CHAPTER 2

POST-BALANCE SHEET EVENTS

(CONTINGENCY, GOING CONCERN
CONCEPTS, ACCOUNTING ESTIMATES
& COMMITMENT)
 SUBSEQUENT EVENTS
 ISA 560 (redrafted)- requires the auditor to:
 Obtain sufficient appropriate audit evidence
about whether events occur between the date of
the financial statements and the auditor’s report
that materially affect the FS are appropriately
reflected in those financial statements.
 Respond appropriately to facts that become
known to the auditors after the date of the
auditor’s report that materially affect the
financial statements.
 SUBSEQUENT EVENTS
 Definition: refer to events occur between
the date of the FS and the date of
auditor’s report, and facts that become
known to the auditor after the date of the
auditor’s report.
 SUBSEQUENT EVENTS
 New commitments
 Borrowings
 Guarantees
 Sales of assets
 Issue of new shares
 Merger or liquidation plans
 Unusual accounting adjustments.
 SUBSEQUENT EVENTS
 FRS 110, accounting treatment:
 Those that provide further evidence of
conditions that existed at period end
(adjusting events).
 Those that are indicative of conditions that
arose subsequent to period end
(disclosure/non-adjusting events).
AUDIT PROCEDURES: events occur between the
date of the FS and the date of the auditor’s report

 Obtaining an understanding of the procedures

management has established to ensure that
subsequent events are identified.
 Read minutes of meetings of shareholders, BOD,
audit and executive committees held after the year
end.
 Inquire about matters discussed at meetings for
which minutes are yet to be available.
 Peruse the latest available interim financial
statements, budgets, CF and other related m’ment
report, where relevant.
 Inquire the lawyers concerning litigation and claims.
 AUDIT PROCEDURES: facts which become
known to the auditor after the date of auditor’s
report but before the FS are issued.
 The auditor should discuss with
management and determine whether the
FS require amendment.
 The course of action to be taken by the
auditor would depend on the following
situation:
 AUDIT PROCEDURES: facts which become
known to the auditor after the date of auditor’s
report but before the FS are issued.
 If management amends: auditor conduct
procedures necessary in the circumstances,
provide m’ment wt new report, the audit report
date should not be earlier than the date of the
amended FS are approved.
 If m’ment does not amend: but the auditor
believes they need to be amended, auditor’s
report has not been released, auditor should
modify the opinion appropriately and express a
qualified or an adverse opinion
 AUDIT PROCEDURES: facts which become
known to the auditor after the date of auditor’s
report but before the FS are issued.
 If m’ment does not amend: and the auditor’s
report has been released to the company,
auditor notify the m’ment or TCWG not to
issue the FS and the auditor’s report to third
parties.
 If the FS are subsequently issued, the auditor
should take the necessary actions to prevent
reliance on the auditor’s report, depends on
the auditor’s legal rights and advice of the
auditor’s lawyers.
 AUDIT PROCEDURES: facts discovered
after the FS have been issued
 The auditor should discuss with m’ment
and take appropriate action in the
circumstance.
 The action to be taken by the auditor
would depend on:
 AUDIT PROCEDURES: facts discovered
after the FS have been issued
 If m’ment amends the FS: auditor carry
out the procedures necessary to review
the steps taken by m’ment to ensure it is
well informed to the third parties and
issue a new auditor’s report.
 The new auditor’s report should include an
emphasis of matter para. That extensively
discuss the reason for revision.
 AUDIT PROCEDURES: facts discovered
after the FS have been issued
 If m’ment does not take the necessary steps
to ensure that anyone in receipt of the
previously issued FS is informed of the
situation, the auditor should notify m’ment
and TCWG, that action will be taken by the
auditor to prevent future reliance on the
auditor’s report.
 It is depends on the auditor’s legal rights and
obligations and the advice of his lawyers.
 CONTINGENT LIABILITIES
Contingent liabilities – potential future obligation
to an outside party for an unknown amount
resulting from activities that have already taken
place.

