Assurance Hand Note

Professional Stage-Knowledge Level

By: Shafique Ahmed-Sr. Officer (Internal Audit-BSRM)

Assurance

CA in Bangladesh 1
www.facebook.com/cainbd
 Assurance Hand Note
Professional Stage-Knowledge Level
By: Shafique Ahmed-Sr. Officer (Internal Audit-BSRM)

CONTENTS OF ASSURANCE

01. Preliminary of Assurance:

1.01 Assurance Engagement:
1.02 Key elements of an assurance engagement:
1.03 Levels of assurance
1.04 Objective of an Audit:
1.05 True & Fair
1.06 Why is assurance important?
1.07 Why can assurance never be absolute?
1.08 Professional ethics:
1.09 Basic principle governing of an audit:
1.10 Threats and safeguards:
1.11 Suggestion to improve or safeguard against threat:
1.12 ICAB Code

02. Introduction to internal control

2.01 Internal control System:
2.02 Reasons for internal controls
2.03 Limitations of internal controls
2.04 Components of internal control:
2.05 Audit committee
2.06 Terms of audit committee function:

03. Introduction to Internal Audit

3.01 Internal audit:
3.02 External Audit:
3.03 Differences between internal and external Audit
3.04 What does internal audit do?

04. Audit Appointment:

4.01 Engagement Letter:
4.02 What are the procedures for accepting new engagement?
4.03 The purpose of an engagement letter is to:
4.04 The form and remaining content of audit engagement letters are given below:

05. Planning the assignment

5.01 Audit Planning
5.02 Audit strategy
5.03 Why audit plan is significant?
5.04 Define steps to develop an audit plan including risk assessment procedures,
5.05 Understanding the entity –why,what,how
5.06 Professional skepticism
5.07 Analytical procedures
5.08 Possible source of information about the client to perform analytical procedure
5.09 Materially
5.10 Tolerable error

2
 Assurance Hand Note
Professional Stage-Knowledge Level
By: Shafique Ahmed-Sr. Officer (Internal Audit-BSRM)

06. Risk assessment

6.01 Audit risk- Inherent risk, Control risk, Detection risk
6.02 Steps to identifying and assessing the risks
6.03 Significant risks

07. Process of assurance

7.01 Audit evidence
7.02 Tests of controls
7.03 Substantive procedures
7.04 Sufficient appropriate audit evidence
7.05 Procedures for obtaining Audit evidence
7.06 Audit of Accounting Estimates
7.07 Audit sampling
7.08 Statistical sampling
7.09 Non-statistical sampling
7.10 Management Representation
7.11 Management representation as assurance evidence
7.12 When management representation is required

08. Documentation
8.01 Documentation
8.02 Purpose of documentation
8.03 The form and content of working Papers are affected by matters such as:
8.04 The form and contents of Audit working Paper
8.05 Contents of Permanent Audit files
8.06 Contents of current file
8.07 Safe custody, retention, ownership and right of access to documentation
8.08 Importance of confidentiality:
8.09 Security procedures to prevent accidental disclosure of information:
8.10 Where an auditor can disclose information acquired in the course of professional
work:

09. Reporting Criteria

9.01 Content of the audit report
9.02 Unqualified report
9.03 Qualified report
9.04 Adverse report
9.05 Disclaimer report
9.06 Level of assurance and the expectations gap

10. Substantive Procedure

11. Revenue System
12. Purchase system
13. Employee costs

3
 Assurance Hand Note
Professional Stage-Knowledge Level
By: Shafique Ahmed-Sr. Officer (Internal Audit-BSRM)

01. Preliminary of Assurance

1.01 Assurance Engagement:

An assurance engagement is a practitioner expresses a conclusion designed to enhance
confidence of the intended users as well as the responsible party about the result of
evaluation of a subject matter against criteria'.

1.02 Key elements of an assurance engagement:

1) Three party relationship:
 The practitioner (accountant)
 The intended users
 The responsible party (Client)
2) A subject matter such as financial statements)
3) Suitable criteria:
Standard, practice, policy which is the basis to test whether complied or not.
4) Obtain sufficient appropriate evidence to support the assurance opinion that the user
can have confidence that it is reliable.
5) A written report in appropriate form
Assurance reports are provided to the intended users in a written form and contain
certain specified information so that the user ensures that key information is being
given and that the assurance given is clear.

1.03 Levels of assurance

a) Reasonable assurance engagement that is “A high, but not absolute level of assurance”
ensures to obtain sufficient and appropriate evidence.
b) Limited assurance engagement that sufficiency and appropriateness to obtain evidence
is lower level.

1.04 Objective of an Audit:

The objective of an audit of financial statements is to enable the auditor to express an
opinion whether the financial statements are prepared, in all material respects, in
accordance with an applicable financial reporting framework.

