Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
PRACTICE EXAMINATION #1
(Updated to the 2015/2016 Module Notes)
AU2
Before starting to write the examination, make sure that it is complete and that there are no
printing defects. This examination consists of 6 pages. There are 6 questions for a total of 100
marks.
To assist you in answering the examination questions, CGA-Canada includes the following glossary of terms.
Glossary of Assessment Terms
Adapted from David Palmer, Study Guide: Developing Effective Study Methods (Vancouver: CGA-Canada, 1996).
Copyright David Palmer.
Calculate
Compare
Contrast
Criticize
Define
Describe
Design
Determine
Diagram
Discuss
Evaluate
Explain
CGA-CANADA
ADVANCED EXTERNAL AUDITING [AU2]
PRACTICE EXAMINATION #1
(Updated to the 2015/2016 Module Notes)
Marks
12
Time: 4 Hours
Question 1
Select the best answer for each of the following unrelated items. Answer each of these items in your
examination booklet by giving the number of your choice. For example, if the best answer for item (a)
is (1), write (a)(1) in your examination booklet. If more than one answer is given for an item, that item will
not be marked. Incorrect answers will be marked as zero. Marks will not be awarded for explanations.
Note:
11/2 marks each
a.
Which of the following statements about the relationship between a clients business risk (BR) and the
appropriate level of audit risk (AR) is most likely to be true?
1) If BR increases, AR increases.
2) If BR decreases, AR increases.
3) If BR increases, AR decreases.
4) There is no relationship between BR and AR.
b. Which of the following is most likely to be of concern when a CGA conducts an audit of the financial
statements of a company that uses an e-commerce application?
1)
2)
3)
4)
c.
Which of the following is least likely to affect the auditability of a small business?
1) Inadequate accounting records
2) Inadequate segregation of duties
3) A lack of source documents
4) Questionable management integrity
d. What should the auditor consider when developing an understanding of the client?
1)
2)
3)
4)
e.
Which of the following is least likely to be a necessary condition allowing the performance of a
continuous auditing assurance engagement?
1)
2)
3)
4)
Continued...
PEAU2 #1
Page 1 of 6
f.
Which of the following situations represents an incentive or pressure (fraud risk factor) that increases
the risk of material misstatement?
1)
2)
3)
4)
g. What must the external auditor consider about the internal auditor if the decision is made to rely on
the internal auditors work during the financial statement audit?
1)
2)
3)
4)
h. Which of the following elements of the audit risk model is most likely to take the lowest numeric
value for a small business client?
1)
2)
3)
4)
15
Audit risk
Inherent risk
Control risk
Detection risk
Question 2
The following are five independent situations involving possible violations of the CGA-Canada Code of
Ethical Principles and Rules of Conduct (CEPROC) and/or standards for the performance of audits,
reviews, other forms of assurance engagements, and/or related services.
Required
For each situation, state whether or not the CGA has violated CEPROC and/or other standards. Explain
your reasoning.
3
a.
Rajan, a CGA, has compiled the financial statements of his client, Home Management Ltd., for many
years. The company manages a number of local apartment complexes that it jointly owns with several
groups of foreign investors. This year, the president of the company offers Rajan an investment
opportunity in one of the apartment buildings, which the president suggests will likely soon be
acquired by the city at a premium price and converted to social housing. Rajan readily agrees, invests
$200,000 in the building, and three months later realizes a gain of $50,000 on the investment. Later, to
show his appreciation to the client, Rajan compiles the financial statements of the company for the
current year free of charge. Rajan issues standard notices to readers with the compilations.
b. Li Mei, a CGA, is auditing the financial statements of Fantastic Fashions Ltd. Li Mei has been the
auditor of the company for several years, and has rarely found any material misstatements. As a result,
she assesses overall inherent risk for the engagement as low. Also, since Li Mei has found the clients
key internal controls to be very reliable in past audits, she updates her knowledge of the clients
systems, performs several walk-through tests of a few transactions, and assesses overall control risk as
low. Because of the very low assessed risk of material misstatements, Li Mei limits her substantive
testing to verifying the cash account and calculating a variety of financial ratios, all of which are in
line with her expectations. She then issues an unmodified opinion on the clients financial statements.
Continued...