FRS 137 – a possible obligation that arises from

past events and whose existence will be
confirmed only by occurrence or non-occurrence
of uncertain future events not wholly control by
the enterprise.
3 conditions are required for a contingent
liability to exist;
* potential future payment to an outside
party/impairment of some other asset that
would result from an existing condition.
* uncertainty about the amount of the
future payment or impairment.
* the outcome will be resolved by some
future event or events.
 LEVEL OF CL
 According to FRS 137, CL can be divided into
three levels:
 Remote (slightly chance) – no disclosure is
necessary.
 Reasonably possible (more than remote, but less
than probable) – footnote disclosure is
necessary.
 Probable (likely to occur) – if the amount can be
reasonably estimated, FS are adjusted, if the
amount cannot be reasonably estimated, note
disclosure is necessary.
 EXAMPLE OF FOOTNOTE
 There are pending legal claims against the
company in respect of termination of contracts.
It is the opinion of the directors, based on
current available information that the claims will
not materialise and the ultimate liability, if any,
resulting from such claims will not materially
affect the financial position or results of
operation of the company. The company has
issued unsecured corporate guarantee of
RM14millions to a local bank for term loan
facility granted to a subsidiary.
 FOOTNOTE
 The footnote should describe the nature of
the contingency to the extent it is known
and the opinion of legal counsel or
management as to the expected outcome.
 TYPES OF CL – AUDITOR’S
CONCERN
 Pending litigation for patent infringement,
product liability, or other services.
 Income tax disputes.
 Product warranties.
 Loan receivable discounted.
 Guarantees of obligations of others.
 Unused balances of outstanding letters of
credit.
 RESPONSIBLE TO DETECT CL
 Lies on the management team.
 Management should also decide the
appropriate accounting treatment.
 It is impractical for auditors to uncover
contingencies without management’s
cooperation.
 COMMITMENT
 Commitment – agreement to commit the
firm to a set of fixed conditions in the
future, regardless of what happens to the
profits or the economy as a whole.
 All commitments are ordinarily either
described together in a separate footnote
or combined in a footnote related to
contingencies.
 AUDIT PROCEDURES FOR
FINDING CL
 Normally done throughout the audit
process and not necessarily done at the
end of the audit.
 E.g – unused balances in outstanding
letters of credit may be tested as apart of
confirming bank balances and loans from
banks (cash and bank cycle).
 INITIAL STAGE
 Determine the existence of CL and
commitment.
 Evaluate the level of materiality and
review disclosure requirement.
 THEN…
 Management inquiries.
 Review current and previous years’ internal
revenue agent reports for income tax
settlements.
 Review the minutes of directors’ and
shareholders’ meeting for indications of lawsuits
or other CL.
 Analyse legal expense for the period under audit
and review invoices and statements from legal
counsel.
 THEN…CONT..
 Obtain a letter from each major lawyer
performing legal services for the client as to the
status of pending litigation or other CL.
 Review audit documentation for any info that
may indicate a potential contingency.
 Examine letters of credit in force as of the
balance sheet date and obtain a confirmation of
the used and unused balances.
 GOING CONCERN
 GC is a ability of a company to operate in
foreseeable future. The business is
assumed to have indefinite life unless
there is evidence that it is going to be
liquidated.
 When planning and performing audit
procedures and in evaluating the results
thereof, the auditor should consider the
appropriateness of the going concern
assumption underlying the preparation of
the financial statements.
 The auditor should consider the risk that
the going concern assumption may no
longer be appropriate.
 FINANCIAL INDICATIONS – ISA
570
 Net liability or net current liability position
 Fixed term borrowings approaching maturity
without realistic prospects of renewal or
repayment.
 Adverse key financial ratios
 Substantial operating losses
 Arrears or discontinuance of dividend
 Inability to pay creditors in due date
 Difficulty in complying with the term of loan
agreements
 Change from credit term to COD with suppliers
OPERATING INDICATIONS – FRS
570
 Loss of key management without
replacement.
 Loss of major market, franchise, license,
or principal supplier.
 Labour difficulties or shortage of important
supplies.
 OTHER INDICATIONS – ISA 570
 Non-compliance with capital or other
statutory requirement.
 Pending legal proceedings against the
entity that may, if successful, result in
judgments that could not be met.
 Changes in legislation or government
policy.
 AUDITOR’S CONCERN
 Evaluate whether there is a substantial doubt
about a client’s ability to continue as a going
concern.
 It is initially done on the planning stage but is
revised when significant new information is
obtained.
 A final assessment is required after all evidence
has been accumulated and proposed audit
adjustments have been incorporated into the FS.
 AUDITOR’S CONCERN
 Running analytical procedures test
 Discussion with management and review
of future plans to avoid bankruptcy and
liquidations..
 AUDIT OF ACCOUNTING
ESTIMATES
 ISA 540 (revised) requires that the auditor
obtains sufficient appropriate audit
evidence regarding accounting estimates.
 Definition: an approximation of a
monetary amount in the absence of a
precise means of measurement.
 EXAMPLES OF ACCOUNTING
ESTIMATES
 Allowance for inventory obsolescence
 Allowance for doubtful accounts
 Depreciation charges
 Costs from a lawsuit or litigation
settlements and judgments
 Outcome of long-term construction
contracts.
 Warranty obligation
 NATURE OF ACCOUNTING
ESTIMATES
 Some FS items cannot be measured
precisely, but can only be estimated.
 The uncertainty affects the risks of MM of
accounting estimates, including the
susceptibility to error or fraud.
 It may be determined by using simple or
complex formulas or methods, depending
on the nature of the item.
 RESPONSIBILITY FOR
ACCOUNTING ESTIMATES
 Responsibility for making AE rest with
management.
 Subject to conditions of uncertainty regarding
the outcome of events that have occurred or
likely to occur, and involve the use of judgment.
 The risk of MM is higher when AE are involved.
 Auditor should obtain written representations
from m’ment regarding the reasonableness of
significant assumptions used.
 RISK ASSESSMENT PROCEDURES
AND RELATED ACTIVITIES
 Evidence to support AE is normally more difficult
to obtain and less conclusive.
 Important for the auditor to understand the
procedures and methods used by m’ment in
making AE.
 Its include financial reporting framework and
entity’s internal control.
 This knowledge would help the auditor to
properly plan the nature, timing and extent of
the audit procedures, and assess the risks.
 AUDIT PROCEDURES
 Evaluate data and consider assumptions on
which the estimate is based.
 Test calculations involved in the estimate.
 Comparison of previous estimates with actual
results
 Consider management’s approval procedures
 Use an independent estimate for comparison
with that prepared by m’ment.
 Review subsequent events which confirm the
estimate made.
 Evaluation of results of audit procedures
 DOCUMENTATION
 The auditor’s documentation should
include:
 The basis for the auditor’s conclusions
about the reasonableness of accounting
estimates that give rise to significant risks.
 Indicator of possible m’ment bias, such as
selection or construction of significant
assumption that yield a point estimate
favourable for m’ment objectives.
CHAPTER 3
SAMPLING
 AUDIT SAMPLING
 When the auditor decides to select less
than 100% of the population for testing
for the purpose of making inferences
about the population, it is called ‘audit
sampling’.
 WHAT IS AUDIT SAMPLING?
 A process used by the auditor in understanding
the characteristic of a population by examining a
sample taken from that population.
 ISA 530 – as the application of audit procedures
to less than 100% of the items within an
account balance to enable the auditor to obtain
and evaluate evidence about some
characteristics of the item selected in order to
form or assist in forming a conclusion
concerning the population.
 REPRESENTATIVE SAMPLE
 It is one in which the characteristics in the
sample of audit interest are approximately
the same as those of the population.
 It is difficult to know whether a sample is
representative or not.
 Thus must be very careful in design,
selection and evaluation of sample.
 WHY AUDIT SAMPLING?
 To manage the audit efficiently and
effectively at reasonable cost within the
time available.
 It is not used in all aspects of audit.
 Often used in documentation and
confirmation.
 Not commonly used in inquiries of the
client, observation and analytical
procedures.
 SAMPLING RISK
 Making a decision from a sample involves a
risk.
 Sampling risk – the risk that an auditor
reaches an incorrect conclusion because the
sample is not representative of the
population.
 Nonsampling risk – the risk that audit tests
do not uncover existing exceptions in the
sample. Due to auditor’s failure to recognize
exceptions and inappropriate audit
procedures.
 HOW TO CONTROL RISK?
 Nonsampling risk – careful design of audit
procedures, proper instructions and
supervision and regular review.
 Sampling risk – adjusting sample size and
using an appropriate method of selecting
sample items from the population.
 STATISTICAL VS
NONSTATISTICAL
 Statistical sampling – through the
application of mathematical rules, allows
the use of quantification in planning and
evaluating the result of the sample.
 Nonstatistical sampling – based on
auditors experience and judgmental basis
in selecting sample and providing
conclusion.
PROCESS OF AUDIT SAMPLING
 Determine sample size
 Select sample
 Apply audit procedures
 Evaluate results
 SAMPLE SELECTION
 Probabilistic – method of selecting a
sample by a random process.
 Nonprobabilistic – method of selecting a
sample in which the auditor uses
professional judgment.
 SAMPLE SELECTION