1.05 True & Fair

True: information is accurate and conforms with reality, not false and conforms with
required standards and law. The accounts are correctly take out from the books and records.

Fair: information is free from unfairness & bias with compliance expected standards and
rules. The accounts should return the business matter of the company's underlying
transactions.

1.06 Why is assurance important?

a) Independent professional verification given to the users.
b) Enhance confidence to the stakeholder
c) Enhances the credibility of the financial information.
d) Help to prevent errors or frauds and reduce the risk of management bias.
e) Where problems exist within information, assurance report draws attention to the
deficiencies, so that users know what those deficiencies are.

1.07 Why can assurance never be absolute?

Assurance can never be absolute due to assurance providers will never give a certification of
absolute correctness due to the limitations set out below:
a) Testing is used - the auditors do not oversee the process of the financial statements
from start to finish.

4
 Assurance Hand Note
Professional Stage-Knowledge Level
By: Shafique Ahmed-Sr. Officer (Internal Audit-BSRM)

b) Most audit evidence is persuasive rather than conclusive.

c) Assurance providers not test every item due to expensive for the responsible party, so a
sampling approach is used.
d) The client's staff members may collude in fraud that can deliberately hide from the
auditor.
e) Assurance provision can be subjective and professional judgments have to be made
such as “what aspects of the subject matter are the most important how much evidence
to obtain, etc”.
f) Assurance providers rely on the responsible party and its staff to provide correct
information, which in some cases may be impossible to verify by other means.
g) Some items in the subject matter may be estimates due to uncertainly.

1.08 Professional ethics:

Accountants require an ethical code because they hold positions of trust and people rely on
them. They work in the public interest, which extends beyond clients to people associated
with those clients and the general community. ICAB members are subject to ICAB guidance
(influenced by IFAC guidance).

1.09 Basic principle governing of an audit:

Integrity: This means that an accountant must be straightforward and honest. It involves fair
dealing and truthfulness.

Objectivity: This is a state of mind that excludes partiality, unfairness and compromise and
that gives fair and neutral consideration to all matters that are relevant to the task in hand.

Independence- to ensure the credibility of financial statement to the interested user, it is

required to honest assessment and evaluation. To achieve the objective of audit is depend
on conducting the audit independently.
An auditor is in independent-
 To develop audit program auditor can apply audit technique and procedure
 To examine any transaction auditor can excess all books and records and query to any
employee.
After completion the audit examine auditor can modify the opinion to express

Professional competence and due care. A professional accountant has a continuing duty to
maintain professional knowledge and skill at the level required to ensure that a client or
employer receives competent professional service based on current developments in
practice, legislation and techniques.

Confidentiality: Client information must be kept confidential unless there is a genuine

exception to this requirement.

Professional behavior: A professional accountant should comply with relevant laws and
regulations and should avoid any action that discredits the profession.

1.10 Threats of Audit:

 Self interest threat like financial interest, loan and guaranties, overdue fees, high
percentage of fees, gifts & hospitality.
 Self review threat that is tax service, internal audit service, corporate finance etc.
 Advocacy threat that is legal service, corporate finance service etc.
 Familiarity threat that is family and personal relationship, recruitment, team members
move to employment with client.
 Intimidation threat that arises when audit team members pressured by client staff due
to close business relationship or family and personal relationship or team members
move to employment with client.

5
 Assurance Hand Note
Professional Stage-Knowledge Level
By: Shafique Ahmed-Sr. Officer (Internal Audit-BSRM)

 Accepting new client without considering ethical issue

1.11 Suggestion to improve or safeguard against threat:

 Educational training and experience requirements for entry into the profession
 Continuing professional development requirements
 Corporate governance regulations
 Professional standards
 Professional or regulatory monitoring and disciplinary procedures
 Involving an additional professional accountant to review the work done or otherwise
advise as necessary.
 Consulting an independent third party, such as a committee of independent directors, a
professional regulatory body or another professional accountant
 Discussing ethical issues with those in charge of client governance

1.12 ICAB Code:

The ICAB Code is relevant to professional accountants in all of rheir professional and
business activities.
ICAB incorporates the IFAC Code of Ethics, but also contains additional rules deemed
appropriate by the ICAB.

02. Introduction to internal control

2.01 Internal control:

Internal control is the process designed and affected by management, and other personnel
to provide reasonable assurance about achievement of entity’s objectives with regard to
 Reliability of financial reporting,
 Effectiveness and efficiency of operations and
 Compliance with applicable laws and regulations.
And address identified business risks that threaten the achievement of any of these
objectives.

