2006 Auditing and Audit Practice Exams and Impact of the Transition to International Standards on Auditing (ISA) By: Maura McElhinney, P2 Audit Practice Examiner and John Choma, P1 Auditing Examiner. Authors comments: This purpose of this article is twofold: 1. Provide candidates with an overview of the syllabus and structure of the 2006 Auditing and Auditing Practice exams to enable them to more effectively prepare for these exams. 2. Provide candidates with an overview of International Standards on Auditing (ISA), highlighting some of the key changes in auditing standards. PART 1 PROFESSIONAL 1 AUDITING AND PROFESSIONAL 2 AUDIT PRACTICE EXAMS AUDITING EXAMS- PRFOESSIOAL 1 1. The only major change for 2006 is the Examinable Material Document. Candidates are now required to have Knowledge Level 2 of: International Standards in Auditing (ISA's), instead of Statement of Auditing Standards (SASs), with particular emphasis on those standards specifically relating to the main areas of questions (see Section 5). APB Ethical Standards (ESs), particularly ES1 and ES2, in addition to the CPA Code of Professional Ethics, Practice and Conduct. The secondary knowledge requirements for the CLEA and Companies Act (1963 to 2003) continue. Candidates should only really concern themselves with examinable IFRS/IAS, Practice Notes and Technical Statements that relate to key financial statement items such as inventory. 2. Candidates are expected to apply the new concepts and terminology arising from the ISAs and ESs. For example, a Management Letter, if required, should be addressed to those charged with corporate governance, instead of senior management. 3. Candidates should ensure that they have the requisite level of technical knowledge, and can apply their knowledge to a range of case scenarios. This can be achieved by focusing on past exam questions, and by focusing on thinking their way through situations presented. 4. In general, 50% of the marks of each question will have a practical focus, relating to case facts, while the remaining 50% will have a technical - theoretical focus. 5. The exam format remains the same. 6. The topic format remains the same, namely: Page 1 of 7
Core Areas Core areas are primarily covered in the mandatory questions as follows: Key internal control audit (Syllabus Area 5) Audit of internal control of key systems (sales, purchases, payroll, cash receipts, cash disbursements, inventory and fixed assets) in particular weakness identification and assessment in a Management Letter format, and internal control documentation and testing. Key financial statements audit (Syllabus Area 6) Application of substantive audit procedures to important Balance Sheet items (cash, receivables, inventory, tangible assets, liabilities and bank loans) and related Income Statement items. Computer auditing (Syllabus Area 11) Particularly covers environment, system and application controls, and audit procedures (CAATS) and to a lesser degree, related audit planning and administration issues. The mandatory questions may also cover other areas as secondary topics: Other Areas Other areas are primarily covered in optional questions, listed as follows by major focus: Other financial statement items audit and other audit considerations (SA 5,6,7) Includes such issues as going concern, subsequent events, contingencies, management representations, use of experts, sampling techniques, analytical review, as well as the audit of lesser important financial statement items Audit reporting (Syllabus Areas 8,9,1,2) Includes such issues as the auditor s report and opinions, the auditor s and directors respective responsibilities, audit purpose and users expectations. Audit planning, administration and quality control (Syllabus Area 4) Legal and ethical requirements, including CLEA (Syllabus Areas 3,10,12) An optional question may also cover a core area and/or another optional question topic area as secondary topics. Page 2 of 7
AUDIT PRACTICE EXAMS 1. The syllabus has been revised for the 2006 exams primarily to reflect the adoption of International Auditing Standards as the auditing base. This reflects the major change in the Exam Material Document for 2006, but in essence will not result in any other major changes to the 2006 papers format and educational focus, other than more guidance on corporate governance. 2. Hence, the only major change for 2006 is the Examinable Material Document. Candidates are now required to have Knowledge Level 1 of: International Standards on Auditing (ISA's), instead of Statement of Auditing Standards (SASs), with particular emphasis on those standards specifically relating to the main areas of questions 1 and 2 (see Section 5). APB Ethical Standards (ESs), particularly ES1 and ES2, in addition to the CPA Code of Professional Ethics, Practice and Conduct. The secondary knowledge requirements for the CLEA, CJA, CJO and Companies Act (1963 to 2003) continue. Candidates should only really concern themselves with examinable IFRS/IAS and Practice Notes that relate to key financial statement items such as inventory. 3. Candidates are expected to apply the new concepts and terminology arising from the ISAs and ESs. For example, a Management Letter, if required, should be addressed to those charged with corporate governance, instead of senior management. 