PEAU2 #1
Page 2 of 6
Jen, a CGA, is performing a review of her clients financial statements. In doing so, she has made
inquiries of the clients management and other personnel, calculated a variety of financial statement
ratios and compared them to prior years amounts and to the ratios of other companies in the industry,
and discussed the results with management. Based on these procedures, Jen believes that the financial
statement amounts are plausible. However, in addition to these procedures, the clients president asks
Jen to reconcile the companys bank accounts and confirm bank balances, so as to provide an
independent check on the work of the chief accountant who started two months ago. As a result of
these additional tests, Jen concludes that the chief accountant is likely stealing small amounts of cash
from the company each week. She informs the president of her concerns, and then issues a normal
review engagement report on the financial statements, since she believes that the amounts stolen are
not likely to be material.
c.
d. Dean, a CGA, is informed by his client that he will not be allowed to confirm any accounts receivable
balances this year because several customers have complained to the company about being bothered
by these confirmation requests. Dean agrees to this restriction, and instead examines sales invoice
copies in support of a large percentage of the open customer accounts at year end. Finding no
exceptions, Dean concludes that he has obtained reasonable assurance that the receivables are not
materially misstated.
e.
Ross, a CGA, audits the financial statements of Natural Foods Ltd., a closely held company. Ross also
prepares the companys tax return, as well as the personal tax return of the owner-manager. This year,
the owner asks Ross to assist him in designing a computerized perpetual inventory system to improve
the companys inventory controls. Ross does so, and bills the client for an amount that exceeds 500%
of his usual audit fee. Finally, because the client is very pleased with the quality of Rosss work on the
inventory system, the owner pays, from his personal funds, for a two-week vacation in the South
Pacific for Ross and his spouse, which Ross accepts.
Question 3
The following are four independent statements concerning certain auditing issues.
Required
For each statement, indicate whether you agree or disagree. Explain your reasoning.
2
a.
The fact that internal controls can be circumvented by collusion, management can override controls,
and controls over unusual or non-recurring transactions are normally weak, indicates that these are all
inherent limitations of internal controls and that control risk cannot be assessed at zero.
b. Sequence checks, limit tests, range checks, and completeness checks are all examples of computer edit
routines that are normally verified by an auditor using generalized audit software.
c.
d. Under current auditing standards, a CGA has no responsibility to detect violation of laws and
regulations and resulting illegal acts perpetrated by a client in the conduct of its business (for example,
violating pollution control laws).
When an auditor uses an audit expert (also termed a specialist) to assist in verifying a material part of
a companys financial statements, the auditor must ascertain the specialists expertise, objectivity, and
independence. The specialists findings are usually mentioned in the scope paragraph of the auditors
report containing an unmodified opinion.
Continued...
PEAU2 #1
Page 3 of 6
13
35
Question 4
3
a.
In a small business audit, the relationship between the auditor and the client is likely to be close.
Discuss briefly the audit implications of this situation.
b. An important issue when planning a small business audit is the choice between using a substantive
approach and a combined audit approach. Discuss briefly the considerations that would enter into this
audit planning decision.
c.
d. Describe the general situation in which a group engagement team may have to rely on the work of a
component auditor, and describe the factors the group engagement team must consider when deciding
whether to place reliance on a component auditor.
Packaged software is likely to be used for the accounting for a small business. State the control issues
the auditor should consider with respect to the packaged software used by a small business.
Question 5
You are an audit senior employed by Olsen & Abrams, CGAs. You have been asked by the audit partner
to provide an assessment of control risk for the audit of the financial statements of Acme Tires Ltd. and to
identify any additional audit procedures over the prior year that might be required. For control weaknesses
that are to be reported to management, you have been asked to provide recommendations for
improvement.
Acme is a closely held private company, with its next fiscal year ended September 30, 20X0. Acme
distributes automobile and truck tires from various manufacturers across Canada. Acme has been an audit
client of your firm for several years and has traditionally been profitable, although net income this year has
dropped by about 15%.
Based on your review of the working papers (including various memoranda and review notes prepared by
the audit staff and the engagement partner) and the proposed financial statements and audit opinion, you
have noted the following issues that have arisen during the past year:
1. Acme has five highly automated regional distribution centres that distribute to hundreds of local
sellers of tires. Each regional centre also has warehouse sale days when the warehouse is open to the
public, which can purchase certain tires that Acme is having trouble selling to retailers at discounted
prices. Acme has increased the frequency of the warehouse sale days to three days every two weeks.
Because of staff cutbacks, it is the same two employees that run this sale and manage the inventory for
the sale.
2. A major reason for the low profit this year was that the companys costs of sales were unusually high.
The company had fixed price contracts from foreign suppliers that were not hedged.
