SWER

Detection level = 11.1%

DR= 0.05 = 0.111
0.9 x 0.5

6.0 Professional skepticism

Professional scepticism is an attitude that includes a questioning mind, being alert to conditions
which may indicate possible misstatement due to error or fraud, and a critical assessment of audit
evidence.

Professional scepticism requires the auditor to undertake a critical assessment of evidence and be alert
to:

• Audit evidence that contradicts other audit evidence obtained

• Information that brings into question the reliability of documents and responses to inquiries to be
used as audit evidence
• Conditions that may indicate possible fraud

Professional scepticism needs to be maintained throughout the audit to reduce the risks of overlooking
unusual transactions, over-generalising when drawing conclusions, and using inappropriate
assumptions in determining the nature, timing and extent of audit procedures and evaluating the
results of them.

Professional scepticism is also necessary to the critical assessment of audit evidence. This includes
questioning contradictory audit evidence and the reliability of documents and responses from
management and those charged with governance.
pg. 39
 AU 4013 Introduction to Auditing

7.0 Professional judgement

Linked to professional scepticism, the application of professional judgement is also crucial to the audit.

Professional judgement is the application of relevant training, knowledge and experience in making
informed decisions about the courses of action that are appropriate in the circumstances of the audit
engagement.

Professional judgement is particularly important when assessing:

• Materiality and audit risk

• Nature, timing and extent of audit procedures
• Evaluation of whether sufficient appropriate audit evidence has been obtained
• Evaluating managements judgements in applying the applicable financial reporting framework
• Drawing conclusions based on the audit evidence obtained

Whenever the auditor has exercised professional judgement during the audit, this must be appropriate
documented.

Question Assessing the risks of material misstatement

You are involved with the audit of Tantpro Co, a small company. You have been carrying out
procedures to gain an understanding of the entity. The following matters have come to your attention:

The company offers standard credit terms to its customers of 60 days from the date of invoice. Statements
are sent to customers on a monthly basis. However, Tantpro Co does not employ a credit controller, and
other than sending the statements on a monthly basis, it does not otherwise communicate with its
customers on a systematic basis. On occasion, the receivable ledger clerk may telephone a customer if the
company has not received a payment for some time. Some customers pay regularly according to the
credit terms offered to them, but others pay on a very haphazard basis and do not provide a remittance
advice. Receivable ledger receipts are entered onto the receivable ledger but not matched to invoices
remitted. The company does not produce an aged list of balances.

Required

From the above information, assess the risks of material misstatement arising at in the financial statements.
Outline the potential materiality of the risks and discuss factors in the likelihood of the risks arising.

ANSWER
The key risk arising from the above information is that trade accounts receivable will not be carried
at the appropriate value in the financial statements, as some may be irrecoverable. Where receipts are
not matched against invoices in the ledger, the balance on the ledger may include old invoices that
the customer has no intention of paying.
It is difficult to assess at this stage whether this is likely to be material. Trade accounts receivable is
likely to be a material balance in the financial statements, but the number of irrecoverable balances
may not be material. Analytical procedures, for example, to see if the level of accounts receivable has
risen year-on-year, in a manner that is not explained by price rises or levels of production, might help to
assess this.

pg. 40
 AU 4013 Introduction to Auditing

A key factor that affects the likelihood of the material misstatement arising is the poor controls over
the receivable ledger. The fact that invoices are not matched against receipts increases the chance of
old invoices not having been paid and not noticed by Tantpro Co. It appears reasonably likely that the
trade accounts receivable balance is overstated in this instance.

8.0 Responding to the risk assessment

The objective of ISA 330 The auditor's responses to assessed risks is 'to obtain sufficient
appropriate audit evidence regarding the assessed risks of material misstatement, through designing
and implementing appropriate responses to those risks'.

The auditors must formulate an approach to the identified risks of material misstatement. They
must 'formulate overall responses and detailed further audit procedures, which will comprise
tests of controls and substantive procedures or substantive procedures only.

8.1 Tests of controls

The ISA states that the auditor shall design and perform tests of controls to obtain sufficient
appropriate audit evidence as to the operating effectiveness of relevant controls if:

(a) the auditor's assessment of risks of material misstatement at the assertion level includes an
expectation that the controls are operating effectively, or

(b) substantive procedures alone cannot provide sufficient appropriate audit evidence at the
assertion level.'

pg. 41
 AU 4013 Introduction to Auditing

8.2 Substantive procedures

The auditor must always carry out substantive procedures on material items. The ISA
says 'irrespective of the assessed risks of material misstatement, the auditor shall design and
perform substantive procedures for each material class of transactions, account balance and
disclosure'.

Substantive procedures fall into two categories: analytical procedures and other procedures.
The auditor must determine when it is appropriate to use which type of substantive procedure

• Analytical procedures tend to be appropriate for large volumes of predictable

transactions (for example, wages and salaries).

• Other procedures (tests of detail) may be appropriate to gain information about account
balances (for example, inventory or trade receivables), particularly verifying the assertions of
existence and valuation.

The auditor must carry out the following substantive procedures:

• Agreeing the financial statements to the underlying accounting records

• Examining material journal entries
• Examining other adjustments made in preparing the financial statements

Tests of detail rather than analytical procedures are likely to be more appropriate with regard to
matters which have been identified as significant risks, but the auditor must determine
procedures that are specifically responsive to that risk, which may include analytical procedures.
Significant risks are likely to be the most difficult to obtain sufficient appropriate evidence
about.

8.3 Timing of substantive procedures and tests of controls

Auditors may carry out their audit work for one year in two or more sittings. When they do so,
they call these sittings the interim audit(s) and the final audit.

The final audit is the main period of audit testing, when work is focused on the final financial statements.

Interim audits are audits undertaken prior to the final audit, often during the period under review.

pg. 42
 AU 4013 Introduction to Auditing

Assertion

ISA 315 states that the auditor must use assertions for classes of transaction; account balances,
and presentation and disclosures in sufficient detail to form the basis for the assessment of the
risk of material misstatement and therefore the design and performance of further audit procedures.