4. Candidates should ensure that they have the requisite level of technical knowledge, and can apply their knowledge to a range of case scenarios. This can be achieved by focusing on past exam questions, and by focusing on thinking their way through situations presented. 5. Candidates should ensure that they have the requisite level of technical knowledge, and can apply their knowledge to a range of case scenarios. This can be achieved by focusing on past exam questions, and focusing on thinking their way through the situations presented 6. In general, 75% of the marks of each question will have a practical focus, relating to case facts, while the remaining 25% will have a technical - theoretical focus. 7. Educators should encourage candidates to download from the internet a recent annual report from an Irish publicly listed company such as CRH so as to familiarize themselves further with these areas regarding corporate governance and audit reporting. 8. The topic format remains much the same other than a more restricted scope for assurance engagements and more guidance on corporate governance in the optional questions. Core areas [Syllabus Areas 3 & 4] Core areas are primarily covered in the mandatory questions. They concern the audit of important internal control systems and financial statement items, as well as computer auditing (environment, controls and procedures) and related audit planning, administration and quality control issues, in the following settings: Page 3 of 7
Non-directed practical audit planning focus question, where candidates are required demonstrate judgement in identifying and discussing key audit planning issues, based on information contained in a case study scenario. Directed practical audit execution primary focus question, where candidates are directed to discuss identified key audit issues primarily arising at the audit execution phase, based on information contained in the case study scenario. Candidates faring well on the mandatory core questions generally do well in the exam. Core areas may also be covered as secondary topics in optional questions. Other areas Other areas are primarily covered in the optional questions, listed as follows by major focus: Reporting and Other Assurance Engagements[Syllabus Area 5] Audit reporting and other assurance engagements (reviews ) conduct and reporting, as well auditing in special environments (small businesses and charities). Ethics and legal requirements, [Syllabus Areas 1, 2 & 6 (laws)] See syllabus. Corporate governance and current developments [Syllabus Areas 6 & 7] Current developments will focus on key ISAs matters. Page 4 of 7
PART 2 INTERNATIONAL STANDARDS ON AUDITING (ISA) (UK & IRELAND) 2.1 Rationale for adopting ISA The Auditing Practices Board (APB) believed that UK and Irish auditing standards needed to be reviewed as part of a continuous programme of improvement, and also in the context of recent reporting irregularities involving fraudulent financial reporting and earnings management. Rather than working in isolation, the APB has decided that it would be more effective to contribute to the international effort through the International Auditing and Assurance Standards Board (IAASB), and thereby demonstrate its commitment to the worldwide harmonisation of auditing standards. The APB has decided that this would be best achieved adopting the complete suite of ISAs in substitution of existing SASs for accounting periods on or after 15 December 2004. 2.2 Adoption process maintaining the quality of UK and Irish auditing standards In order to maintain the quality of UK and Irish auditing standards, the APB has incorporated into the ISAs (UK and Ireland) SAS material that contain higher standards than those contained in the equivalent ISAs. This additional material in the ISA UK and Ireland will be clearly differentiated from the ISA (Model), and over time, the APB hopes to withdraw such supplementary material as relevant ISA are revised by IAASB. 2.3 Volume of change The APB believes that the adoption of the ISAs will not involve many changes of substance to existing standards or to the work currently undertaken by auditors, since the ISA requirements are to a large degree addressed in existing SASs, other than a few new ISAs, which are summarised in section 1.5, including the new audit risk and fraud standards (ISAs 315 and 330 and ISA 240). In addition, a clarification of the concept those charged with governance is included in each ISA 2.4 Summary of key changes in auditing standards Audit risk - ISA (UK and Ireland) 315 and 330 The audit risk model has been substantially revised. The primary objective of the new audit risks ISAs are for auditors to identify and assess the risks of material misstatement at the financial statement level and at the assertion level for classes of transactions, account balances and disclosures. The auditor then determines the nature, timing and extent of audit procedures to respond to those risks and reduce them to an acceptably low level. Changes in practice that the audit risk ISAs seek to achieve include: Obtaining and documenting a broader understanding of the entity and its environment, including its process for identifying business risks relevant to financial reporting objectives, and its information systems and internal controls An audit team discussion of the susceptibility of the entity s financial statements to material misstatement Determining which risks identified are significant risks that require special audit consideration Designing and performing further audit procedures that are linked to the assessed risks. Page 5 of 7