2.02 Reasons for internal controls

 Minimizing company’s business risks
 Ensuring continuing effective operation
 Ensuring the company complies with relevant laws and regulations

2.03 Limitations of internal controls

 Expense: A key limitation of controls is that they are expensive that is continual use of
the control is more expensive than the cost of the risk arising.
 Human element: The fact that they are generally relies on humans to operate them.
 Unusual transactions: Control are generally designed to deal with what normally or
routinely happens in a business. But when unusual transaction occur which not fit into
the normal routines, standard controls not relevant hence mistakes may be made.
 Small companies. Small companies generally have fewer employees than larger
companies, meaning that there are fewer people to involve in the internal control
system as well as due to cost of control owners of company were not interested.

2.04 Components of internal control:

 Control environment: The control environment includes management functions the
attitudes, and actions related the entity's internal control

6
 Assurance Hand Note
Professional Stage-Knowledge Level
By: Shafique Ahmed-Sr. Officer (Internal Audit-BSRM)

 Business risk and the entity's risk assessment process

Entity's risk assessment process: The process by the management in a business that
identifies business risks relevant to financial reporting objectives and decides what
actions to take to address those risks
Business risk: The risk to the company in its operations. It is risks at all levels of the
business.
 The information system relevant to financial reporting objectives
Procedures and records designed to initiate record, process and report entity
transactions and to maintain accountability for the related assets, liabilities and equity.
 Control activities:
The policies and procedures that helps and ensure that management directives are
carried out.
 Monitoring of controls:
An entity should review its overall control system to ensure that it still meets its
objectives,

2.05 Audit committee:

A subsection of the board of directors which has a particular interest in the finance and
accountant activities of the company.

2.06 Terms of audit committee function:

 To review integrity of financial statements and formal announcements relating to
company's performance
 To review company's internal financial controls and the company’s risk management
systems (unless there is a separate risk management committee)
 To monitor and review the effectiveness of the company's internal audit function (if
relevant)
 To make recommendations to board in relation to the external auditor
 To monitor the independence of the external auditor
 To implement policy on the provision of non-audit services by the external auditor

03. Introduction to Internal Audit

3.01 Internal audit:

A monitoring activity established within an entity as a service to the entity. Its functions
include, examining, evaluating and reporting to management and the directors on the
adequacy and effectiveness of components of the accounting and internal control system.

3.02 External Audit:

An audit carried out by an external auditor. Remember that the objective of an external
audit of financial statements is to enable auditors to express an opinion on whether the
financial statements are prepared (in all material respects) in accordance with the applicable
financial reporting framework'

3.03 Differences between internal and external Audit

Point Internal Audit External Audit
Internal audit designed to add An exercise to enable auditors to
Reason value and improve an express an opinion on the financial
organization’s operations. statements
Reporting to Internal audit report to the board The external auditors report to the

7
 Assurance Hand Note
Professional Stage-Knowledge Level
By: Shafique Ahmed-Sr. Officer (Internal Audit-BSRM)

of directors about financial and shareholders of a company on

audit matters. financial statements.
Internal audit's work relates to
External audit's work relates to the
Relating to the operations of the
financial statements.
organization.
Relationship External auditors are independent
Internal auditors are employees
with the of the company and its
of the organization.
company management.

3.04 What does internal audit do?

 Monitoring the company's overall risk management policy to ensure it operates
effectively.
 Monitoring the strategies implemented to ensure that they continue to operate
effectively.
 Monitoring internal controls.
 Examining financial and operating information
 Review of the economy, efficiency and effectiveness of operations
 Review of compliance with laws, regulations and other external requirements
 Special investigations, for instance, into suspected fraud

04. Audit Appointment

4.01 Engagement Letter:

Engagement letter is a letter sent by the auditor to his client at the time of any new audit. It
sets out the terms of the engagement and forms the basis of contract.

4.02 What are the procedures for accepting new engagement?

 Obtain client’s permission to write to the retiring auditor inquiring if there is any
professional reason why the appointment should not be accepted.
 Meet with the client to discuss regarding detail scope of the audit,
 Send a letter of engagement to the client defining the scope of audit.
 Obtain acknowledge from client that he received the engagement letter as well as he
understood all the terms of the engagement.

4.03 The purpose of an engagement letter is to:

a) Define clearly the extent of the audit firm's responsibilities and so minimize the
possibility of any misunderstanding between the client and the audit firm.
b) Provide written confirmation of the firm's acceptance of the appointment, the scope of
the engagement and the form of their report.

4.04 The form and remaining content of audit engagement letters are given
below:
a) The objective of the audit of financial statements
b) Management's responsibility for the financial statements'
c) The scope of the audit including reference to applicable legislation, regulations, or
Pronouncements of professional bodies to which the auditor adheres'
d) The form of any reports or other communication of results of the engagement.
e) Unrestricted access to whatever records, documentation and other information is
requested in connection with the audit.

