ACCA AA (F8)

AUDIT AND ASSURANCE

COMPLETE SUBJECT NOTES
BY VERTEX LEARNING SOLUTIONS
VALID UNTIL SEP 2025
 Copyright Notice

©️ https://vls-online.com 2023. All Rights Reserved

The material contained within this electronic publication is protected under International and UK
Copyright Laws and treaties, and as such any unauthorized reprint or use of this material is strictly
prohibited. You may not copy, forward, or transfer this publication or any part of it, whether in
electronic or printed form, to another person, or entity.

Reproduction or translation of any part of this work without the permission of the copyright holder
is against the law.

You’re downloading and use of this eBook requires, and is an indication of, your complete
acceptance of these ‘Terms of Use.’

You do not have any right to resell or give away part, or the whole, of this eBook.

1
VERTEX LEARNING SOLUTIONS - https://vls-online.com Click to go to Table of Content
 TABLE OF CONTENTS

CHAPTER TOPIC PAGE NO.

1 Introduction to assurance 3

2 Rules and Regulations 12

3 Corporate Governance 23

4 Ethics and acceptance 43

5 Risk 64

6 Planning 78

7 Evidence 98

8 Systems and Controls 118

9 Internal Audit 147

10 Procedures 158

11 Completion and Review 189

12 Reporting 201

2
VERTEX LEARNING SOLUTIONS - https://vls-online.com Click to go to Table of Content
Chapter 1

Introduction to Assurance

What is Assurance?

Definition

An assurance engagement is: 'An engagement in which a practitioner obtains sufficient appropriate
evidence in order to express a conclusion designed to enhance the degree of confidence of the
intended users other than the responsible party about the outcome of the evaluation or measurement
of a subject matter against criteria.’ [International Framework for Assurance Engagements, 7
Giving assurance means offering an opinion about specific information to enable confident decision-
making, reducing the risk of incorrect information.

Assurance Engagement: Key Elements

Five Elements of an Assurance Engagement:

1. Three Party Involvement

 Practitioner: The reviewer who provides the assurance.
 Intended Users: People using the information to make economic decisions.
 Responsible Party: The party responsible for preparing the information.
2. Appropriate Subject Matter
 The specific information subject to examination by the practitioner.
3. Suitable Criteria
 Standards, guidance, laws, and regulations against which the subject matter is
evaluated.
4. Sufficient Appropriate Evidence
 Enough relevant and reliable evidence to support the practitioner's opinion/conclusion.
5. Written Assurance Report in an Appropriate Form
 A formal report expressing a conclusion or opinion about the subject matter.

3
VERTEX LEARNING SOLUTIONS - https://vls-online.com Click to go to Table of Content
Assurance Engagement Elements: Audit vs. Forecast

1. Three Party Involvement

 Practitioner:
 Audit: Auditor
 Forecast: Assurance provider
 Intended Users:
 Audit: Shareholders
 Forecast: Directors/provider of finance
 Responsible Party:
 Audit: Directors
 Forecast: Directors

2. Appropriate Subject Matter

 Audit: Financial statements

 Forecast: Forecast

3. Suitable Criteria

 Audit: Financial reporting framework

 Forecast: Appropriate assumptions and financial reporting framework

4. Sufficient Appropriate Evidence

 Audit: Obtained by performing audit procedures such as tests of controls, tests of detail,
and analytical procedures
 Forecast: Obtained by performing examination procedures such as inspection of documents,
inquiries, and analytical procedures

5. Written Assurance Report in an Appropriate Form

 Audit: Independent auditor’s report providing an opinion as to whether the financial

statements give a true and fair view
 Forecast: Independent assurance report providing a conclusion on whether anything has
come to the practitioner’s attention.

4
VERTEX LEARNING SOLUTIONS - https://vls-online.com Click to go to Table of Content
Differentiating Types of Assurance Engagements

1. Reasonable Assurance Engagements

 Objective: To obtain sufficient appropriate evidence to draw reasonable conclusions and

express a high level of assurance.
 Evidence Gathering: Extensive and thorough, involving detailed testing.
 Procedures:
 Tests of controls.
 Substantive procedures.
 Nature: In-depth, detailed examination.
 Conclusion: Conforms in all material respects with the identified suitable criteria.
 Assurance Opinion: Positively worded.
 Example: "In our opinion, the financial statements give a true and fair view of the
financial position of the company as at December 31, 20X4, and of its financial
performance and its cash flows for the year then ended in accordance with
International Financial Reporting Standards."
 Level of Assurance: High (reasonable assurance).