SAMPLING METHOD APPROPRIATE

SAMPLE SELECTION
Statictical sampling Probabilistic (PSS)

Nonstatistical sampling Probabilistic (PSS)

Nonprobabilistic (NSS)
 METHODS OF PSS
 Simple random
 Systematic
 Probability proportional to size
 Stratified
 METHODS OF NSS
 Directed
 Block
 Haphazard
 NSS -DIRECTED
 Selection of each item in the sample
based on some judgmental criteria
establish by the auditor
 E.g: items most likely to contain
misstatement, items containing selected
population characteristics and large dollar
coverage.
 NSS - BLOCK
 Selection of several items in sequence.
Once the first item is selected, the whole
block is chosen automatically.
 NSS - HAPHAZARD
 Selection of items without any conscious
bias on the part of the auditor.
 The auditor selects population items
without regard to their size, source, or
other distinguishing characteristics.
 PSS – SIMPLE RANDOM
 Is one in which every possible
combination of elements in the population
has an equal chance of constituting the
sample.
 E.g: random number tables, computer
generation of random tables.
 PSS - SYSTEMATIC
 The auditor calculates an interval and then
methodically selects the items for the
sample based on the size of the interval.
 PSS – PROBABILITY
PROPORTIONAL
 Selection of samples emphasis population
items that have larger recorded amounts.
There are two ways.
 First is to take a sample where the
probability of selecting any individual
population item is proportional to its
recorded amount.
 The 2nd way is to divide the population
into subpopulations by size and take
larger subpopulations
 SAMPLING FOR EXCEPTION
RATES
 Audit sampling for TOC and STOT is used
to estimate the proportion of items in a
population containing a
characteristic/attributes of interest.
 This proportion is called the occurrence
rate/exception rate.
 It is usually expressed as a percentage.
 SAMPLING FOR EXCEPTION
RATES
 Example:
An auditor might conclude that the
exception rate for the internal verification
of sales invoices is approximately 3%,
meaning that invoices are not properly
verified 3% of the time.
 CHAPTER 4
AUDIT FOR RELATED PARTY
TRANSACTIONS
 WHAT IS AUDIT OF RELATED
PARTIES TRANSACTION?
 An accumulation and evaluate the
evidence about information regarding
related/third party transaction to
determine and report on the degree of
correspondence between information and
established criteria.
 IAS 550
 The auditor should perform audit
procedures designed to obtained sufficient
appropriate evidence regarding the
identification and disclosure by
management of related parties
transactions and its effect towards
financial statements.
 However an audit cannot be expected to
detect all related party transactions.
 EXAMPLE
 Transfer of assets between companies in a
group either with or without profit.
 Sales transactions between associates or
subsidiaries.
 Payment of dividend or interest between
companies in the group.
 WHO?
 Subsidiaries & associates
 Bankers
 Investors
 Suppliers
 Clients
 Solicitors
 Guarantors
 RESPONSIBILITIES OF
MANAGEMENT
 Identify and disclose any related
transaction with such parties.
 Maintain an adequate internal control
structure.
 ISSUES
 Related parties transactions (RPT) are
difficult to identify and measure due to:
- it may be operated through complex range
of relationship and structure.
- It may not always involved an exchange
of consideration.
- Transaction with related parties may be
manipulated by management.
 AUDITOR’S CONCERN