8
 Assurance Hand Note
Professional Stage-Knowledge Level
By: Shafique Ahmed-Sr. Officer (Internal Audit-BSRM)

05. Planning the assignment

5.01 Audit Planning

An audit plan is more detailed than the strategy and sets out the nature, timing and extent of
audit procedures (including risk assessment procedures) in order to obtain sufficient
appropriate audit evidence.

5.02 Audit strategy:

Is a strategy for the audit, which sets the scope, timing and direction of audit and guides to
develop the audit plan.

5.03 Why audit plan is significant?

 Ensure appropriate attention to important areas of the audit.
 Identify potential problems and solve them on a timely basis.
 Assign work to engagement team members properly.
 directing and supervise to engagement ream members
 Review of work done by team members
 Ensure that the audit is properly organized and managed.

5.04 Define steps to develop an audit plan including risk assessment procedures,
01. Understanding the entity’s environment:
a. General economic factors and industry conditions.
b. Important characteristics of the business including business strategies, financial
performance and reporting requirements.
c. Level of competence of management.
02. Understanding the accounting and internal control systems:
a. The accounting policies adopted and changes.
b. The effect of new accounting or auditing pronouncements.
03. Risk and materiality:
a. The expected assessment of risks of fraud or error and
b. Identification of significant audit areas.
c. The setting of materiality level.
d. The possibility of material misstatements,
04. Nature, time and extend of procedure
a. Possible change on specific audit areas.
b. The effect of information technology on the audit.
05. Co-ordination, direction, supervision and review:
a. The number of locations.
b. Staffing requirements.

5.05 Understanding the entity

Why ?
a. To identify and assess the risks of material misstatement in the financial
statements.
b. To set up the materiality level in the financial statement.
c. To enable the auditor to design and perform further audit procedures.
What?
a. Industry, regulatory and other external factors,
b. Nature of the entity, including selection and application of accounting policies.
c. Objectives and strategies and relating business risks.
d. Evaluate the entity's financial performance.
e. Internal control
How?

9
 Assurance Hand Note
Professional Stage-Knowledge Level
By: Shafique Ahmed-Sr. Officer (Internal Audit-BSRM)

a. Inquiries of management and others within the entity.

b. Analytical procedures
c. Observation and inspection.
d. Prior period knowledge.
e. Discussion among the engagement team regarding material misstatement on the
financial statement.

5.06 Professional skepticism:

An attitude of professional skepticism means the auditor makes a critical assessment, with a
questioning mind, of the validity of audit evidence obtained and is alert to audit evidence
that contradicts,

5.07 Analytical procedures:

An analytical procedure means evaluation of financial information made by a study of
reasonable relationships among both financial and non-financial data. It also includes the
investigation regarding fluctuations.
The BSA states that, analytical procedures include:
The consideration of comparisons with:
 Comparable information for prior periods
 Expected results of the entity, from budgets or forecasts.
 Similar industry information, such as by using ratio analysis determine financial
performance, liquidity, solvency and efficiency.

5.08 Possible source of information about the client to perform analytical procedure:
 Interim financial information
 Budgets
 Management accounts
 Non-financialinformation
 Bank and cash records
 VAT returns
 Board minutes
 Discussions with the client at the year-end

5.09 Materially:
Information is material if its omission or misstatement would reasonably influence the
economic decisions of users taken on the basis of the financial statements.
Materiality depends on the size of error in the context of its omission or misstatement.
Audit Materiality should be considered by the auditor when:
 Determining the nature, timing and extent of audit procedures; and
 Evaluating the effect of misstatements.

5.10 Tolerable error:

The maximum error that an auditor is prepared to accept in a class of transactions or
balances in the financial statements.

10
 Assurance Hand Note
Professional Stage-Knowledge Level
By: Shafique Ahmed-Sr. Officer (Internal Audit-BSRM)

06. Risk assessment

6.01 Audit risk:

The risk that the auditors give an inappropriate opinion on the financial statements.
Inherent risk: The risk of misstatement that could be material, assuming there were no
related internal controls.
Control risk: The risk that a material misstatement would not be prevented, detected by the
accounting and internal control systems.
Detection risk:
The risk that the auditors procedures will not detect a misstatement that exists in an account
balance or class of transactions that could be material.

6.02 Steps to identifying and assessing the risks

 Identify risks regarding the process of obtaining an understanding of the entity
 Define the risks to what can go wrong at the assertion level.
 Consider whether the risks size that could result in a material misstatement
 Consider the possibility of the risks causing a material misstatement.