2. Limited Assurance Engagements

 Objective: To obtain sufficient appropriate evidence to draw limited conclusions and

express a moderate level of assurance.
 Evidence Gathering: Limited in scope, involving fewer procedures.
 Procedures:
 Mainly enquiries.
 Analytical procedures.
 Nature: Less extensive, less detailed examination.
 Conclusion: The subject matter is plausible in the circumstances, with respect to identified
suitable criteria.
 Assurance Conclusion: Negatively worded.
 Example: "Nothing has come to our attention that causes us to believe that the
financial statements are not prepared, in all material respects, in accordance with
International Financial Reporting Standards."
 Level of Assurance: Moderate or lower than reasonable assurance.
5
VERTEX LEARNING SOLUTIONS - https://vls-online.com Click to go to Table of Content
Key Differences

Element Reasonable Assurance Engagement Limited Assurance Engagement

Objective High level of assurance Moderate level of assurance

Sufficient and appropriate,

Evidence Sufficient and appropriate, thorough
limited

Tests of controls and substantive Enquiries and analytical

Procedures
procedures procedures

Conforms in all material respects with

Conclusion Plausible in the circumstances
criteria

Assurance
Positively worded Negatively worded
Opinion

Level of
High (reasonable assurance) Moderate or lower
Assurance

ISA (International Standards on Auditing) Context:

 Reasonable Assurance: Audits of financial statements (ISA 700).

 Limited Assurance: Reviews of financial statements (ISRE 2400).

Understanding these distinctions helps users appreciate the level of confidence they can place in
the different types of assurance engagements.

External Audit Engagements

An external audit is an example of a reasonable assurance engagement.

Purpose Of An External Audit Engagement

ISA 200 Overall Objectives of the Independent Auditor and the Conduct of an Audit in Accordance
with International Standards on Auditing states the purpose of an external audit engagement is to
‘enhance the degree of confidence of intended users in the financial statements.’
6
VERTEX LEARNING SOLUTIONS - https://vls-online.com Click to go to Table of Content
This is achieved by the auditor expressing an opinion on whether the financial statements:

 Give a true and fair view (or present fairly in all material respects).
 Are prepared, in all material respects, in accordance with an applicable financial reporting
framework. [ISA 200, 3]

Note:

 The financial reporting framework to be applied will vary from country to country. In Audit
& Assurance, it is assumed that International Financial Reporting Standards are the basis for
preparing the financial statements.
 The accounting standards examinable for Audit & Assurance are those from Financial
Accounting at the Applied Knowledge level.
 Definitions:
 True: factually correct information which conforms with accounting standards and
relevant legislation and agrees with the underlying records.
 Fair: clear, impartial and unbiased information which reflects the commercial
substance of the transactions of the entity.

Objectives of The Auditor

The objectives of an auditor are to:

 Obtain reasonable assurance about whether the financial statements are free from material
misstatement, whether due to fraud or error.
 Express an opinion on whether the financial statements are prepared, in all material
respects, in accordance with an applicable financial reporting framework.
 Report on the financial statements, and communicate as required by ISAs, in accordance
with the auditor's findings. [ISA 200, 11]

Need for External Audit

1. Role of Shareholders and Directors

 Shareholders: Provide financing; may not be involved in daily operations.

 Directors: Manage company to achieve shareholder wealth maximization.

7
VERTEX LEARNING SOLUTIONS - https://vls-online.com Click to go to Table of Content
  Financial Statements: Prepared by directors to inform shareholders about company
performance and financial position.

2. Risk of Financial Manipulation

 Incentives: Directors may manipulate financial statements to influence perceptions of

company performance.

3. Importance of Independent Review

 Objective: Ensure financial statements provide a true and fair view.

 External Audit: Independent review to verify accuracy and reliability of financial
statements.