 Must have adequate knowledge of

company’s business in order to be able to
identify material transactions.
 AUDITOR’S CONCERN
 Need to be aware of:
- The existence of the RPT may affect the
FS.
- The source of audit evidence affect
auditor’s assessment of its reliability.
- It can be motivated by others than
ordinary business consideration, e.g.
inappropriate profit sharing
- Potential for error may increase due to
documentation
 ASSESSING RISK
 The auditor should assess the risk of
unidentified or undisclosed RPT.
 Also assess the risk of inappropriate
disclosure of RPT.
 Basically uses professional judgment and
some relevant factors.
 FACTORS AFFECT IR
ASSESSMENT OF RPT
 The number of related parties
 The volume of RPT
 Good and services provided at no charge
 The company is experiencing difficulty in
meeting the term of debt agreement or
going concern problem.
 ASSESS CONTROL RISK
 Makes a preliminary assessment of control
risk (identification, authorization and
recording RPT).
 Ensure declaration of interest in other
parties are current and communicated by
and to appropriate level within the entity.
 Review the information provided by
management about the existence of RPT.
 Name of identified related parties are
provided to all personnel involved in audit.
 AUDIT PROCEDURES
 Review prior period working paper for
name of known related parties.
 Inquiries of management and obtain
management representation regarding the
names of all known related parties.
 Inquiries to the affiliation of management
with other entities.
 Review shareholders records to determine
the principal shareholders.
 AUDIT PROCEDURES
 Review minutes of meetings of
shareholders, governing body and other
important committee.
 Inquiries to the other auditor or
predecessor auditor
 Review the client’s income tax returns and
other information supplied to regulatory
agencies.
 AUDIT PROCEDURES
 Review large figure invoices for indication
of the RPT.
 Review contracts and agreements
 CIRCUMSTANCES OCCUR
DURING AUDIT
 Auditor should alert for transaction which
include the existence of unrelated parties
transaction.
 Example:
- Abnormal term of trade such as unusual
prices, interest rates, guarantees or
repayment terms.
- Transaction which has lack of logical or
business reasons.
 CIRCUMSTANCES OCCUR
DURING AUDIT
 Example cont…
- Transaction process or approved in
unusual manner.
- High volume of transactions with certain
customer or supplier as compared to
others.
- Unrecorded transactions such as receipts
of management services at no charge.
 EXAMINING RPT
 Obtain sufficient appropriate evidence whether
these transactions have been properly recorded
and disclose.
 Discuss the purpose of the transaction with
management.
 Confirm the term and amount of the transaction
with related party or with related party’s auditor.
 Inspecting evidence in possession of related
party
 Confirm and discuss information with person
associated wt the transaction such as bank
solicitors and agent.
 CHAPTER FIVE
AUDIT PLANNING AND
DOCUMENTATION: RELIANCE TO
OTHER AUDITORS
 AUDIT PLANNING
 ISA 300 states that the auditor should
plan the audit work so that the audit will
be performed in an effective manner.
 Audit planning takes place before the
detailed audit work begins.
 An auditor must adopt a strategy with
regard to the nature, timing and extent of
the audit work to be carried out.
 OBJECTIVES OF AUDIT
PLANNING
 Potential problems are identified
 Appropriate attention is devoted to the
different areas of the audit.
 Audit review is facilitated.
 Enable the auditor to obtain sufficient
competent evidence.
 To keep audit costs reasonable.
 To avoid misunderstanding with the client.
 RELIANCE TO OTHER
AUDITORS
 Statutory requirement – Statement of
Auditing Standards (SAS).
 General principles of SAS – “when the
principal auditors use the work of the
other auditors, the principal auditors
should determine how the work of the
other auditors will affect the audit”.
 PRINCIPAL AUDITOR (PA)
 Auditor with responsibility for reporting on
the financial statements of an entity when
those financial statements include financial
information of one or more components
audited by the other auditors.
 OTHER AUDITOR (OA)
 Auditor, other than the principal auditors,
with responsibility for reporting on the
financial information of a component
which is included in the financial
statements audited by the principal
auditors.
 Include affiliated firms, correspondents as
well as unrelated auditors.
 COMPONENT
 A division, branch, subsidiary, joint
venture, associated company or other
enterprise whose financial information is
included in financial statements audited by
the principal auditors.
 THE PRINCIPAL AUDITORS’
PROCEDURE
 Should perform procedures to obtain
sufficient appropriate evidence that the
work of the other auditors is adequate for
the principal auditors’ purpose, in the
context of the specific assignment
(SAS 510.4).
 Should inform the client’s management
their intention to communicate with the
other auditors (as a matter of courtesy).
 PA’S ADVISE FOR THE OA
 The independence requirements regarding
both the entity and the component
 Obtain written representation as to
compliance with them.
 Coordination of effort and works.
 Matter that need special consideration,
procedures for the identification of inter-
company transactions that may require
disclosure
 The timetable for completion of audit
 PA’S ADVISE FOR THE OA
 The accounting, auditing and reporting
requirements and obtain written
representation as to compliance with
them.
 May also discuss the audit procedures
applied and review written summary of
the other auditors’ procedures.
 Review working papers of the other
auditors.
 PA CONCLUSION
 No need for additional tests or procedures
if they satisfied with the works of the
other auditors.
 May also perform any additional test or
audit procedures if they feel the evidence
accumulated is not appropriate and
sufficient.
 Discuss wt the other auditors and
management of the component the audit
findings.
 THE OA’S PROCEDURES
 Should cooperate, subject to the
necessary consent of the client, with the
principal auditors.
 Make available such information as the
principal auditor may require in order
discharging their duties.
 At the same time, they are solely
responsible for the audit opinion on the FS
of the component which they audit.
CHAPTER SIX
AUDIT INVESTIGATION
PROSPECTUS
 WHAT IS PROSPECTUS?
 Prospective Financial Statement
 Predicted or expected financial statement
in some future period (IS) or at some
future date (BS).
 Example: management’s prediction of FS
one year in the future.
 FORECAST
 Prospective financial statement that
present entity’s expected financial
position, result of operation and cash
flows, to the best of the responsible
parties knowledge and belief.
 Commonly required by banks as a part of
loan application.
 PROJECTION
 Prospective FS that present an entity’s
financial position, result of operations and
cash flow, to the best of responsible
parties knowledge and belief, given one or
more hypothetical assumptions.
 Example: preparation of projected FS
assuming that the company is able to
increase the price of its primary product