3. Acmes head office is in Vancouver. The companys information technology outsourcers, who
maintain the new secure website implemented this year and support Acmes software, are also located
in Vancouver. Acmes secure website has a customer portal that is used by many customers to order
products, determine the status of an order, and to use credit cards to pay for their purchase online.
4. Acme has the same accounting software package suite implemented at four of its five distribution
centres. The fifth centre, Halifax, implemented a different accounting software package suite this year,
using its operating budget, since it wanted to reduce costs in the accounting office. The regional
manager stated that the software approved by head office is too difficult to use.
Continued...
PEAU2 #1
Page 4 of 6
5. Since there have been no major information systems acquisitions for several years, and none are
planned, Acme disbanded its IT steering committee about three years ago. At that time, the committee
had finished some major work approving updates to the companys privacy policies, security policies,
employee information systems practices, disaster recovery plans, and long-term information systems
strategies. Discussion with the CEO indicates that the company believes it will be necessary to reactivate the committee in three to four years.
6. Each region has a local area network that includes two point-of-sale terminals (used for over-thecounter sales and the warehouse sale days) and about 15 other stations.
7. Because of plummeting sales and revenues, the company has modified its service contracts so that
on-site maintenance of computing equipment is done quarterly rather than monthly. Some functions,
such as anti-virus updates are automated. However, there was a problem with the Halifax network,
and the Vancouver senior accountant complained that he has recently received virus-infected
spreadsheets from Halifax.
8. Payroll is handled using a reputable service organization that has thousands of accounts. The senior
accountant in Vancouver is responsible for payroll data entry.
Required
30
Provide an assessment of control risk. Explain the control weaknesses that are to be reported to
management, provide recommendations to management for improvement, and identify the impact on the
audit. Identify any additional audit procedures over the prior year that might be required.
Note:
Limit your memo to about 1,000 words.
Continued...
PEAU2 #1
Page 5 of 6
17
Question 6
You have been assigned to assist your audit team in the audit of the accounts receivable of XYZ Company
using ACL (Audit Command Language), which is generalized audit software.
Control risk has been set at maximum, so the audit senior would like your input into the planning process
of accounts receivable. The audit manager would like to know which audit procedures can be conducted
by ACL using the data files below, and how this would link to the audit assertions that are relevant to
accounts receivable.
Accounts receivable master data file contents:
Customer number
Customer name
Customer contact details
Customer billing address
Customer shipping address
Credit limit
Sales person
Accounts receivable balance
Accounts receivable transaction file (containing unmatched or unpaid transactions):
Customer number
Transaction type (I invoice, C credit note, A adjustment)
Transaction number
Transaction date
Transaction amount
Required
15
2
100
PEAU2 #1
Page 6 of 6
CGA-CANADA
ADVANCED EXTERNAL AUDITING [AU2] PRACTICE EXAMINATION
SUGGESTED SOLUTIONS #1
(Updated to the 2015/2016 Module Notes)
Marks
12
Time: 4 Hours
Question 1
Note:
11/2 marks each
Sources:
a.
f.
Question 2
Source: (a) Topic 9.4 (Level 1); (b) Topics 2.4, 3.4, and 4.1 (Level 1); (c) Topic 9.1 (Level 1);
(d) Topic 2.5 (Level 1); (e) Topic 1.6 (Level 1); and Topic 1.6 (Level 1) and CGA-Canada Code of Ethical
Principles and Rules of Conduct (CEPROC)
3
a.
Violation. Since Rajan only compiles the financial statements of his client, Home Management Ltd.,
he need not be independent. However, the fact that he is not independent must be disclosed in his
notice to reader. In this case, Rajan lost his independence when he invested in the clients business (a
self-interest threat), so this absence of independence must be disclosed. In addition, the fact that Rajan
compiled the financial statements for free suggests an inappropriately close relationship (familiarity
threat) with the client, further harming Rajans independence.
b. Violation. Li Mei has violated Canadian Auditing Standards by failing to perform tests of control
while assessing control risk at a low level. A walk-through test is simply a way in which a CGA can
obtain knowledge concerning the design of control procedures; it is not a test of internal controls.
Also, Li Meis limiting of her substantive testing to financial ratio analysis (plus verifying the cash
account) violates GAAS, as such analysis does not constitute sufficient appropriate evidence to
support the assertions in the financial statements. Ratio analysis is most useful in the planning and
completion stages of an audit as a means of directing the auditors attention to possible problem areas.