4. Legal and Voluntary Audits

 Legal Requirement: Publicly quoted and large companies in developed countries must audit
annual financial statements.
 Voluntary Audits: Companies not legally required may opt for audits to meet
shareholder/stakeholder expectations and derive benefits.

Benefits of External Audit (Mnemonic “HIRED “)

 Higher quality information, which is more reliable, improves the reputation of the market.
 Independent scrutiny and verification may be valuable to management.
 Reduces the risk of management bias and fraud and error by acting as a deterrent. An
audit may also detect bias, fraud and error.
 Enhances the credibility of the financial statements, e.g. for tax authorities or lenders.
 Deficiencies in the internal control system may be highlighted by the auditor

Limitations of an Audit (Mnemonic “FIRED”)

 Financial statements include subjective estimates and other judgmental matters.

 Internal controls may be relied on which have their own inherent limitations.
 Representations from management may have to be relied upon as the only source of
evidence in some areas.
 Evidence is often persuasive not conclusive.
 Do not test all transactions and balances, only a sample are tested.

8
VERTEX LEARNING SOLUTIONS - https://vls-online.com Click to go to Table of Content
External audits are crucial for ensuring transparency, reliability, and accountability in financial
reporting. They provide essential assurance to stakeholders and contribute to improved corporate
governance and decision-making processes. Whether mandated or voluntary, audits play a pivotal
role in fostering trust and credibility in the business environment.

Expectation Gap

Misconceptions about the role of audits leading to unrealistic expectations of absolute assurance.

Examples of Expectation Gap

1. Testing of Transactions:
 Misconception: Belief that auditors test all transactions and balances.
 Reality: Auditors perform tests on a sample basis.
2. Fraud Detection:
 Misconception: Belief that auditors will detect all fraud.
 Reality: Auditors provide reasonable assurance that financial statements are free
from material misstatement, including those caused by fraud.
3. Responsibility for Financial Statements:
 Misconception: Belief that auditors are responsible for preparing the financial
statements.
 Reality: Preparation of financial statements is the responsibility of management;
auditors review and provide an opinion on these statements.

Note:

The auditor provides reasonable assurance which is not absolute assurance. The limitations of an
audit mean that it is not possible to provide a 100% guarantee of accuracy.

Review Engagements

A review engagement is an example of a limited assurance engagement.

Key Standard

 ISRE 2400, 14: Specifies that the objective is to perform inquiry and analytical procedures
to reach a conclusion on the financial statements' compliance with the reporting framework.
9
VERTEX LEARNING SOLUTIONS - https://vls-online.com Click to go to Table of Content
Purpose of a Review Engagement

 Alternative to Audit: Chosen by companies not legally required to have an audit.

 Cost and Disruption: Less costly and less disruptive compared to an audit.
 Assurance Level: Provides some assurance to users of financial statements.

Procedures in a Review Engagement

 Analytical Procedures: Focus on analyzing financial data for trends and consistency.
 Enquiries of Management: Involves questioning management about financial information
and processes.
 No Tests of Controls: Unlike audits, reviews do not include tests of internal controls.

Objective of a Review Engagement

 Limited Assurance: Work is less in-depth than an audit, providing limited assurance.
 Conclusion: The practitioner concludes whether anything has come to their attention
indicating that the financial statements are not prepared in all material respects according
to the applicable financial reporting framework.

Review engagements serve as a cost-effective alternative to audits, offering limited assurance

through analytical procedures and management enquiries without the need for extensive testing of
controls. The objective is to identify any significant issues with the financial statements' preparation
according to the reporting framework

Important Terminologies

Accountability

This means that people in a position of power can be held to account for their actions, i.e. they can
be compelled to explain their decisions and can be criticized or punished if they have abused their
position. Accountability is central to the concept of good corporate governance – the process of
ensuring that companies are well run – which we will look at in more detail in the chapter ‘Corporate
governance’.

10
VERTEX LEARNING SOLUTIONS - https://vls-online.com Click to go to Table of Content
Agency

This occurs when one party, the principal, employs another party, the agent, to perform a task on
their behalf.

Stewardship

This is the responsibility to take good care of resources. A steward is a person entrusted with
management of another person’s property, for example, when one person is paid to look after
another person’s house while the owner goes abroad on holiday. The steward is responsible for the
way they carry out their role. This relationship, where one person has a duty of care towards
someone else is known as a ‘fiduciary relationship’.