Assertions Completeness: all transactions and events that should have been recorded
about classes have been recorded. For example, all material purchases made in the year have
of been recorded on the purchase ledger.
transactions
and events for Occurrence: transactions and events that have been recorded have occurred and
the period pertain to the entity. For example, all sales for which revenue has been recorded
under audit have taken place.

Cut-off: transactions and events have been recorded in the correct

accounting period. For example, all sales revenue relating to the period under
audit have been recorded in the period, and no sales revenue relating to other
accounting periods has been recorded in this period.
Classification: transactions and events have been recorded in the proper
accounts. For example, direct corporation tax expenses are recorded in the tax
account, not other expense accounts.

Accuracy ($): amounts and other data relating to recorded transactions and
events have been recorded appropriately. For example, non-current depreciation
has been charged in accordance with applicable accounting standards and the
company's depreciation policy.
Assertions about
Completeness: all assets, liabilities and equity interests that should have been
account
recorded have been recorded. For example, all loan balances which the
balances at the
company is under obligation to repay have been recorded.
period-end
Rights and obligations: the entity holds or controls the rights to assets, and
liabilities are the obligations of the entity. For example, the plant and machinery
recorded really belong to the company.

pg. 43
 AU 4013 Introduction to Auditing

Valuation and allocation: assets, liabilities, and equity interests are included
in the financial statements at appropriate amounts and any resulting valuation or
allocation adjustments are appropriately recorded. For example, the trade
receivables balance is a true reflection of the amount the company expects to
receive from its customers, and any irrecoverable balances have been provided
against.
Existence: assets, liabilities and equity interests exist. For example, all plant and
machinery recorded exist.

Assertions about Completeness: all disclosures that should have been included in the financial
presentation statements have been included.
and disclosure
Occurrence and rights and obligations: disclosed events, transactions and
other matters have occurred and pertain to the entity.
Classification and understandability: financial information is
appropriately presented and described, and disclosures are clearly
expressed.

Accuracy and valuation: financial and other information is disclosed fairly

and at appropriate amounts.

Audit evidence is usually obtained to support each financial statement assertion and evidence
from one does not compensate for failure to obtain evidence for another. However, tests may
provide audit evidence of more than one assertion.

Question (cssscc)
Can you state which of the following tests are tests of control and which are substantive
procedures?
(a) Checking that invoices have been approved by the managing director
(b) Attending the year-end inventory count
(c) Reviewing accounting records after the year-end for events that affect this year's
accounts
(d) Obtaining confirmation from the bank of balances held at the year-end
(e) Checking how unauthorised personnel are prevented from entering where inventory is
held.
(f) Checking if references are sought for all new major customers

QUESTION
The auditor is unlikely to test which of the following assertions in respect of a receivable
balance at the end of the reporting period?

A Rights and obligations

B Occurrence
C Valuation
D Existence

pg. 44
 AU 4013 Introduction to Auditing

ANSWER
B. Occurrence — this relates more to classes of transactions than account balances.

9.0 Audit procedures

Auditors obtain evidence by one or more of the following procedures

Inspection of Agreeing the accounting records to the physical asset confirms

assets existence, gives evidence of valuation but does not confirm rights
and obligations or valuation.
(For example, physically inspecting a lathe machine in a factory
proves the machine exists, but does not confirm how much it is
worth or even that the company owns it — it could be leased under
an operating lease.) Auditors may need the help of experts in valuing
assets.

pg. 45
 AU 4013 Introduction to Auditing

Agreeing the physical assets to the accounting records gives evidence

of completeness.
(For example, inspecting the lathe machines at the audit client's
premises and matching them to the accounting records identifies
whether there are any machines that physically exist, but are not
recorded.)
Inspection of
Confirmation to documentation of items recorded in the accounting
documentation records demonstrates that a transaction occurred or an asset or liability
or records exists.
(For example, inspecting a supplier invoice which has been posted
onto the payables ledger confirms that the company owes the supplier
for the goods or services shown on the invoice.)
Confirmation that items recorded in the supporting documentation
are recorded in the accounting records tests completeness.
Cut-off can be verified by inspecting the reverse population; that is,
checking transactions recorded after the reporting period to
supporting documentation to confirm that they occurred after the
reporting period.
Inspection also provides evidence of valuation and measurement,
rights and obligations (eg that an asset is really owned by the
entity), and the nature of items (presentation and disclosure in line
with accounting standards). It can also be used to compare
documents (and hence test consistency of audit evidence), and to
confirm authorisation.

Observation Involves watching a procedure being performed (eg post opening, or

inventory being counted).

Observation is particularly useful in gaining an initial understanding

of how the client's internal controls work. A walk-through test
is a procedure performed by auditors. The purpose of walk-
through tests is for the auditors to establish the reliability of a
client's accounting and internal control procedures.

Inquiry
Seeking information from client staff or external sources about
operation of controls or how certain items have been treated in
the accounting records (eg for example, to understand what
internal controls have been implemented with regards to the
authorisation of expenses, or to determine how provisions have been
calculated).
The strength of evidence depends on the knowledge and integrity of
the source of information. It may be necessary to corroborate
inquiries, particularly those made of client's staff.
Inquiry alone often does not provide sufficient appropriate audit
evidence to give the auditor assurance over financial statement
assertions. Therefore, other procedures often need to be carried out in
order to corroborate the information obtained from inquiry.

pg. 46
 AU 4013 Introduction to Auditing

External Seeking confirmation from another source of details in clients accounting

Information records (eg confirmation from bank via a bank audit letter of existence and
rights and obligations of bank balances, confirmation from trade receivables in
respect of the existence of receivable balances).
External confirmations obtained directly by the audit team constitute more
reliable audit evidence than confirmations obtained from the client. However,
there can be limits to the level of information that they provide: for example,
customers will confirm whether trade receivable balances exist, but they may
not confirm that receivable balances are complete.
Recalculation
Checking the arithmetic accuracy of clients records e.g. adding up a ledger
account. If a formula is involved, the auditors should also consider the
reasonableness of the formula. Recalculation can sometimes be performed
using IT.
Reperformance
This is the auditor 's independent execution of procedures of controls that
were originally performed as part of the entity's internal control, either manually or
through the use of computers.
As information generated independently by the audit team itself, reperformance
constitutes a strong form of audit evidence.
Analytical These consist of evaluations of financial information (and fluctuations in financial
review information) made by studying plausible relationships between both financial
and non-financial data. This helps to identify unexpected variances which
require the auditor's attention, particularly from large volumes of data.
Examples of analytical procedures include comparing the current period gross
margin with prior years, comparing the rate of interest on related party loans
with the industry average, or reviewing the employment costs of the
production department against the number of staff in the production
department.