It is not an appropriate means of obtaining assurance, since the auditors expectations are not likely to
be sufficiently precise. To comply with GAAS, more substantive testing would be necessary, even if
Li Meis assessment of a very low risk of material misstatement was justifiable (which it is not).
Continued...
PSAU2#1
Page 1 of 8
No Violation. Jens review procedures, consisting of inquiry, analysis, and follow-up discussions with
management, are appropriate in a review engagement, as is her conclusion that the financial statement
amounts are plausible. Performing additional audit procedures at the clients request is also
appropriate, although the CGA must be careful not to blur the distinction between a review and an
audit, which might suggest that more than moderate assurance was being provided. Here the president
specifically requested that certain procedures be performed to help monitor the activities of his staff
so ambiguity does not seem to be a problem. Finally, Jens decision to inform the president of her
suspicions that the chief accountant was stealing an immaterial amount of cash from the company is
appropriate, although it may be prudent for Jen to delay the issuance of her review engagement report
until the fact and amount of the theft of cash is more clearly established.
c.
d. Violation. Dean has violated Canadian Auditing Standards by agreeing to a material client-imposed
scope restriction concerning the confirmation of accounts receivable that has no valid business
purpose. While some customers may be annoyed by confirmations, this does not justify eliminating all
confirmation work. Dean should have discussed specific clients that might be excluded from
confirmation, and performed alternative procedures on those accounts. Also, Deans alternative
procedure of simply examining sales invoice copies does not constitute sufficient appropriate
evidence. Sales invoices are client-prepared documents and constitute very weak audit evidence.
Instead, Dean should have examined evidence supporting subsequent payments of the receivables, as
well as customer orders and shipping documents supporting accounts receivable that remained
uncollected for some time after the end of the clients fiscal year.
e.
8
2
Violation. Ross is not independent from his audit client by virtue of the fact that he accepted a large
gift a two-week paid vacation to the South Pacific from the clients owner. This gift creates a
serious familiarity threat to Rosss independence, both in fact and in appearance. Were it not for the
lack of independence, Ross could otherwise audit the financial statements and also perform tax work
and systems design work for the client, since Natural Foods is a closely held company. The systems
design work would not be appropriate if the client was a listed company. Finally, the fact that the fee
for the systems design consulting service was very large (500%) relative to Rosss audit fee is, in
itself, of no consequence if Ross has a sufficient number of other clients such that the fee does not
result in economic dependency on the client.
Question 3
a. Source: Topics 2.4 and 7.4 (Level 1)
Agree. All of the elements listed are inherent limitations of internal controls. Because of such
limitations, internal control can never provide management or the auditor with absolute assurance that
material misstatements dont exist. This implies that control risk must always be assessed at a value
greater than zero.
c.
PSAU2#1
Page 2 of 8
13
3
Question 4
a. Source: Topic 8.7 (Level 1)
The probable close relationship between an auditor and client in a small business engagement is likely
to result in the auditor performing a variety of services for the client, not just a financial statement
audit. The auditor may provide tax advice, general consulting services, advice on accounting policy
choices and the treatment of specific transactions, and assistance in the accounting function. On the
positive side, the close relationship would assist the auditor in obtaining detailed knowledge of the
clients business, as well as the integrity and operating style of the owner-manager. On the negative
side, the close relationship can impair the auditors independence in fact or in appearance. There is a
threat that the auditor will function as an employee of the business, not as an independent
professional. In addition, a close personal relationship with the owner-manager may result in biases in
judgment and a loss of objectivity.
c.
Access controls. Who has physical access to the hardware and software, and are passwords properly
used and controlled? Effective passwords can help to implement effective segregation of duties.
Program development controls. Who has authority and access to modify the software package?
While the underlying program code is likely inaccessible, packaged programs have settings that can
change processing and that need to be controlled.
Backup. Are appropriate backup files maintained, and are they stored off-site to facilitate
reconstruction of the files in the event of a system failure or other disaster?
Continued...
PSAU2#1
Page 3 of 8
35
Question 5
Source: Topics 2.5, 4.1, 4.2, 4.3, 4.5, 5.1, 5.3, 5.4, 6.3, 6.5, and 10.2 (Level 1)
Note:
Maximum 30 marks for content and 5 marks for communication skills. Candidates will provide different solutions. The major issues to be
addressed and the allocation of marks are shown in this sample memo.