Fiduciary Relationship

This is a relationship of ‘good faith’ such as that between the directors of a company and the
shareholders of the company. There is a ‘separation of ownership and control’ in the sense that the
shareholders own the company, while the directors make the decisions. The directors must make their
decisions in the interests of the shareholders rather than in their own selfish personal interests.

Conclusion

 The directors are the stewards of the company.

 The shareholder is the principal, employing the directors (the agents) to run the company on
their behalf.
 The directors are accountable to the shareholders for the way in which they run the company

11
VERTEX LEARNING SOLUTIONS - https://vls-online.com Click to go to Table of Content
Chapter 2

Rules and Regulation

The Need for Regulation

Regulatory initiatives in auditing aim to restore trust by harmonizing procedures, focusing on quality,
and enforcing strict ethical standards. National corporate laws, auditing standards, and ethical
codes form the regulatory framework that auditors must follow to ensure consistent, reliable, and
unbiased audit practices globally

 Increased Scrutiny: Over the last 30 years, the role of auditors has come under scrutiny due
to high-profile audit failures.
 Catalyst: The collapse of Enron and its auditor Arthur Andersen highlighted the need for
regulatory changes.

Initiatives to Regain Trust in Auditing

1. Harmonization of Auditing Procedures:

 Aim: Ensure global consistency in audit practices.
 Benefit: Increases user confidence in audit services worldwide.
2. Focus on Audit Quality:
 Aim: Meet user expectations by improving audit quality.
 Benefit: Enhances the reliability and credibility of audits.
3. Adherence to Ethical Code of Conduct:
 Aim: Improve perceptions of auditors as independent and unbiased.
 Benefit: Strengthens trust in the auditing profession.

Regulatory Guidance

 National Corporate Law:

 Examples: The Companies Act 2006 (UK), The Sarbanes-Oxley Act (US).
 Role: Provide legal framework and requirements for corporate governance and
auditing.
12
VERTEX LEARNING SOLUTIONS - https://vls-online.com Click to go to Table of Content
  Auditing Standards:
 Basis: International Standards on Auditing (ISA).
 Role: Establish principles and procedures for conducting high-quality audits.
 Code of Ethics:
 Importance: Ensures auditors adhere to professional ethical standards.
 Coverage: Detailed in the chapter on 'Ethics and Acceptance'.

Legal Requirements for Audits and Auditors

 UK Law (Companies Act 2006):

 Applicability: Provides specific requirements for audits and auditors in the UK.
 General Principles: Similar principles apply across different countries, despite
variations in specific laws.

National law includes:

 Which companies are required to have an audit

 Who can and cannot carry out an audit
 Auditor appointment, resignation and removal
 The rights and duties of an auditor.

Who Needs an Audit and Why?

 Legal Mandate: In most countries, companies are legally required to undergo an audit.
 Exemptions: Small or owner-managed companies are often exempt from audit
requirements.

Exemptions for Small Companies

Audits are mandatory for most companies by law, but exemptions are provided for small companies
due to factors like overlap of ownership and management, greater value from other accounting
services, immaterial impact of misstatements, and cost considerations. However, exemptions
typically do not apply to companies in regulated sectors, ensuring these entities undergo audits to
maintain financial transparency and trust.

13
VERTEX LEARNING SOLUTIONS - https://vls-online.com Click to go to Table of Content
Reasons for Exempting Small Companies from Audit

1. Overlap of Ownership and Management:

 Owners and managers are often the same individuals, this reduces the need for external
audit oversight.
2. Value Addition by Accountants:
 Small companies benefit more from other services (e.g., accounting, tax advice) provided
by accountants rather than audits.
3. Materiality of Misstatements:
 Misstatements in small company financial statements are unlikely to have a significant impact
on the wider economy.
4. Cost-Benefit Analysis:
 The cost and disruption of an audit are perceived to outweigh the benefits for small
companies.

Who May Act as Auditor

Eligibility Criteria for Auditors

 Membership in Recognized Supervisory Body (RSB):

 Example: Association of Chartered Certified Accountants (ACCA).
 Requirement: Must be allowed by the rules of the RSB to act as an auditor.
 State Authorization:
 Requirement: Direct authorization by the state.