Example 1
The financial statements may show, within non-current assets, a piece of specialised equipment
valued at $12,000. The financial statement assertions which relate to this piece of equipment
include:
• Completeness
• Rights and obligations
• Valuation
• Existence

The auditor will then design tests (the substantive procedures) which will check these assertions.

Example 2
Physically observing the piece of equipment is evidence of existence. A review of the valuation
processes used will provide evidence that it has been valued appropriately, and documentation
relating to the purchase of the equipment would provide evidence of rights and obligations.

In the case of completeness particularly, the auditors are heavily reliant on the effectiveness of
the internal control system in ensuring that all data is satisfactorily captured in the accounting

pg. 47
 AU 4013 Introduction to Auditing

records. If internal control is very weak the auditors may not be able to obtain sufficient evidence
as regards completeness, and hence may have to modify their audit report.

Example 3
List the financial statement assertions, and discuss the strength or weakness of the following
sources of audit evidence, and the financial statement assertions to which they relate.
(a) Physical inspection of a non-current asset by an auditor
(b) Confirmation by a receivable of money owed
(c) Oral representations by management that all suppliers owed money at the year-end have
been included in the financial statements

ANSWER
Audit evidence should allow auditors to draw conclusions on the financial statement assertions.

Accuracy; Completeness ; Cl assificatio n; Allocation; Cut-off; Occurrence;

Valuation; Existence; Rights and obli gation

(a) The physical inspection of an asset by auditors is inherently strong audit evidence since
it is evidence obtained directly by auditors rather than from the client.
The physical inspection of an asset gives auditors the strongest possible evidence
concerning existence.

It also may give auditors some evidence as to valuation if for example machines appear to
be obsolete or buildings appear to be derelict. More likely however auditors will require
specialist assistance to value very material assets.
Inspection also gives auditors some assurance that assets have been completely
recorded. Auditors can check that all assets inspected have been recorded.
However, ownership of assets cannot be verified solely by physical inspection.
Auditors will need to inspect documents of title, vehicle registration documents and so
forth depending on the assets being verified.

(b) Confirmation of receivables balances owed is inherently strong audit evidence since it is
written confirmation by a third party.
The evidence is particularly relevant to the assertions of existence (the receivable exists)
and rights and obligations (the customer owes the client money).

Further evidence of valuation, however, is likely to be needed because although the

customer acknowledged money is owed, that does not mean that the money will be paid.

(c) Oral representations from the client about what is owed at the year-end are inherently
weak evidence since they are not in writing and do not come from an independent
source. Auditors should seek written confirmation of the representations, and seek
confirmation from other audit evidence, for example suppliers' statements, post year-end
accounting records and invoices received after the year-end.
The representations do give some comfort on the completeness of payables, and also the
obligations of the client.

pg. 48
 AU 4013 Introduction to Auditing

10.0 Reliability of evidence

The following generalisations may help in assessing the reliability of audit evidence.

• Audit evidence from external sources (eg confirmation received from a third party) is more
reliable than that obtained from the entity's records.

• Audit evidence obtained from the entity's records is more reliable when the related accounting
and internal control system operates effectively.

• Evidence obtained directly by auditors is more reliable than that obtained by or from
the entity.

• Evidence in the form of documents and written representations is more reliable than oral
representations.

• Original documents are more reliable than photocopies, emails, telexes or

facsimiles.

Consistency of audit evidence from different sources will have a corroborating effect, making
the evidence more persuasive. Where such evidence is inconsistent, the auditors must determine
what additional procedures are necessary to resolve the inconsistency. Auditors must consider the cost-
benefit relationship of obtaining evidence but any difficulty or expense is not in itself a valid basis for
omitting a necessary procedure.

Quiz
1. What does ISA 500 Audit evidence say about the objective of auditors in obtaining audit
evidence?

pg. 49
 AU 4013 Introduction to Auditing

2 When auditors are testing controls, about which two aspects are they seeking evidence?

3 List the financial statement assertions (single, two or three word descriptions will suffice).

4 What general comments can be made about audit evidence?

5 To what does 'sufficiency' of audit evidence relate?

A Reliability
B Quality
C Relevance
D Quantity

6 Of which type of audit procedure are the following examples?

(a) Physical check of non-current assets
(b) Watching the payment of wages
(c) Receiving a letter from the client's bank concerning balances held at the bank by the
client
(d) Adding up the client's trial balance

7 Give examples of figures used as a basis for setting materiality.

8 What is audit risk?

9 What are the components of audit risk?

10 Which of the following would not increase inherent risk?

A Revenue is derived from sales of high-tech produces
B Sales orders are not authorised prior to sales being executed
C A number of customers have significantly old debt
D Some recent sales have resulted in legal claims against the company

11 What procedures might an auditor use in gaining an understanding of the entity?

12 List three potential overall responses to assessed risks.

Answer
1) ISA 500 states that the objective of the auditor is to design and perform audit procedures in such
a way as to enable the auditor to obtain sufficient appropriate audit evidence to be able to draw
reasonable conclusions on which to base their opinion.
pg. 50
 AU 4013 Introduction to Auditing

2) When testing controls, auditors are concentrating on their design and operation.