by 10% with no reduction in unit sold.
STATUTORY REQUIREMENTS
 It is stated in S.42 – S.47 Companies Act
1965.
 It is also stated in Prospectus Guidelines
on Public Offering issued by securities
Commission.
 KLSE listing requirement for IPO.
 ACCOUNTANTS REPORT
 Should be included in the prospectus as
required by law.
 Prepared by an approved company
auditor.
 While the directors are responsible for the
content and accuracy of prospectus.
 The reporting accountants have to accept
full responsibility for the correctness of the
accountant report.
 CONTENTS OF ACCOUNTANTS
REPORT
 Changes in issue and paid up capital since
the date of incorporation.
 Details of any modifications to the
auditor’s report for the past 5 financial
years and the latest audited accounts.
 IS (consolidated if applicable) including
earnings per share.
 BS (consolidated if applicable)
 CONTENTS OF ACCOUNTANTS
REPORT
 Basics of accounting policies adopted.
 Adjustments to any items in the IS or BS.
 CFS for the latest audited FS.
 Rates of dividend paid for each class of
shares.
 Proforma BS (consolidated if applicable) at
the last date which the FS are made up.
 Proforma net tangible assets cover.
 PROFIT FORECAST INCLUDED
IN PROSPECTUS
 Revenue or turnover
 Profit before tax
 Tax expense
 Minority interest
 Profit after tax and minority interest
 Number of share issue
 Basic and diluted EPS
 Price-earning ratio (by reference to the
offer price)
 AUDIT PROCEDURES
 Comparison in current year interest and
dividend.
 Comparison of the current balance with
prior years after considering the effect of
current year operating and financing
activities.
 Analytical procedures
 Analysis of trends
CHAPTER SEVEN
THE EFFECT OF INFORMATION
TECHNOLOGY ON THE AUDIT
PROCESS
 INTRODUCTION
 IT environment consist of hardware,
software, automated control and
procedures, and data in electronic format.
 Control – manual & automated
 Client may imposed less complex or
complex IT environment.
 The audit process will differ based on the
level of complexity.
 POTENTIAL BENEFITS
TOWARDS CLIENT IC
 Enhancement of the timeliness, availability and
accuracy of information.
 Consistent application of business rules &
performance of complex calculations in
processing large volume of transactions or data.
 Enhance the ability to monitor the performance
of the organization.
 Enhance the ability to achieve effective
segregation of duties by implementing security
controls in applications, databases and operating
systems.
 POTENTIAL RISKS TOWARDS
CLIENT IC
 Possibility of inaccurately process data
 Unauthorized changes to data in master
files.
 Unauthorized changes to systems or
programs.
 Inappropriate manual intervention
 Potential loss of data
 TYPES OF CONTROL
 General controls
 Application controls
 GENERAL CONTROLS
 Include controls over the following:
- data centre and network application
- system software acquisition, change and
maintenance
- access security
- application system acquisition,
development and maintenance
 GENERAL CONTROLS – data
centre and network application
 Include control over computer and
network operations, data preparation,
work flow control and library functions.
 Important control – prevent unauthorized
access to the network programs, files and
system documentation by computer
operator.
 GENERAL CONTROLS – system
software acquisition, change and
maintenance control.
 The entity should have strong controls
that ensure proper approval for purchases
of new system software.
 Adequate controls over changes and
maintenance of existing systems software.
 GENERAL CONTROLS – Access
security controls.
 Physical protection of computer
equipment, software and data.
 Controls over loss of assets and
information through theft or unauthorized
use.
GENERAL CONTROLS – Application
systems acquisition, development and
maintenance controls.
 Critical for ensuring the reliability of
information processing.
 Entity should establish written policies and
procedures for planning, acquiring or
developing and implementing new
systems.
 Should conduct a feasibility study which
include cost-benefit analysis, needs and
impact.
 APPLICATION CONTROLS
 Application controls apply to the
processing of individual accounting
applications, such as sales or payroll.
 It helps to ensure the completeness and
accuracy of transaction processing,
authorization and validity.
 APPLICATION CONTROLS
 Application controls are discussed under
the following categories:
- data capture controls
- data validation controls
- processing controls
- output controls
- error controls
APPLICATION CONTROLS – data
capture control
 Ensure all transactions are recorded in the
application system
 Ensure transactions are recorded in the
application system
 Ensure rejected transactions are identified,
controlled, corrected and re-entered into
the system.
 3 ways of capturing data: source
documentation, direct data entry or
combination of two
APPLICATION CONTROLS – data
validation controls
 Mainly concerned with the accuracy
assertion.
 Can be applied at various stages.
 Data captured are then validated by an
edit program .
 Types of control: limit test, range test,
sequence check, existence test, field test,
sign test, check digit verification.
 APPLICATION CONTROLS –
processing controls
 Ensure proper processing of transactions.
 Part of validation controls may be
performed as part of data processing.
 General controls play an important role in
providing assurance about the quality of
processing control.
 Types: file or volume label, control totals,
reasonableness test.
 APPLICATION CONTROLS –
output control
 Output includes reports, cheques,
documents and other printed or displayed
information.
 The main concern is that computer output
may be distributed or displayed to
unauthorized users.
 Report distribution log, release form.
 APPLICATION CONTROLS –
errors control
 Most transaction errors should be
identified by data capture and data
validation controls.
 But some errors may also be identified by
processing or output controls.
 After identification, errors must be
corrected and resubmitted to the
application system at the correct point in
processing.
 CHAPTER 8
GOVERNMENTAL AUDIT
 The Audit Act 1957
 It requires that an audit to be conducted for
recipients of federal financial assistance. This
requirement also extends to a company
registered under the Company Act 1965 which
has more than of its paid- up share capital held
by the Federal Government, a state or a public
authority.
• A state or local government agency receives
federal financial assistance, it is subject to audit
under the Audit Act 1965. the guidance for the
audit is provided by the Audit Manual.
 The Audit Act 1957
• The audit can be performed by either the
government auditors or by public accounting
firms in the private sector, all of them must
meet the independence and qualification
standards prescribed in the Audit Manual.
 Statutory Bodies Act 1980, known as ACT
240,this requirement it relation to accounts of
every federal statutory body.
 The Act requires that every federal statutory
body submit its account within six months after
the end of the financial year, to be audited by
the Auditor General.
 GOVERNMENTAL AUDIT