Conducting Audit Work

Individuals who are authorized to conduct audit work may be:

 Authorized Individuals:
 Sole practitioners
 Partners in a partnership
 Members of a limited liability partnership
 Directors of an audit company

14
VERTEX LEARNING SOLUTIONS - https://vls-online.com Click to go to Table of Content
 Eligibility for Firms to Offer Audit Services:

 Must be controlled by members of a suitably authorized supervisory body.

 Alternatively, directly authorized by the state.

Country-Specific Requirements:

In some countries, only individuals can be authorized to act as auditors, requiring direct state
authorization.

Who May Not Act as Auditor as per Audit Standards

Legal and Ethical Exclusions

1. Exclusions by Law

 Company Management and Employees:

 Restriction: Individuals who manage or work for the company.
 Reason: To prevent conflicts of interest and maintain independence.
 Business and Personal Connections:
 Restriction: Individuals with business or personal connections to the company.
 Reason: To ensure objectivity and impartiality.

2. Exclusions by Audit Standards (International Standards on Auditing - ISAs)

 Independence (ISA 200, ISA 220):

 Financial Interests: Auditors with direct or material indirect financial interests in the
audited entity.
 Business Relationships: Auditors with close business relationships with the audited
entity.
 Family Relationships: Auditors with close family members in key management
positions of the audited entity.
 Other Relationships: Any relationships that could compromise the auditor’s
independence in fact or appearance.
 Competence (ISA 210, ISA 300):

15
VERTEX LEARNING SOLUTIONS - https://vls-online.com Click to go to Table of Content
  Requirement: Auditors must possess the necessary technical competence and
professional skills.
 Lack of Expertise: Auditors without adequate expertise in the relevant industry or
subject matter.
 Inadequate Training: Auditors who have not undergone sufficient training and
education.
 Confidentiality (ISA 200, Code of Ethics):
 Requirement: Auditors must maintain the confidentiality of information obtained
during the audit.
 Breaches of Confidentiality: Auditors who have previously breached confidentiality
agreements or standards.

3. Exclusions by the Code of Ethics (IFAC Code of Ethics for Professional Accountants)

 Self-Interest Threat: Situations where the auditor could benefit financially from the audit
outcome.
 Self-Review Threat: Situations where the auditor is in a position to review their own previous
work.
 Advocacy Threat: Situations where the auditor promotes a position or opinion to the point
that objectivity is compromised.
 Familiarity Threat: Situations where the auditor becomes too sympathetic to the interests of
others due to a close relationship.
 Intimidation Threat: Situations where the auditor is deterred from acting objectively by
threats, whether actual or perceived.

Appointment and Removal of Auditors

Appointment of Auditors

 Members (Shareholders):
 Authority: Appoint auditors by voting at general meetings (AGM or EGM).
 Directors:
 First Appointment: Directors may appoint the first auditor or fill a casual vacancy,
subject to members' approval at a general meeting.

16
VERTEX LEARNING SOLUTIONS - https://vls-online.com Click to go to Table of Content
  Ongoing Appointment: In some jurisdictions, directors may appoint auditors as a
matter of routine.

 Secretary of State:
 Authority: Appoints auditors if neither members nor directors appoint one.
 Tenure:
 Public Companies: Auditors appointed annually from one AGM to the next.
 Private Companies: Auditors appointed until they are removed.

Removal of Auditors

 Conditions for Removal:

 Independence and Effectiveness: Removal must ensure auditors' independence and
effective performance.
 Procedure:
 General Meeting: Removal by simple majority vote at a general meeting.
 Safeguards: Notice period to prevent sudden removal resolutions influencing votes
unfairly.
 Auditor's Representation:
 Rights: Auditors can present reasons why they should not be removed.
 Reporting Requirements:
 Statement of Circumstances: Details of cessation of office sent to the company and
regulatory authority.

Resignation as Auditor

When auditors and management cannot cooperate effectively, the auditor typically resigns, issuing
written notice and a statement of circumstances to shareholders and regulatory authorities. This
ensures transparency and regulatory compliance while maintaining audit integrity through a smooth
transition process.

17
VERTEX LEARNING SOLUTIONS - https://vls-online.com Click to go to Table of Content