3) The financial statement assertions are:

(Existence (Accuracy
a
(Rights and obligations f(Classification
)Occurrence
(b (g
)Cut-off
(c
)Completeness (h
)Allocation
(d
)Valuation i)
e
) )
4) General
) comments that can be made about audit evidence are as follows.
a) Audit evidence from external sources is more reliable than evidence from internal sources.
b) Evidence obtained from the client's records is more satisfactory if the accounting and internal control
system is operating effectively.

c) Directly obtained audit evidence is more reliable than evidence obtained from the entity.
d) Written evidence is more reliable than oral evidence.
e) Original documents are more reliable than copies.

5. D
6. ( a ) I n s p e c t i o n
( b ) O b s e r v at i o n
( c ) C o n fi rm at i o n
( d ) C o m pu t at i o n
7. Commonly materiality is set using on or more of the following figures:

(a) Profit before tax

(b) Total assets
(c) Revenue
Less frequently the following figures are used:

(a) Gross profit

(b) Profit after tax
(c) Net assets
8. Audit risk is the risk that auditors may give an inappropriate opinion on the annual financial
statements.
9 The three components of audit risk are inherent, control and detection risk.
10 B This is a control risk.
11. Inquiry, analytical procedures, observation and inspection.
12. Any of:
• Emphasising the need for professional skepticism
• Assigning additional/more experienced staff
• Usi n g expert s
• Pro vi din g mo re su pervi sion
• I n corpo rati n g mo re u n predict abi li t y

pg. 51
 AU 4013 Introduction to Auditing

CHAPTER 6 : RISK ASSESSMENT

1.0 Audit team
The usual hierarchy of staff on an audit assignment is:

The audit engagement partner (sometimes called the reporting partner) must take
responsibility for the quality of the audit to be carried out. He should assign staff with
necessary competencies to the audit team.

Engagement partner will take overall responsibility for the conduct of the audit and will sign
the audit report. The engagement partner will delegate aspects of the audit work such as the
detailed testing to the staff of the firm.

2.0 Audit Strategy and Planning

The auditors will formulate an overall audit strategy which will be translated into a detailed
audit plan for audit staff to follow.

An effective and efficient audit relies on proper planning procedures. The planning process is
covered in general terms by ISA 300 Planning an audit of financial statements.

3.0 Audit Strategy

The establishment of the audit strategy involves:

(a) Identifying the characteristics of the • Industry-specific reporting requirements

engagement which define its scope (bank , insurance)
• Location of components of the entity
• Availability of internal audit work

(b) Ascertaining the reporting • Deadlines for interim and final reporting
objectives of the engagement to • Key dates for expected communications with
plan the timing of the audit and management and those charged with
the nature of the communication governance
required

pg. 52
 AU 4013 Introduction to Auditing

Considering the important factors that • Materiality levels

(c) will determine the focus of the • Possible reliance on internal control, and
engagement team's efforts managements approach to internal control
• Financial reporting/industry specific
developments
• Results of previous audits

(d) Considering the results of preliminary • Ensure auditor maintains necessary

engagement activities and, where independence and ability to perform
applicable, whether knowledge gained engagement
on other engagements performed by • Management integrity issues that may
the engagement partner for the entity affect auditors willingness to continue the
is relevant. engagement

(e) Ascertaining the nature, timing and • Resources required

extent of resources necessary to • When and where the resources will be
perform the engagement deployed
• Client's timetable for reporting to its members
(and impact this has on audit timetable)

3.1 Audit plan

Audit Plan – converts the audit strategy into a more detailed plan and includes the nature,
timing and extent of audit procedures to be performed by engagement team members in
order to obtain sufficient appropriate audit evidence to reduce audit risk to an acceptably low
level.

Examples of items included in the audit plan could be:

• Timetable of planned audit work

• Allocation of work to audit team members
• Audit procedures for each major account area (eg inventory, receivables, cash etc)
• Materiality for the financial statements as a whole and performance materiality
The following is an example extract from an audit plan covering non-current assets.

Procedure Samples Ref Completed

by
Existence
1. Inspect a sample of assets that are All assets costing > B6
recorded in the non- current asset register. £10,000 + 10 others
chosen randomly
2. Examine invoices, department of All assets costing > B7
transport credit roadworthiness $10,000 + 10 others
certificates and other independent chosen randomly
documentary records of assets' existence.

pg. 53
 AU 4013 Introduction to Auditing

3. Examine invoices for smaller furniture B8

and equipment additions to see if any have 20 additions costing
been incorrectly capitalized <$1,000

Example : Audit strategy and audit plan

Breadtree Co sells baked goods in 10 shops across the country. 50% of the company's
revenue comes from 2 of these shops.

The audit strategy will set out the location of the shops and their relative contribution to
Breadtree Co's revenue, highlighting the fact that the majority of the revenue is linked to
two of these shops.

The audit strategy will then identify what this would mean for the conduct of the audit, for
example:

• The focus of audit procedures will be on the two major shops and appropriate audit
resources will be allocated to this purpose.
• Internal controls will be tested at the two shops, followed by substantive
procedures
• The level of audit testing at the other locations will be representative of the level of
activity at each shop. Audit team members will visit shops which have not been visited over
the past three years and carry out limited audit procedures, to ensure that each location
has been appropriately tested on a rotational basis over a period of three years.

The audit plan will expand on the approach set out in the audit strategy and identify:

• The audit team members who will carry out the audit procedures at each of the shops
• The dates at which each of the shops within this year's scope will be visited
• The specific tests of controls and substantive procedures to be carried out at each
of the shops
• If sampling techniques are to be used, how samples are to be selected for each audit
procedure.

pg. 54
 AU 4013 Introduction to Auditing

3.2 Experts

Auditors may only rely on other experts once specific procedures have been carried out.

This section covers primarily the use of an auditor's expert. The Clarity ISAs now distinguish
between management's and auditor's experts.

An auditor's expert is a person or firm possessing special skill, knowledge and experience
in a particular field other than accounting and auditing, whose work in that field is used by
the auditor to assist the auditor in obtaining sufficient appropriate audit evidence

A management expert is a person or firm possessing special skill, knowledge and experience
in a particular field other than accounting and auditing, whose work in that field is used by
the entity to assist the entity in preparing the financial statements.