6.03 Significant risks:

 Risk of fraud
 Related to recent significant economic, accounting or other development
 The complexity of the transaction
 It is a significant transaction with a related party
 The degree of subjectivity in the financial information
 It is an unusual transaction

07. Process of assurance

7.01 Audit evidence:

All of the information used by the auditor in arriving at the conclusion, on which the audit
opinion is based.

7.02 Tests of controls:

Audit procedures performed to assess about the effectiveness of controls in preventing, or
detecting and correcting material misstatements at the assertion level.

7.03 Substantive procedures:

Audit procedures performed to detect material misstatements at the assertion level. They
include:
 Tests of detail of classes of transactions, account balances and disclosures.
 Substantive analytical procedures.

7.04 Sufficient appropriate audit evidence

An auditors should obtain sufficient appropriate audit evidence for able to draw reasonable
conclusions to base the audit opinion
 Sufficiency is the measure of the quantity of audit evidence.
 Appropriateness is the measure of the quality or reliability of the audit evidence.

11
 Assurance Hand Note
Professional Stage-Knowledge Level
By: Shafique Ahmed-Sr. Officer (Internal Audit-BSRM)

7.05 Procedures for obtaining Audit evidence:

 Inspection documents: that is examined records and document
 Inspection of tangible assets: that is physical verification of tangible assets.
 Observation: observe any process, procedure of entity by the company employee or
third party, such as observe inventory counting by company personnel.
 Inquiry: that is seeking information from knowledgeable person both financial and non-
financial throughout the entity or outside the entity.
 Confirmation: that is direct confirmation obtain from third party or bank of accounts
balance of specific types of accounts heads such as confirmation of balance of accounts
receivable from debtors.
 Re-calculation: that is mathematical accuracy checking of documents and records.
 Analytical procedure: Evaluating and comparing financial and/or non-financial data for
reasonable relationships and investigating unexpected fluctuations.

7.06 Audit of Accounting Estimates

Accounting estimated figures are arises, where the values included in the financial
statements are not the result of transactions with third parties but result from judgments
made by management.
The auditor uses three methods to conduct the audit:
 Test the process that management used to estimate the figure by
 Looking at past experience.
 Checking the calculation
 Considering if anything this year is likely to have changed the estimate
 Use an independent estimate
 Review subsequent events

7.07 Audit sampling:

Audit sampling involves the applications of audit procedures to less than 100% of selecting
item for test within an account balance or classes of transactions so as to gather sufficient
appropriate audit evidence to meet the objectives of the audit procedures.

7.08 Statistical sampling is any approach to sampling that involves random selection of a sample
and use of probability theory to evaluate sample results, including measurement of sampling
risk.

7.09 Non-statistical sampling is a subjective approach to inference, in that mathematical

techniques are not used consistently in determining sample size, selecting the sample, or
evaluating sample results.

7.10 Management Representation:

A written Representation made by management to the auditor during the course of the audit
to confirm certain matter or to support other audit evidence. BSA 580 Management
Representations states that an auditor should obtain appropriate representation from
management.
Management comprises officers (directors and company secretary) and others who perform
senior managerial functions.

7.11 Management representation as assurance evidence:

General matters:
 Acknowledges its responsibility for the preparation and fair presentation of the financial
statements in accordance with the applicable financial reporting framework and has
approved the financial statements.
 Acknowledges its responsibility for the design and implementation of internal control.

12
 Assurance Hand Note
Professional Stage-Knowledge Level
By: Shafique Ahmed-Sr. Officer (Internal Audit-BSRM)

 Believes that the effects of uncorrected misstatements aggregated by the auditors

during the audit are immaterial.
Audit evidence:
 Representations relating to responsibility for the financial statements, the auditors may
wish to rely on management representations as audit evidence.

7.12 When management representation is required:

 Seek to confirm audit evidence from sources inside or outside the entity
 Evaluate whether the representations made by management reasonable and reliable
with other audit evidence obtained, including other representations.
 Consider whether individuals making representations can be expected to well inform on
the particular matters.

08. Documentation

8.01 Audit Documentation:

Audit documentation (working papers) is the record of procedures performed, relevant
evidence obtained and conclusions reached.