 It employ by their own auditing staff to perform

audits as internal auditors.
 The office of Auditor General is JAN, staff act as
external auditors to government departments
and agencies.
 The staff of JAN are also seconded to Ministries
and other governments departments to serve as
internal auditors.
 The primary source of authoritative literature for
the performance of government audits is Audit
Manual, which is issued by the JAN.
 It widely used reference by government auditors
and auditors from private sector to do
governmental work.
 Audit Manual includes audits of financial
statements of governmental units, government
contracts and grants, internal control, fraud and
other noncompliance with laws and regulations.
 COMPARATIVE SUMMARY OF TYPES OF AUDITS

TYPES NATURE OF ESTABLISHED NATURE OF

ASSERTIONS CRITERIA AUDITOR’S
REPORT
FINANCIAL Entity’s financial An identified Opinion on fairness
report data financial or ‘truth and
reporting fairness’ of financial
framework information
COMPLIANCE Implicit claim that Management’s Summary of findings
data adhere to policies, laws, or assurance
relevant policies, regulations or regarding degree(s)
laws and other third party of compliance
regulations requirements
PERFORMANC Performance or Objective set, Economy, efficiency
E operational data for example, by and effectiveness
management or Observed;
enabling recommendations
legislation for improvement
 Financial Auditing Standards

The financial auditing standards in the Audit Manual are

consistent with the approved standards on auditing
adopted by the accounting profession for the private
sector with some important additions and modification
as follow :
 Materiality and significance – The Audit Manual
recognizes that in government audits the thresholds of
acceptable audit risk and materiality may be lower than
in an audit of a commercial enterprise.
 Audit and Reporting Requirements- Audit
Manual

 Audit Manual are formal guidelines for audit

management practice.
 The objective is ensure that the responsibilities entrusted
to Auditor General under the Constitution and the Audit
Act 1957 are fulfilled in a professional manner.
 The standards are based on the requirements of the
Audit Act, the practices and experiences of JAN as well
as the standards adopted by the accounting profession
,International Organization of Supreme Audit
Institutions(INTOSAI).
 Quality control – Public accounting firms and other
organizations that audit government entities in
compliance with the Audit Manual must have an
appropriate system of internal quality control to ensure
that performance of audit work maintains high level of
professional standards.