An auditor may need to use an expert for the following purpose:

• Valuations of certain types of assets, eg land and buildings, plant and machinery
• Actuarial calculation of liabilities associated with insurance contracts or employee benefit plan.
• The valuation of environmental liabilities, and site clean-up costs, eg decommissioning oil
wells in the case of petroleum companies.
• The interpretation of contracts, laws and regulations
• Analysis of complex or unusual tax compliance issue eg transfer pricing

3.2.1 Competence and objectivity of the expert (check the expert’s background)

ISA 620 requires the auditors to assess the professional competence of the expert.
Information regarding the competence, capabilities and objectivity of an auditor's expert may
come from a variety of sources, such as:

• Personal experience with previous work of that expert

• Discussions with that expert
• Discussions with other auditors or other people who are familiar with that expert's work
• Knowledge of that experts qualifications, membership of a professional body or industry
association, license to practice, or other forms of external recognition
• Published papers or books written by that expert

• The auditor's firm's quality control policies and procedures.

pg. 55
 AU 4013 Introduction to Auditing

The risk that an expert's objectivity is impaired increases when the expert is:

• Employed by the entity

• Related in some other manner to the entity, for example, by being financially dependent
upon, or having an investment in, the entity
If the auditors have reservations about the competence or objectivity of the expert they may
need to carry out other procedures or obtain evidence from another expert.

3.2.2 The expert's scope of work (how wide is their scope?)

The auditors need to obtain evidence that the scope of the experts work is adequate for the
purposes of their audit. Written instructions usually cover the expert's terms of reference and
such instructions may cover such matters as:

• The nature, scope and objectives of that experts work

• The respective roles and responsibilities of the auditor and that expert
• The nature, timing and extent of communication between the auditor and that expert,
including the form of any report to be provided by that expert

• The need for the auditor's expert to observe confidentiality requirements.

3.2.3 Evaluating the work of the expert (check their work)

Auditors should assess whether the substance of the experts findings is properly reflected in
the financial statements or supports the financial statement assertions. It will also require
consideration of:
• The source data used
• The assumptions and methods used
• When the expert carried out the work
• The reasons for any changes in assumptions and methods
• The results of the experts work in the light of the auditors' knowledge of the business and the
results of other audit procedures
The auditors do not have the expertise to judge the assumptions and methods used; these are the
responsibility of the expert. However, the auditors should seek to obtain an understanding of these
assumptions etc, to consider their reasonableness based on other audit evidence, knowledge of
the business and so on.

This may involve discussion with both the client and the expert. Additional procedures (including
use of another expert) may be necessary.

pg. 56
 AU 4013 Introduction to Auditing

QUESTION

The assets of Komark Investment mostly consist of buildings in London which are valued at
open market value in the company's statement of financial position. You are auditing the
financial statements of the company for the year ended 31 December 20X4. During the year the
company re-valued its properties, using the valuations provided by Harvey Herbert, a
chartered surveyor.
Required
(a) What work will you as auditor carry out on the valuation given by Harvey Herbert?
(b) How would your answer differ if Harvey Herbert was an employee of Komark
Investment?

Answer
(a)
Harvey Herbert is a management's expert, and so when assessing his work, we as auditors
should consider the following.

Competence and objectivity

If Harvey Herbert is practising as a chartered surveyor he should be professionally qualified.

We should also consider what experience Harvey Herbert has of valuing similar properties
within the same geographical area as the properties owned by Komark Caterpillar. If he
does not have experience of the type of properties owned by the company or of the areas in
which they are located, then the value of his evidence is likely to be reduced.

We should also consider Harvey Herbert's reputation, and the reputation of the firm for
which he works. It is likely that more reliance can be placed on a valuation from a long-
established firm with a good reputation than one from a little-known small firm.

Assessing the work

We should consider the following aspects of Harvey Herbert's work.

(i) The objectives and scope of his work. Harvey Herbert should have been aware of
the purposes for which his work would be used.
(ii) The data that Harvey Herbert used.
(iii) The assumptions and methods employed by Harvey Herbert. In general, a
reasonable basis of valuation should be used. If the assumptions and methods differed
significantly from those used for previous valuations of the same properties, we should
satisfy ourselves that the change was for valid reasons.

(iv) When Harvey Herbert carried out the work. If the work was carried out during the
year, we should confirm that there had been no events in the months between the
valuation and the year-end that would undermine the basis of the valuation.

pg. 57
 AU 4013 Introduction to Auditing

(v) The results of the valuation. Although we as auditors do not have the expertise to make
a second valuation, we can nevertheless assess the valuation in the light of other evidence,
which might include the following.
(1) Previous valuations by Harvey Herbert can be compared against any subsequent
profits or losses made on those properties, since those could indicate any tendency
to over or under value the properties to a material extent.
(2) The valuations may also be comparable with those used by other clients holding
similar properties in the same locations.
We should also consider significant changes in the valuation of any of the properties since
the last valuation, comparing those changes with the general behaviour of the commercial
property market in the intervening period.

Based on the outcome of the above, we will also need to consider whether we need to use an
auditor's expert to carry out their own valuation.

(b)

If Harvey Herbert was employed by the company, we need to consider carefully whether his
lack of independence may diminish the value of his work. We may have to undertake additional
audit procedures or consider obtaining a second opinion from another expert.

4. Using Computers
4.1 Auditing around the computer

To audit around the computer, the auditor does not look at the specific workings of the system
itself. A sample of inputs will be checked to outputs, and vice versa. If they prove to be
accurate and valid, it is assumed that the system of controls is effective and that the system is
operating properly

The main advantage of this method of auditing is that it can be carried out with very little
technical expertise. However, this method is only suitable if there is a clear audit trail within
the system, the system is relatively simple, and up to date documentation exists about how the
system works.

pg. 58
 AU 4013 Introduction to Auditing

4.2 Auditing through the computer

Auditing through the computer requires more specific IT audit skills than those required
to audit around the computer as this method directly tests the controls within the
system itself.