8.02 Purpose of documentation:

 Assist the audit team to plan and perform the audit
 Assist relevant members of the team for direction and supervise audit.
 Enable the audit team to be accountable for its work
 Enable an experienced auditor to carry out quality control reviews
 Enable an experienced auditor to conduct external inspections in accordance with
applicable legal, regulatory or other requirements

8.03 The form and content of working Papers are affected by matters such as:
 The nature of the audit procedures to be performed
 The identified risks of material misstatements
 The level of judgment required in performing the work.
 The significance of the audit evidence obtained
 The nature and level of problems identified
 The audit methodology and tools used

8.04 The form and contents of Audit working Paper

 Information about understanding the entity and its environment, including internal
control.
 Evidence of the audit planning process
 Evidence of the auditor's consideration of the work of internal audit
 Analyses of transactions, balances and significant ratios and trends
 The assessed risks of material misstatements
 A record of the nature, timing, extent and results of audit procedures
 Evidence that the work performed by assistants was supervised and reviewed
 Copies of communications with other auditors, experts and other third parties
 Letters of representation received from the entity
 Copies of the financial statements and auditor’s reports
 Notes of discussions about significant matters with management and others

8.05 Contents of Permanent Audit files:

 Engagement letters
 New client questionnaire

13
 Assurance Hand Note
Professional Stage-Knowledge Level
By: Shafique Ahmed-Sr. Officer (Internal Audit-BSRM)

 The memorandum and articles of association

 Other legal documents such as Prospectuses, leases, sales agreements
 Details of the history of the client's business
 Board minutes of continuing relevance
 Previous years’ signed accounts, analytical procedures and management letters
 Accounting systems notes, previous years' control questionnaires

8.06 Contents of current file:

 Financial statements
 Accounts checklists
 Management accounts details
 Reconciliations of management accounts and financial statements
 A summary of unadjusted errors
 Report to partner including details of significant events and errors
 Review notes and it planning memorandum
 Time budgets and summaries
 Letter of representation
 Management letter
 Notes of board minutes
 Communications with third parties such as experts or other auditors

8.07 Safe custody, retention, ownership and right of access to documentation

 Assurance providers should retain documents for a certain period of time.
 Documents must be kept secure during this period due to confidentiality requirements
 Working papers belong to the assurance providers
 The report, once issued, belongs to the client.
 Assurance providers must keep working papers confidential.
 They must show working papers to the client at their discretion.
 They should obtain client permission before showing working papers to third parties.

8.08 Importance of confidentiality:

 Confidentiality is a fundamental ethical principle.
 Client information must be kept confidential unless there is a genuine exception to this
requirement.
 Confidentiality is important as it is a key factor in the trust between client and
accountant.

8.09 Security procedures to prevent accidental disclosure of information:

 Do not discuss client matters with any party outside of the accountancy firm (for
example, friends and family, even in a general way) as well as with colleagues in a public
place
 Do not leave audit files in cars or in unsecured private residences or to anywhere.
 Do not remove working papers from the office unless strictly necessary
 Do not work on electronic working papers on systems that do not have the requisite
protection.

8.10 Where an auditor can disclose information acquired in the course of professional
work:
 Consent obtained from the client, employer or other proper source, or
 There is a public duty to disclose, or
 There is a legal or professional right or duty to disclose.

14
 Assurance Hand Note
Professional Stage-Knowledge Level
By: Shafique Ahmed-Sr. Officer (Internal Audit-BSRM)

09. Reporting Criteria

9.01 Content of the audit report

 Title
 Addressee
 Introductory paragraph identifying the financial statements audited
 A statement of management's responsibility for the financial statements
 A statement of the auditor's responsibly
 Scope paragraph, including a description of the work performed by the auditor
 Opinion paragraph containing an expression of opinion on the financial statements
 Date of the report
 Auditor's address
 Auditor's signature

9.02 Unqualified Report:

Unqualified opinion should express when auditor understood that financial statement is give
a true and fair view or present fairly in all material respect, in accordance with an identified
financial reporting framework. Unqualified opinion should indicate any change of accounting
principle or method and also properly determine and disclose the effect of financial
statement due to the change.

9.03 Qualified Report:

The auditor should express qualified opinion when not possible to express unqualified
opinion. The matters for express qualified opinion are-
 The limitation of scope of audit work.
 Disagreement with the management for acceptability of selection and application
method of the accounting policy and the adequacy of the financial statement.

9.04 Adverse Report:

The auditor should adverse opinion on the financial statement when disagreement with the
management for acceptability of selection and application method of the accounting policy
will go in such a manner resultantly financial statement will became an incomplete manner
and carry inadequacy for disclose.

9.05 Disclaimer Report:

The auditor should express disclaimer opinion when the stage of scope limitation of audit is
so high level that the auditor could not possible to obtain sufficient appropriate audit
evidence so that the auditor cannot express the audit opinion on the financial statement.

9.06 Level of assurance and the expectations gap

The above report is designed to give a reasonable (high) level of assurance. The’ expectations
gap’ is defined as the difference between the clear public understanding regarding
responsibilities of auditors and assurance as per provision. The misunderstanding or
expectation gaps are given below:
 The audited financial statements will give guarantee that the entity will continue to
exist.
 All items in financial statements are tested
 Auditors will uncover all errors
 Auditors should detect all fraud
 The auditors provide absolute assurance that the figures in the financial statements are
correct.