MEMO
Date:
To:
From:
Re:
Current date
Audit Partner
Audit Senior
Preliminary control risk assessment for Acme Tires Ltd. for the year ended September 30,
20X0, and additional audit procedures required
Overall, control risk should be set at high because of a deteriorating control environment in which
management does not seem to be effectively monitoring and mitigating risks. This memo describes my
reasoning for the control risk assessment and indicates some matters that should be communicated to
management in a management letter. My analysis also indicates two new systems (a secure website and an
accounting software suite at one region) that require additional field work. We will need to document the
controls at these systems, and conduct a conversion audit of the new accounting systems at the Halifax
distribution centre. Since the new secure website likely has many automated functions, computer-assisted
testing and reliance on programmed controls is desirable. The client has also discovered a virus, which
may affect data and program quality if it has not been contained.
Note:
Maximum 3 marks. A complete answer will indicate the following: (1) there are serious control deficiencies with respect to the control
environment, (2) conversion audit will be needed for the new accounting systems, and (3) the use of the new secure website requires
changes in audit procedures.
Control risk is assessed as high because of the following control environment issues:
1. Information technology governance is lacking, resulting in poor control over implementation of new
systems.
2. There have been cutbacks in outsourcing services that could result in deteriorating service.
3. Cutbacks (or other causes) seem to have resulted in less segregation of duties.
Further details on these items follow, stating the impact and potential recommendations to management
that we could include in a management letter to the client.
1. Information technology governance
Management has again indicated that it feels it does not require an IT steering committee. The impact may
be that policies (such as privacy policies and security policies) could be out of date. Also, one region has
decided to implement its own software, which could result in incompatibility issues between regions,
increasing the potential for error with data transfers or on consolidation of regional data. We recommend
that management reconsider its position and implement greater oversight of the IT process.
As auditors, we will need to assess the process used to integrate the Halifax operational data into national
results. If there is poor oversight of implementations, there may have been problems in the implementation
of the new website, so we should also evaluate that process.
Note:
Maximum 5 marks. A complete answer will include both the management issues (the difficulties associated with the absence of an IT
steering committee or oversight process) and the impact on the audit of the Halifax and new website implementation.
Continued...
PSAU2#1
Page 4 of 8
2. Cutbacks in outsourcing
Management has reduced its information systems maintenance from monthly to quarterly. This reduction
may not have an immediate operational impact, but could have contributed to the presence of a virus
discovered in Halifax spreadsheets, discussed in the next section.
We should inquire further with respect to the extent of the maintenance done and how it might affect the
accounting records. Also, if management has cut back these functions, we should inquire about any further
activities that may have been cut back.
Note:
Maximum 4 marks. A complete answer will consider the implications of the maintenance cutback and whether this is just one indicator of
other cutbacks at the organization.
Continued...
PSAU2#1
Page 5 of 8
Continued...
PSAU2#1
Page 6 of 8
Feel free to contact me if you want to discuss any of these issues in more detail. In closing, there are many
serious unresolved matters with respect to our audit of Acme Tires Ltd. The cost of the audit will rise
because of the need for additional audit procedures stemming from the new systems in place at the client
organization.
Note:
A maximum of 30 marks may be awarded for the substance of the memo.
5
17
The final 5 marks are allocated for clarity, logic and persuasiveness.
Question 6
Source: Topics 2.5, 4.6, 5.8, and 7.4 (Level 1)
Note:
Maximum 15 marks for content and 2 marks for communication skills. Candidates will provide different solutions. The major issues to be
addressed and the allocation of marks are shown in this sample memo. Not all of the points below need to be made to receive full marks
(15) for the substantive portion of the question.
Date:
To:
From:
Re:
MEMO
Current date
Engagement manager
CGA
Audit procedures for XYZ Company that could be conducted using ACL
When control risk is high, we can conduct substantive audit tests at low cost that make the audit more
effective. Calculations can be done for all transactions, control totals can be easily calculated, and
investigative tests that are dual purpose can be done to search for warning signs of fraud (such as looking
for customer addresses that are the same as employee addresses). I have listed a selection of tests below
for you to consider. If there are any further tests that you would feel are useful, please let me know.
Continued...
PSAU2#1
Page 7 of 8
Audit test
Note:
A maximum of 15 marks may be awarded for the substance of the memo. Other audit procedures are possible. The key is to clearly
explain the purpose of the audit test and how it relates to the overall audit process.
The final 2 marks are awarded for professional capabilities: a clear description of the audit procedures that
also serves an educational function to the audit manager, linking the automated audit procedures to the
audit process.
END OF SOLUTIONS
100
PSAU2#1
Page 8 of 8