Auditors customarily audit 'through the computer'. This involves an examination of

the detailed processing routines of the computer to determine whether the controls in the
system are adequate to ensure complete and correct processing of all data. In these
situations, it will often be necessary to employ CAATs.

Computer-assisted audit techniques (CAATs) are those which enable auditing procedures to be
applied using the computer as an audit tool.

There are two broad categories of CAAT:

1. Audit software (Substantive procedures); and
2. Test data (Test of control).

4.2.1 Audit software

Audit software are computer programmes used by the auditor to interrogate a client's
computer files.

Audit software consists of computer programs used by the auditors, as part of their auditing
procedures, to process data of audit significance from the entity's accounting system. It may
consist of generalised audit software or customised audit software. Audit software is
used for substantive procedures.

Audit software: Advantage

• Access the clients data files and obtains information without the need to ask the client for
information
• Perform calculations and comparisons in analytical procedures

• Sampling programs to extract data for audit testing, eg select a sample of receivables for
confirmation

• Compare data elements in different files for agreement (eg prices on sales invoices to
authorised prices in master file)
• Re-perform calculations, eg totalling receivables ledger

• Audit testing capability is increased — large volumes, up to 100%, of information

can be tested, thereby reducing or even eliminating sampling risk.
• Cost-effectiveness — although up-front costs may be considerable, it can often be used
again in subsequent audits.
• Repetitive work is eliminated — this can increase job satisfaction for auditors and frees
them up to apply professional judgement to key areas.

pg. 59
 AU 4013 Introduction to Auditing

Difficulties of using audit software

(a) The costs of designing tests using audit software can be substantial as a great deal of
planning time will be needed
(b) Setting up the software needed for CAATs can be time consuming and
expensive.
(c) Not all client systems will be compatible with the software used with CAATs.
(d) There is a risk that live client data is corrupted and lost during the use of
CAATs.
(e) Information in real-time systems is constantly changing.
(f) Auditor judgement must still be applied throughout the testing process.

4.2.2 Test data

Test data is data submitted by the auditor for processing by the client's computer system, to
test that the system processes the data as expected.
Test data techniques are used in conducting audit procedures by entering data (eg a sample
of transactions) into an entity's computer system, and comparing the results obtained with pre-
determined results. Test data is used for tests of controls.

Test data has two aspects.

(a) Data representing valid transactions. Here the auditor is looking to check that the systems
produces the required documentation such as sales invoices and updates the
accounting records.

(b) Data that is invalid for any reason. Here the auditors are checking on controls that
prevent processing of data that is clearly wrong, negative amounts or non-existent
customers for example, or which breaches limits set down by the company. Auditors are
interested in seeing not only that the system rejects the transaction, but also that
breaches are reported (by means of exception reports).

Benefits of using test data techniques are:

(a) Test data provides evidence that the software or computer system used by the client are
working effectively by testing the program controls and in some cases there may be no
other way to test some program controls.

(b) Once the basic test data have been designed, the level of ongoing time needed and costs
incurred is likely to be relatively low until the client's systems change.
Problems with using test data:

(a) A significant problem with test data is that any resulting corruption of data files has to
be corrected. This is difficult with modern real-time systems, which often have built-in (and
highly desirable) controls to ensure that data entered cannot be easily removed without
leaving a mark.
(b) Test data only tests the operation of the system at a single point of time and therefore the
results do not prove that the program was in use throughout the period under review.
pg. 60
 AU 4013 Introduction to Auditing

Which of the following audit tests could NOT be achieved by using audit software?

A Testing controls over invoice processing

B Extracting a sample of invoices worth < $200
C Extracting all invoices in respect of a customer
D Checking calculations on a sample of invoices

Answer : A. Test data would be used to test controls.

Sampling

Audit sampling is the application of audit procedures to less than 100% of items within a
population of audit relevance such that all sampling units have a chance of selection in order
to provide the auditor with a reasonable basis on which to draw conclusions about the entire
population.

5.1 How should an auditor select a sample?

ISA 530.8
The auditor shall select items for the sample in such a way that each sampling unit in the
population has a chance of selection.

There are a number of methods available to an auditor to help him select a sample.

(a) Random selection uses random number tables or computerised generator to select the
sample. For example, the auditors might tell a computer programme there are 450
receivables numbered 1-450 and they want a sample of 30. The computer would randomly
select 30 numbers between 1 and 450 to be the sampled items.
(b) Systematic selection involves selecting items using a constant interval between
selections, the first interval having a random start. So using the above example of 1-450
again, the sampling interval would be 15, as 15 x 30 is 450. The computer could randomly
choose a number between 1 and 15 to be the 1st sampled item and every 15th item after
that (for example, 13, 28, 43 etc) would be sampled. When using systematic selection auditors
must ensure that the population is not structured in such a manner that the sampling interval
corresponds with a particular pattern in the population.

pg. 61
 AU 4013 Introduction to Auditing

(c) Haphazard selection is where an auditor himself selects items 'at random'. It may be an
alternative to random selection provided auditors are satisfied that the sample is
representative of the entire population. This method requires care to guard against making a
selection which is biased, for example towards items which are easily located, as they may not
be representative. It should not be used if auditors are carrying out statistical sampling.

(d) Sequence or block selection. Sequence sampling may be used to check whether certain items
have particular characteristics. For example, an auditor may use a sample of 50 consecutive
cheques to check whether cheques are signed by authorised signatories rather than picking
50 single cheques throughout the year. Sequence sampling may however produce samples
that are not representative of the population as a whole, particularly if errors only occurred
during a certain part of the period, and hence the errors found cannot be projected onto the rest
of the population.
The auditor may alternatively select certain items from a population because of specific
characteristics they possess. The results of items selected in this way cannot be projected onto
the whole population but may be used in conjunction with other audit evidence concerning the
rest of the population.

(a) High value or key items. The auditor may select high value items or items that are
suspicious, unusual or prone to error.
(b) All items over a certain amount. Selecting items this way may mean a large proportion of
the population can be verified by testing a few items.