15
 Assurance Hand Note
Professional Stage-Knowledge Level
By: Shafique Ahmed-Sr. Officer (Internal Audit-BSRM)

10. Substantive Procedure

01. Non-Current Assets:

Key areas when testing tangible non-current assets are:
 Confirmation of ownership (rights and obligations)
 Inspection of non-current assets (existence and valuation)
 Valuation, preferably by third parties (valuation)
 Adequacy of depreciation rates

Key areas when testing intangible non-current assets are:

 Confirmation that' assets' exist
 Confirmation of appropriate valuation

Key areas when testing investments are:

 Confirmation of existence
 Confirmation of ownership

Key areas when testing inventory are:

 Attending an inventory count (existence)
 Valuation at the lower of cost and net realizable value (valuation)
 In some cases, confirmation of ownership (rights and obligations)

Key areas when testing receivables are:

 Confirming debt owed by customers with customers (existence, rights and obligations,
valuation)
 Confirming debt is still likely to be collected (valuation)

Key areas when testing the balance sheet bank figure are:
 Confirming bank balances directly with the bank (existence, valuation, right and
obligation)
 Confirming reconciling differences calculated by the client are reasonable
(completeness, valuation)
 Confirming any material cash balances held at the client are correctly stated (valuation)

Key areas when testing payable are:

 Ensuring that all liabilities are included (completeness)
 Confirming that all liabilities are owed by the company (rights and obligation)

Long term liabilities

Risks include failure to make correct disclosures and miscalculation of interest.
There should be third party evidence from lender.

Income statement items

A key area when testing income statement item is completeness.

16
 Assurance Hand Note
Professional Stage-Knowledge Level
By: Shafique Ahmed-Sr. Officer (Internal Audit-BSRM)

11. Revenue System

Ordering
Key Risk
 Orders taken from customers who not able to Pay
 Orders taken from customers who pay for a long time
 Orders not recorded properly so customers lost.
Control:
 Segregation of duties; credit control, invoicing and inventory dispatch.
 Authorization of credit terms to customers
 Choose solvent customer
 Sequential customer order numbering
 Correct prices quotation given to customers
 Matching of customer orders with production orders and despatch notes
 Prompt Customer service.
Tests of control:
 All new receivable accounts have authorized by senior staff on not.
 Orders accept with credit terms and credit limits
 Customer order is matched with production orders and despatch notes or not.

Despatch and invoicing

Key Risk:
 Goods despatched but not recorded & invoiced so lost to the business
 Error invoices raised so customer dissatisfaction
 Invoices wrongly cancelled by credit notes so loss to the business.
Control:
 Authorization of despatch of goods
 Ensure quantity, quality and condition of delivery goods
 Recording of all goods outwards on a despatch note
 Pre-numbering of despatch notes and regular checks
 Preparation of invoices and credit notes
 Inventory records updated
 Regular review matching of sales invoices with despatch notes
Test of control:
 Sales despatch notes information (Quantities, price, discount, Calculation, entry, VAT,
Debtors ledger.
 Inventory records, Numerical sequence of despatch notes, order form.
 Authorization of special terms.

Recording:
Key Risk:
 Sales invoiced, credit notes not properly recorded
 Sales recorded wrong customer accounts
 Debts included on receivables ledger that not collectable.
Control:
 Segregation of duties: recording sales, maintaining customer accounts and preparing
statements
 Matching of cash receipts with invoices
 Regular preparation & checking of trade receivables statements
 Review and follow-up of overdue accounts
 Authorization of writing off for bad debts
 Reconciliation of receivables ledger control account
Test of control:

17
 Assurance Hand Note
Professional Stage-Knowledge Level
By: Shafique Ahmed-Sr. Officer (Internal Audit-BSRM)

Sales day book

 Check entries with invoices and credit notes.
 Check postings to receivables ledger
Receivables ledger
 Check control accounts regularly reconciled total receivables ledger balances
 Check that trade receivables statements are prepared and sent out regularly
 Check overdue accounts have been followed up
 Check that all bad debts written off have been authorized by management

Cash collection:
Key Risk:
 All monies received are recorded
 All monies received are banked
Control:
Segregation of duties.

