ASSURANCE

Time allowed 1 hours

Total marks 100
[N.B. Figures in the margin indicate full marks. Questions must be answered in English. Examiner will take account
of the quality of language and of the manner in which the answers are presented. Different parts, if any, of the
same question must be answered in one place in order of sequence.]
1.

2.

When Enron collapsed and documents were destroyed, the CA profession, standard setters and regulators
became focused on audit documentation requirements and the issue of workpaper retention. In 2002 the
Sarbanes-Oxley Act was passed, and it included provisions for increased audit documentation guidance for
audits of public companies by requiring that audit documentations be sufficient for an experienced auditor to
understandamong other thingsthe nature, timing, extent and results of auditing procedures the engagement
auditors performed, the audit evidence they obtained and the conclusions they reached on significant matters
based on audit evidences.
a) What purpose does audit documentation serve? What are the additional purposes of working paper?
b) What factors auditor must consider in determining the nature and extent of documentations for a particular
audit?
c) What are the contents of a permanent audit file and a current audit file?
d) What are the issues that auditor should take into considerations for retention of audit documentations?

5
5
6
4

a)

Define assurance engagement.

b)

What are the types of engagement as per definition given by IFAC?

What conclusions are given against those engagements?

The auditor normally expresses his audit opinion by reference to the true and fair view, which is an
expression of reasonable assurance.

c)

Define the term true and fair.

3.

d)

The key benefit of assurance is the independent and professional examination carried out by the
auditor during the course of the audit. In addition, assurance gives some subsidiary benefits.
List subsidiary benefits those are provided by the assurance providers.

e)

What are the limitations of assurance services for which the auditor cannot give a certificate of
absolute assurance or correctness.

a)

What do you understand by internal controls?

b)

BSA 315 sets out 5 (five) components of internal control each of which may have impact on the
audit process differently.

Write at least 3 (three) components of internal control.

c)

The internal controls in a computerized environment includes both manual procedures and
procedures designed by computer programs. Such manual and computer controlled procedures
comprise two types of control.

Write down 2 (two) above controls.

d)

What controls will be put into place in the purchases system depend on the nature of the company
and the specific risks associated with the way it operates, but there are some general controls which
can be used to mitigate the risks.

What are the general controls which can be used to mitigate the risks?
e)

A company might recognize some risks when considering goods inward and recording of invoices.

What risks are associated with goods inward and recording of invoices?

[Please turn over]

2
4.

a)

Why do independence and objectivity matter so much and what can the auditors do to maintain
objectivity?

b)

A financial interest in a client constitutes a substantial self-interest threat.

What are the safeguards to avoid the above threat?

c)

5.

Accountants in a non-practice environment may face more pressure to behave unethically.

Cite some examples of pressure the accountants (non-practice) may face in carrying out their
duties.

Information System aims to support operations management and decision making process. In a broad sense, the
term is used to refer not only to the information and communication technology (ICT) that an organization uses,
but also to the way in which people interact with this technology to support the business processes.
a.

What are the risks that an entity is exposed to, if general controls are not effective?

b.

How will you test general controls and application controls of an entitys information system?

c.

Can you test automated controls even though you are non-IT person?

d.

Write corresponding controls to address the risk mentioned in the following table:

Risks

Controls

Employee may order too much or not enough raw

materials.
Employee may try to misappropriate goods.
Procurement Department may not use approved
vendor (gaining the benefit of negotiated volume
discounts).
Payment sent to wrong address, wrong payee on
cheque or cheque may not be signed.

The End