Fraud - ISA (UK and Ireland) 240 This ISA builds on the above new audit risk ISAs (UK and Ireland), which requires the auditor to focus on areas where there is a risk of material misstatement due to fraud, including management fraud. ISA (UK and Ireland) 240 emphasises the need for the auditor to maintain an attitude of professional scepticism throughout the audit, notwithstanding the auditor s past experience about the honesty and integrity of management and those charged with governance and requires the auditor to: Discuss within the engagement team how the financial statements may be susceptible to material misstatement due to fraud and what audit procedures would be most effective; Consider whether one or more fraud risk factors are present Perform audit procedures to address the risk of management override of controls by testing journal entries, reviewing accounting estimates for bias, and understanding the business rationale for significant transactions outside the normal course of the business, Obtain specific representations from management, including its assessment of the risk of fraud. Governance - All ISAs and ISA (UK and Ireland) 260 All ISAs The respective responsibilities attributed to those charged with corporate governance and management in the original ISAs do not always fit with the corporate governance model that exists in the UK and Ireland. In order to seek to achieve the clarity, the APB has included in the following definitions in each ISA (UK and Ireland): The term governance describes the role of persons entrusted with the role of supervision, control and direction of an entity. Ordinarily, those charged with governance are accountable for ensuring that the entity achieves its objectives, and for the quality of its financial reporting and reporting to interested parties. Those charged with governance include management only when they perform such functions. In the UK and Ireland, those charged with corporate governance include the directors (executive and non-executive) of a company or other body, the members of an audit committee where one exists, the partners, proprietors, committee of management or trustees of other forms of entity, or equivalent persons with responsibility for directing the entity s affairs and preparing its financial statements. Management comprises those persons who perform senior managerial functions. In the UK and Ireland, depending on the nature and circumstances of the entity, management may include some or all those persons charged with governance (e.g.: executive directors). Management will not normally include non-executive directors unless they are performing an executive role. Page 6 of 7
Communication with those charged with governance - ISA (UK and Ireland) 260 Major changes include: New requirements to the effect that the management letter and the engagement letter should be addressed to those charged with governance A requirement that the auditor should issue a report to those charged with corporate governance A requirement that the auditor should evaluate the effectiveness of the two-way communication process established with those charged with corporate governance and should consider resigning if they believe it is not effective Additional guidance on effective communication, communication of risks of material misstatement and communication of misstatements detected during the audit Quality control - ISA (UK and Ireland) 220 and ISQC (UK and Ireland) 1 The main additions of substance, compared to SAS 240, relate to requirements for the firm to have policies and procedures that provide it with reasonable assurance that: The firm and engagement team are independent Complaints and allegations about work performed are dealt with appropriately Related Parties - ISA (UK and Ireland) 550 Auditing standards on related parties are closely linked to the underlying accounting framework. From 2005, two accounting frameworks will be in use in the UK and Ireland: International Financial Reporting Standards (IFRS) issued by the International Accounting Standards Board (IASB), which are mandatory for the preparation of the consolidated accounts of listed companies, and accounting standard issued by the UK Accounting Standards Board (ASB), which may be employed in other cases. To accommodate the differences between the two frameworks, ISA (UK and Ireland) 550 has separate parts where the financial statements are intended to comply with IAS 24 or FRS 8. ISAs with no SAS equivalents - ISAs (UK and Ireland) 501, 505 and 545 The APB does not believe auditors will have difficulty complying with ISAs (UK and Ireland) 501 [Audit Evidence Additional Considerations for Specific Items] and 505 [External Confirmations], both of which are procedural in nature, and 545 [Auditing Fair Value Measurements and Disclosures]. Page 7 of 7