5.2 Sampling risk

Sampling risk is the risk that the auditor's conclusion, based on a sample of a certain size,
may be different from the conclusion that would be reached if the entire population were
subjected to the same audit procedure.
Non-sampling risk is the risk that the auditor might reach an erroneous conclusion for any
reason not related to the size of the sample. For example, most audit evidence is persuasive
rather than conclusive, the auditor might use inappropriate procedures, or the auditor might
misinterpret evidence and fail to recognise a misstatement or deviation.

Detection risk is affected by inherent risk and control risk, given a desired level of audit risk.
This relationship is described by the audit risk model:
AR = IR x CR x DR.

This formula is very important, so we will look at another example of it here, to reinforce your
understanding.

An audit firm sets its acceptable level of risk as 5%. The risk assessment activities at the firm's
client have indicated that the level of inherent risk is 75% and control risk is 40%. What is the
level of detection risk the auditor can accept?

pg. 62
 AU 4013 Introduction to Auditing

Applying the audit risk formula:

DR = A R
IR x CR

DR = 0. 05
0.75 x 0.4

= 0.167

So, the level of detection risk would need to be set at 16.7% to achieve the prescribed level of
audit risk (5%).

However, we have now also seen that detection risk comprises both sampling risk and non-
sampling risk.
To reflect this, the audit risk model can be rewritten:

Audit risk = Inherent risk x Control risk x Sampling risk (SR) x Non-sampling risk (NSR)
As above, the audit firm sets its acceptable level of risk as 5%, the level of inherent risk is 75%
and control risk is 40%. However, in addition, the firm has identified that non-sampling risk is
50%. What is the prescribed level of sampling risk?

SR = AR
IR x CR x NSR

SR = 0.05
0.75 x 0.4 x 0.5

= 0.33

So, the level of sampling risk would now need to be set at 33%.

5.3 Misstatement
Misstatement means either control deviations, when performing tests of controls, or
misstatements, when performing tests of details.

• Expected misstatement is the misstatement that the auditor expects to be present in the
population.
• Anomalous misstatement means a misstatement that arises from an isolated event that has
not recurred other than on specifically identifiable occasions and is therefore not representative
of misstatements in the population.
• Tolerable misstatement is the maximum misstatement in the population that the auditor
would be willing to accept.

Tolerable misstatement is considered during the planning stage and, for substantive procedures, is
related to the auditor's judgement about materiality. The smaller the level of misstatement an
auditor can tolerate, the greater the sample size will need to be.
pg. 63
 AU 4013 Introduction to Auditing

If the expected misstatement rate is high then sampling may not be appropriate and auditors
may have to examine 100% of a population.

5.5.1 Example: misstatement

When testing controls, auditors might expect controls to operate effectively 98 times out of
100. They would therefore consider a 2% misstatement rate tolerable. If they checked 100
invoices and found two misstatements, they would be satisfied.

CASE STUDY

At Brown Co, the auditors have an expectation that controls are operating effectively. This
means that for the purposes of drawing their audit opinion, they will rely on a combination of
tests of controls and substantive procedures. This will mean in general terms that their
sample sizes for the substantive tests will be smaller than if they were not carrying out tests
of controls as well.

In addition to considering the overall picture, the auditors will consider the inherent risk of
each area and this too will have an additional impact on sample size.
For example, inventory at Brown Co is considered to be high risk. This means the auditors will
be looking to have a substantial sample when testing inventory. Non-current assets are
lower risk, so the sample size will be comparably lower.

6.0 Documentation
Audit documentation is the record of audit procedures, relevant audit evidence
obtained and conclusions reached in connection with the performance of the audit. The
term 'working paper’ is also used sometimes.
Working papers may be in the form of data stored on paper, film, electronic media or other
media.

pg. 64
AU 4013 Introduction to Auditing

pg. 65
AU 4013 Introduction to Auditing

pg. 66
 AU 4013 Introduction to Auditing

The reasons why auditors use working papers to record their work, and why it is necessary
for auditors to record all their work are as follows.
(a) The reporting partner needs to be able to satisfy himself that work delegated by him has
been properly performed. The reporting partner can generally only do this by having
available detailed working papers prepared by the audit staff who performed the work.
(b) Working papers will provide, for future reference, details of audit problems encountered,
together with evidence of work performed and conclusions drawn in arriving at the
audit opinion. This can be invaluable if, at some future date, the adequacy of the
auditors' work is called into question in the event of litigation against them by either the
client or some third party.
(c) Good working papers will not only assist in the control of the current audit, but will also be
invaluable in the planning and control of future audits.
(d) The preparation of working papers encourages the auditors to adopt a methodical approach
to their audit work, which in turn is likely to improve the quality of that work.

6.1 Permanent and current audit files

For recurring audits, working papers may be split between permanent and current audit files.
Permanent audit files contain information of continuing importance to the audit. They
contain:
• Engagement letters
• New client questionnaire
• The memorandum and articles (M&A)
• Other legal documents such as prospectuses, leases, sales agreement
• Details of the history of the client's business
• Board minutes of continuing relevance (eg. Loan, Rental)

Current audit files contain information which is relevant to the current year's audit. They
should be compiled on a timely basis after the completion of the audit and should contain:

• Financial statements
• Time budgets and summaries
• Letter of Representation
• Management letter
• Notes of board minutes
• Communications with third parties such as experts or other auditors
• A lead schedule including details of the figures to be included in the financial statements
• Problems encountered and conclusions drawn

pg. 67
 AU 4013 Introduction to Auditing

Working papers should be headed with:

• T he name o f th e cl ien t
• T he yea r-en d d ate
• The file reference of the working paper
• The name of the person preparing the working paper
• The date the working paper was prepared
• T he da te of the revie w

Working papers should also show:

• The objective of the work done
• The sources of information
• How any sample was selected and the sample size determined
• The conclusions drawn
• The key points highlighted including the need for further work

Question
Describe four benefits that auditors will obtain from properly prepared working papers.
Answer
Four benefits that auditors will obtain from properly prepared working papers are as follows:
a) The reporting partner needs to be satisfied that the work delegated by him has been
properly performed. He can only do this by having available detailed working papers
prepared by the staff who performed the work

b) Working papers are a record for the future of work performed and conclusions drawn,
also of problems encountered. This record would be very important in the event of
litigation by the client or some other party.