 Compliance auditing – in the Audit Manual states: A test

should be made of compliance with applicable laws and
regulation. The laws and regulations of primary concern
are those that have a direct and material effect on the
financial statements.
 In government auditing, must be compliance with laws,
regulations and policies is important because
government organizations, programmes, service
activities and functions are usually are created by law
and are subject to more specific rules and regulations
than the private sector.

 In Audit Manual also states that the auditors should:

- Identify pertinent laws and regulations and
determine which of those laws and regulations could, if
not observed , have a direct and material effect on the
financial statements or the results of a related financial
audits.
- Assess , for each material requirement ,the risk of
material non-compliance which includes consideration
and assessment of the internal controls to ensure
compliance with laws and regulations.

- Design steps and procedures based on the assessment

to test compliance with laws and regulations to provide
reasonable assurance that both unintentional and
intentional instance of material non- compliance are
detected.
 Reporting- The audit report must state that the audit
was made in accordance with approved standards on
auditing and the Audit Act 1957.

 Audit files and working papers- The Audit Manual

indicates that audit files should contain sufficient
information to enable an experienced reviewer with no
previous connection to the audit to ascertain from the
audit files evidence that support the auditors significant
conclusions and judgment
 Reporting requirement

 The Audit Act 1957 does not impose specific reporting

requirement. The section 6 of the Act specifies the nature
of examinations to be undertaken. The Audit Manual
specifies that the audit reports should include any
significant or material lapses in respect of the following:
1.Essential accounts and records have not been properly
maintained.
2.Monies have not been fully accounted for.
3. The rules and procedures have been insufficient to:
- Safeguard properties, asset and stores
- Secure an effective check on assessment, collection
and proper allocation of the revenues and other receipts
- Ensure that expenditures have been made only as
authorized.

4. Money has been expended other than for purposes for

which it was appropriated or approved.

5. Revenues collected or money expended in contravention

of laws or established policies.
 the reports is includes the Auditor General’s understanding
of the entity’s internal control and assessment of control
risk. This report also forms part of the financial audit
report. The audit reports include:

1.The scope of the auditors work in obtaining an

understanding of internal control and assessing control
risk.
2. The entity's significant internal control including law and
regulation that have a material impact on the financial
statements and results of the financial audit.
3. The reportable conditions including material weaknesses
that result from the auditors works in understanding and
assessing control risk.
 Guidance for Auditors
 The auditor must be familiar with both approved auditing
standards and a series of government audit documents,
laws and regulations.
 The first step in preparing for such an engagement is
extensive professional development.
 The Audit Manual also specifies that the personal
performing the audit should have the following:
- A sound understanding of the Federal Constitution and
other basic laws and regulation concerning the various
level of government and statutory bodies.
- A good understanding of the Audit Act 1957,auditing
concepts, standards and practices.
 AICPA Guidance for Auditors

 A good understanding of accounting policies, including

both statutory and stated accounting policies of
government and of statutory bodies.

 A basic knowledge of management principles, data

processing and statistics.

 A sound understanding of control and organization of

governments at various levels and the various statutory
bodies subject to the jurisdiction of the Auditor General,
including the roles and responsibilities of ministries,
central agencies and departments.
 AICPA Guidance for Auditors
 General education , experience and ability to apply
knowledge, including contemporary auditing techniques ,
to type of audit work being undertaken.

 Communication skills, both orally and in writing.

 Government Auditors and Corporate
Governance
 JAN has set up advisory services to other government
departments but the staff on JAN are not involved in the
implementation of the strategies which they have advised.
JAN has issued the following directives to ensure
effectiveness of corporate governance:

- Guidelines to establish cooperation between JAN and

Federal and State Agencies.

- Guidelines on role and responsibility of Ministries, Board

of Directors and Chief Executives in the management of
Federal Statutory Bodies.
 Government Auditors and
Corporate Governance
- Guidelines on establishment of Audit Committees for
Government companies.
 OPERATIONAL AUDIT
 Internal, government auditors and CA firms are
involved in operational audit.
 It include evaluating internal controls and even
testing those controls for effectiveness (test of
controls) as a part of operational auditing.
 Testing the effectiveness of internal control by
an internal auditor is therefore a part of
operational auditing if the purpose to help an
organisation operate its business more
effectively and efficiently.
 OPERATIONAL AUDIT
 The determination of whether a
company has adequately trained
assembly line personnel is also
operational audit, if the purpose to
determine whether the company is
effectively and efficiently producing
products.
 Types of Operational Audit
1) Functional Audits
 Categorizing the activities of a business, such as the
billing function or production function.
 Deals with one or more functions in an organization.
 For example, the payroll function for a division or for
the company as whole.
 Advantage is permitting specialization by auditors.
 For example, auditors within an internal audit staff can
develop considerable expertise in an area, such as
production engineering.
 Disadvantage is the failure to evaluate interrelated
functions.
 For example, production engineering function interacts
with manufacturing and other functions in an
organization.
 Types of Operational Audit
2) Organizational Audits