12. Purchase system

Ordering:
Risks:
 Unauthorized purchases may made for personal use
 Goods and services might not obtained on the most advantageous term
Control:
 Segregation of duties: requisition and ordering
 Quantities and re-order levels
 Authorization of order forms
 Pre-numbered order forms
 Safeguard of blank order forms
 Monitoring of supplier terms and taking advantage of favorable conditions
Test of control:
 Review list of suppliers and check a sample to orders made
 Check pre-numbered order forms
 Check orders are supported by purchase requisition
 Review security arrangements over blank orders

Goods inward and recording of invoices

Risk:
 Goods may misappropriated for private use
 Goods may accepted that which was not ordered
 Invoices may not recorded for non-payment
 The company may not take advantage of full period of credit facility
Control:
 Examination of goods inwards-Quality, Quantity, Condition, accuracing of pricing
calculation
 Recording goods in pre-numbered goods received notes
 Comparison of goods received with purchase orders and suppliers invoices
 Segregation of duties: accounting and checking functions
 Regular maintenance of payables ledger
Test of control:
 Check that the item is agreed in origin or brand and size with the work order as well as
requisition.
 Reconcile quantity of item between MRR & Challan and affect made in the bill.
 Proper approval made in the bill.

18
 Assurance Hand Note
Professional Stage-Knowledge Level
By: Shafique Ahmed-Sr. Officer (Internal Audit-BSRM)

 Checking physical existence of goods by physical verification.

Payment:
Risk
 False invoices are paid in error
 Invoices are paid too soon
 Payment is not correctly recorded
 Credits are not correctly recorded
 Payments are not recorded in the right period
Control:
Cheque and bank transfer payments
 Cheque and bank transfer requisitions
 Authority to sign cheques
 Prompt dispatch of signed cheques
 Payments recorded promptly In cash book and nominal and payables ledgers
Cash payments) Authorization of expenditure
 Cancellation of vouchers to ensure they cannot be paid twice
 Limits on payments
 Rules on cash advances to employees, lOUs and cheque cashing

Test of control:
Payments cash book (authorization)
 Compare with paid cheques to ensure Payee agrees
 Check that cheques are signed by persons authorized and within their authority limits
 Check that bank transfer was authorized and initiated by appropriate person
 Check to suppliers' invoices for goods and services' Verify that supporting documents
are signed as having been checked and passed for payment

Payments cash book (recording):

 Check the sequence of cheque numbers and enquire into missing numbers
 Trace transfers to other bank accounts, Petty cash books
 Check balances forward at the beginning and end of the months covering the Periods.
 Check Postings to the Payables ledger

13. Employee costs

Calculating wages and salaries

Risk:
 The company may pay employees too much money
 The company may pay employees who have not been at work
 The company may pay employees who have left
Control:
 Staffing and segregation of duties
 Maintenance of personnel records and regular checking of wages and salaries to details
in personnel records
 Proper authorization taken
 Recording and review of hours worked by timesheets as well as attendance,
 Recording of advances of pay & Holiday pay arrangements
Test of control:
 Check that the wages and salary summary is approved for payment.

19
 Assurance Hand Note
Professional Stage-Knowledge Level
By: Shafique Ahmed-Sr. Officer (Internal Audit-BSRM)

 Check that the engagement of new employees and release has been confirmed in
writing.
 Check calculations of wages and salaries are being checked.
 For wages, check calculation of gross pay with:
- Authorized rates of pay
- Production records. See that production bonuses have been authorized and
properly calculated
- Clock cards, time sheets or other evidence of hours worked. Verify that overtime
has been authorized
 For salaries, verify that gross salaries and bonuses are in accordance with personnel
records, and that increases in pay have been properly authorized.

Recording of wages and salaries and deductions:

Risks:
 The various elements of pay might not be recorded correctly in the payroll
 Amounts paid to employees might not be reflected in the cash books
 Pay might not be recorded correctly in the nominal ledger

Controls:
 Bases for compilation of payroll (for example, clock cards, overtime records, agreed
hours)
 Maintenance of separate employees' previous records
 Reconciliation of total pay and deductions.
 Comparison of actual pay totals with budget or standard costs and investigation of
differences between them
 Agreement of gross earnings and total tax deducted with taxation returns.

Test of control:
 Reconciliation of wages and salaries'
 For wages, there should have been reconciliations with:
- The previous week's Payroll
- Clock cards/time sheets/job cards
- Costing analyses, production budgets
 The total salaries should reconciled with previous month salary
 Postings of summary to nominal ledger (including control accounts)
 Total of net pay column posting into the cash book
 Auditors should check the calculations of taxation and other deduction to appropriate
records

Payment of wages and salaries

Risks
 The key risks here are that
 People who are not employees are paid
 Employees are not paid.
Control:
 Segregation of duties
 Authorization of wages payment
 Custody of cash
 Recording of distribution
Test of control:
 Check that proper approval taken and calculation review performed before payment
 Before wages paid compare payroll with wage to ensure all employees get wages.
 Examine receipts given by employees
 Check that no employee receives more than one wage packet'

CA in Bangladesh 20
www.facebook.com/cainbd