(c) Good working papers will aid the planning and control of future audits.
(d) The preparation of working papers encourages auditors to adopt a methodical approach,
which is likely to improve the quality of their work.

6.3.1 Review

Audit work performed by each assistant should be reviewed by personnel of appropriate

experience to consider whether:

(a) The work has been performed in accordance with the audit plan.
(b) The work performed and the results obtained have been adequately documented.
(c) Any significant matters have been resolved or are reflected in audit conclusions.
(d) The objectives of the audit procedures have been achieved.
(e) The conclusions expressed are consistent with the results of the work performed and
support the audit opinion.

pg. 68
 AU 4013 Introduction to Auditing

When the audit work has been completed and reviewed, the audit engagement partner
completes an overall review of the working papers to ensure that he is able to issue his
opinion.

Throughout the audit, a system of review of all working papers will be used. In the case of a
large audit, the work of assistants will be reviewed by the supervisor(s). When a review
takes place, the reviewer will often use a separate working paper to record queries and their
answer.

Hot reviews are independent reviews carried out by another audit partner prior to the
signing of the audit report. These can be contrasted with cold reviews, which are independent
reviews carried out by another audit partner in the firm after the audit report has been issued.

CASE STUDY

Once Jo Price has completed the audit strategy and it has been approved by Dougie Taylor,
Dougie, Jo and Jonathan will have a planning meeting to ensure that all of them, and in
particular, Jonathan in this case, are aware of all the relevant issues relating to the audit.

This will include:

• Jonathan being given the opportunity to gain an understanding of the business,

particularly if he has not done any audit work on Brown Co before.

• Discussion of the susceptibility of Brown Co's financial statements to material

misstatement.

Particular emphasis will be given to the possibility of fraud. More specifically the risky
areas of inventory and receivables will be discussed and the overall concern about what
impact the new competitor might have on the overall financial statements.

• The preliminary conclusions about the information system and internal control at
Brown Co and its effect on the audit work.

• Discussion of the materiality level and any relevant non-value matters which might affect
materiality.
• Discussion of the detailed audit plan and what aspects of work are to be carried out
by each team member. As we have seen, Jo is likely to be allocated high risk areas such as
inventory and Jonathan is likely to be allocated low risk areas such as non-current
assets.

• Any matters which need consideration prior to the final audit, such as attendance at the
inventory count at the year-end and preparation of receivables' circularisation.
• Administrative details such as the date of the audit, the date audited financial
statements are required by and the location of the audit.

pg. 69
 AU 4013 Introduction to Auditing

Quiz
1 Which documents set out:
(a) The general approach to the audit?
(b) The detailed work?
2 Can an audit partner delegate responsibility for the audit opinion to his staff?
3 What are the key tasks that should be performed when work is delegated to assistants?

4 May the auditor use the work of an expert employed by the organisation?

5 (a) Why might auditors use the work of an expert?

(b) What should auditors consider when deciding whether to use the work of an expert?

6 What information does an audit plan usually contain?

7 What is the main danger of using standardised working papers?

8 Which of the following is not a correct reason for preparing audit working papers?

A To fulfil legal requirements

B To keep a record of matters of ongoing significance
C To enable the partner to review the file
D To fulfil requirements of ISA 230
9 Define:
(a ) Mi ss ta t em en t
( b) Tolerable Misstatement
( c) Sampling risk

10 Summarise the factors that affect sample sizes for substantive tests.
11 What is the difference between random and haphazard selection?

12 Which of the following would have the least effect on a sample size?

A Increase in the required confidence level

B Increase in number of invoices in population
C Increase in tolerable misstatement
D Increase in assessed risk
pg. 70
 AU 4013 Introduction to Auditing

Answer
1 (a) The audit strategy sets out the general approach to the audit.
(b) The audit plan sets out the detailed work.
2 No. A partner cannot delegate responsibility for the audit opinion. He can however
delegate aspects of the detailed audit work.
3 The audit engagement partner has responsibility for the quality of the audit performed.

He must ensure that the audit staff approach the job in the correct manner and have proper
communication both between themselves and with the client.

The engagement partner is also responsible for ensuring that the work of other
members of the audit team is directed, supervised and reviewed.

4 Yes

5 (a) Auditors might use the work of an expert to obtain sufficient audit evidence for

certain items in the accounts.

(b) When deciding whether to use the work of an expert, auditors should consider:

(i) The importance of the audit area

(ii) The risks of misstatement
(iii) The quantity and quality of other audit evidence
6 An audit plan usually contains:

(a) Audit tests

(b) Test objectives
(c) Timing of the tests
(d) Sample sizes
(e) Basis of sample selection
7 The main danger of using standardised working papers is that they can mean auditors
mechanically follow a standard approach to the audit without using professional
judgement.

8 A. (D is correct rather than A.)

9 (a) A misstatement is an unintentional mistake in the financial statements.

(b) Tolerable misstatement is the maximum misstatement in the population that

auditors are willing to accept and still conclude the audit objectives have been
achieved.
(c) Sampling risk is the risk that the auditors' conclusion, based on a sample, may
be different from the conclusion that would be reached if the entire population was
subject to the audit procedure.

pg. 71
 AU 4013 Introduction to Auditing

10 Factors that affect the sample sizes of substantive tests are:

(a) Inherent risk

(b) Control risk
(c) Detection risk
(d) Tolerable misstatement rate
(e) Expected misstatement rate
(f) Population value
(g) Number of items (in small population)
(h) Stratification may also lead to smaller sample sizes.
11 Random selection involves selecting items using formal random methods such as
random number tables, so that each item has an equal chance of being selected.
Haphazard selection involves selecting items judgementally, but also aiming to select
them without bias so that each item has an equal chance of being chosen.

12 B. This would have a minimum impact.

pg. 72