 An operational audit of an organization deals

with an entire organizational unit, such as a
departmental, branch or subsidiary.
 It emphasizes how effectively and efficiently
functions interact.
 The plan of organization and the methods to
coordinate activities are specially important in
this type of audit.
 Types of Operational Audit
3) Special Assignments

 In operational auditing, special assignments

arise at the request of management .
 There is a wide variety of such audits.
 Example include determining the cause of an
ineffective IT system, investigating the
possibility of fraud in a division, and making
recommendations for reducing the cost of a
manufactured product.
 DIFFERENCES BETWEEN OPERATIONAL AND
FINANCIAL AUDITING.

1) Purpose of the Audit

 Purpose of the test
 Financial auditing emphasizes whether historical
information was correctly recorded.
 Operational auditing emphasizes effectiveness and
efficiency.
 Financial audit is oriented to the past, whereas an
operational audit concerns operating performance
for the future.
 An operational auditor, for example, may evaluate
whether a type of new material is being purchased
at the lowest cost to save money on future raw
material purchases.
DIFFERENCES BETWEEN OPERATIONAL
AND FINANCIAL AUDITING.
2) Distribution of the Reports
 For financial auditing, the report typically goes to
many users of financial statements, such as
stockholders and bankers, whereas operational audit
reports are intended primarily for management.
 Because of the limited distribution of operational
reports and the diverse nature of audits for efficiency
and effectiveness, operational auditing reports vary
considerably from audit to audit.
DIFFERENCES BETWEEN OPERATIONAL
AND FINANCIAL AUDITING.
3) Inclusion of Non-financial Areas
 Operational audits cover any aspect of efficiency and
effectiveness in an organization and can therefore
involve a wide range of activities.
 For example, the effectiveness of an advertising
program or efficiency of factory employees would be
part of an operational audit.
 Financial audits are limited to matters that directly
affect the fairness of financial statement presentations.
 GOVERNMENT AUDIT
FRAMEWORK

• Events • Audit Process

• Activities • Audit Standards Public Accounts
• Transaction Committee
FINANCIAL
STATEMENTS
• Revision
• Suggestion
AUDIT REPORT
 GOVERNMENT AUDIT
FRAMEWORK
 Each government organization will have to maintain proper
accounts to record its daily operations at end of the
accounting year.
 According to Article 106 of Federal Constitution, AG is to audit
the FS of each government organization according to the
relevant standards and regulations.
 Sec 9 of Audit Act 1957 requires AG to prepare the Audit
Report at the end of the audit process at the AG department’s
level.
 The overall audit process does not end at AG’s level.
 The audited FS and the audit report will be passed to a
parliamentary committee called Public Accounts Committee.
 This committee will review the statements and report and
provide comments and suggestions on them.
NATIONAL AUDIT DEPARTMENT
(NAD)
 Organized into federal sector, state and, management and
support services.
 Federal responsible for audit of the Federal Ministries,
Departments and Federal Statutory Bodies.
 State responsible for the audit of the accounts of all State
government , Statutory Bodies, Local authorities and Religious
Councils.
 NAD ensure the existence of accountability in the
administration and management of public funds through the
audit of accounts and activities of government agencies.
Auditor General Department in the Malaysian Government
Organisation Structure

Yang di Pertuan Agong

Legislature Executive Judiciary

Auditor
Commissions
General
RESPONSIBILITIES & DUTIES OF
AUDITOR GENERAL
 According to Article 106 of Federal Constitution,
AG has the power and duties to audit and report
on the accounts of the Federal and States.
 AG also perform such other duties relation to the
accounts of the Federal, State and public
authorities, as specified by the YDPA.
 AG’s primary responsibility is to audit and certify
the appropriation and other accounts of the
Government and to report the result of his
examination to the YDPA, states’ rulers who laid
to Parliament or State Legislatures.
RESPONSIBILITIES & DUTIES OF
AUDITOR GENERAL
 The accounts of the government include
Ministries/Departments and others, Statutory
Bodies and Miscellaneous Funds, Local
authorities and Islamic Religious Councils at
both the Federal and State level.
 Enhance the standard of public accountability by
reporting and providing an assurance to
Parliament and State Legislatures through timely
and accurate reporting on the Public Accounts
and the proper management of resources.
 AUDIT REPORT
 Auditor’s report on FS audit of a government is
similar to an auditor’s report for the audit of
corporate FS.
 Auditors issues report that express their
conclusion as to how activities or events audited
comply with the applicable predetermined
standards.
 The reports are often referred as auditor’s
“opinion”.
 AUDIT REPORT
 Sec 9(1) of Audit Act supported the provision
required by Sec 16 of Financial Procedure Act,
where all accounts of government have to be
prepared and transmitted to the AG for his
examination, audit and preparation of reports.
 Article 107 of FC stated that reports of the AG will
be submitted to YDPA.
 AG may also at any time submit a report to YDPA
or Ruler of a State upon urgent matters arising in
the course of discharging his duties.