Test of controls - F8

Test of control (TOC) or compliance testing is an audit procedure that aims to test whether the company's internal control systems are operating effectively. It is performed if auditors perceive that the internal controls of the company are strong. If the result of TOC is that the internal controls are really strong, then auditors can perform less work later (probably rely more on substantive analytical procedure rather than test of details).

In exam, TOC is required when the question asks for procedures on the "systems", do not suggest substantive procedure. Again, suggesting TOC is a common sense thing. From the previous article on audit procedures, I have explained about AEIOU + CR, they can be useful as TOC. When you are asked to describe the procedure, you can extend your sentence by adding "to ensure that..." as this will be the control objectives (we do TOC to ensure that control objectives are being achieved by the internal controls). I will provide a number of examples below but you should not aim to remember the procedures. What you should do is to identify the internal controls and then suggest TOC to test these internal controls.

Inventory system

Stocktake (counting inventory) - TOC can be "observe the count teams, ensuring that they are counting in accordance with the clients inventory count instructions". Auditors can also "make test count to ensure that the counting team does not make mistake during the count". A test count means that auditors will count a sample of inventory and compare to the amount counted by the staff.
Authorisation of inventory movements - TOC can be "inspect the authorisation letter to ensure that it is signed by the personnel with the authority to prepare it".

Sales system

Recording of sales transaction - TOC can be "inspect numerical sequence of sales invoices as any breaks will mean that invoices are missing and so sales not recorded correctly".
Discount is given to certain customers - TOC should be "review a sample of sales invoices for evidence of authorisation of discount allowed".

Purchases system

Authorisation of purchase - TOC can be "examine a sample of purchase order to ensure that they have been appropriately authorised".
Control on goods inwards - TOC can be "inspect a sample of GRN to confirm that stores inwards staff sign for goods received.

Cash system

Prompt banking - TOC can be "review bank statement for evidence of frequent banking of cash".
Bank reconciliation - TOC can be "reperform bank reconciliation to ensure that the bank reconciliation is properly done".

Payroll system

Tax is deducted correctly from salary - TOC can be "for a sample of employees' monthly pay, recalculate the amount to be paid as tax to ensure that correct amounts are paid to taxation authorities".
Recording of payroll expenses - TOC can be "for a sample of amounts paid for payroll, match to entries in general ledger to ensure that gross and net pay have been recorded correctly".

The company's internal controls may be SPAM SOAP (a mnemonic for internal controls), the purpose of TOC is to obtain sufficient appropriate audit evidence that these SPAM SOAP are running effectively. Auditors will reperform TOC when the company's internal control systems have changed and at least once in every 3 audits.

One of the common reasons for failure in F8 is the failure to distinguish between TOC and substantive procedure. I hope that you now have better idea of their differences. Suggesting TOC is a matter of audit common sense, just think of how to test whether the internal controls are running well and write down the procedures. Your procedures must be logically so always imagine yourself doing TOC.

Substantive procedures - F8

Substantive procedures are audit procedures that are done to test whether financial statement assertions are being met. As stated in earlier post, the assertions include ACCA COVER (accuracy, completeness, cut-off, allocation, classification, occurrence, valuation, existence, rights and obligations) where you can ignore allocation. Therefore, in running these procedures, first thing to do is to think of what assertion are you testing for. In exam, if you are asked to describe your procedure,don't only list the procedure but also explain what you are testing for. I will give a number of examples below.

Inventory

For the case of inventory, you may need to test for completeness, cut-off (amount is recorded in correct period), classification (in the case of consignment inventory, not likely to appear in exam), valuation (accuracy is for income and expenses while valuation is more assets, liabilities and equity), existence (whether the physical inventory exists, occurrence is used for income and expenses) and rights (whether the company has the ownership right).
If you are testing whether the inventory is valued correctly, your substantive procedure can be described like this: "review the condition of items of inventory to ensure that the valuation of those items is correct on the final inventory summaries." Common sense tells us that if the condition of the inventory is not good, there might be impairment and therefore the risk of overstatement of inventory. You also need the knowledge of IAS 2.
If you are testing existence: "for a sample of items recorded, physically inspect the items to ensure that they exist." If you did not write "to ensure that they exist" then you will only get 0.5 mark, be careful.

Receivables

The assertion includes cut-off, existence, classification, valuation, completeness and rights.
If you are testing existence, one good way is to use receivable circularisation which is a form of confirmation where auditors request for direct confirmation with the receivables.
If you are testing completeness, analytical procedure is useful: "calculate average receivable days and compare this to prior year, investigate any significant differences".
For cut-off, example can be "select a sample of goods despatch notes (GDNs) before and just after the year end and follow through to the sales invoice to ensure they are recorded in the correct accounting period".
For classification: "review the sales ledger for any credit balances and discuss with management whether these should be reclassified as payables".

Liabilities

Assertion includes valuation, existence, classification, cut-off, completeness and obligation. You will need knowledge of IAS 37 to deal with provisions and contingencies.

Equity (share capital, retained earnings and revaluation reserve)

This is not likely to be asked in exam so just get some ideas. You will refer to share register to ensure that issued share capital is correctly stated. Prior perid working papers give evidence on retained earnings. Revaluation surplus or decifit should be compared to valuer's report.

Non-current assets

Assertion includes completeness, existence, valuation, rights and classification.
If you are testing right, you might be looking for title deeds for ownership or purchase invoice to show evidence of acquiring the right.
If you are testing valuation, reasonableness of depreciation is one factor to consider. We might need to "obtain management representation to confirm the reasonableness of the management's estimate of depreciation rate". This is because depreciation rate is an accounting estimate and we can't obtain much evidence other than requesting from management. Whenever the knowledge of facts is confined to management or the matter is principally one of judgement/opinion, we will need to obtain evidence from management representation (ISA 580).

Bank

Assertion includes completeness, existence, cut-off, valuation and right. Bank confirmation is useful to obtain evidence on many of the assertions.
If you are testing completeness:" agree all balances listed on the bank confirmation letter to company's bank reconciliations or trial balance (completeness)". You can use "agree to" for testing completeness in any financial statement elements.

Income (normally sales)

Assertion includes occurrence, completeness, accuracy and cut-off.
To test for occurrence: "for a sample of entries in receivables ledger, agree back to sales invoices to ensure that the transaction has actually occurred".
To test for accuracy" "for a sample of sales invoices, agree the amount to corresponding entries in sales day book/sales ledger to ensure that the amount is accurately recorded".

Expenses (normally purchase and payroll)

Assertion is similar to the assertion of income.
If you are testing cut-off for purchase: "for a sample of GRNs in the week pre and post-year end, trace to the supporting invoice and entry in the payables ledger, ensuring that it is recorded in correct accounting year".

You don't need to remember anything of the above other than ACCA COVER. The procedures are all audit common sense. Also, don't remember what assertions are for what elements, understand why, for example, we test for valuation in assets and accuracy in income. Your approach to substantive procedure should be first to think of financial statement assertions, then come up with a procedure to test it. I give some examples above just to show you how to answer in exam, exam will be more demanding than the above. You should not remember the audit procedures listed in textbook, you should look at the scenario given and come up with your own sensible audit procedures.

Audit procedures - F8

There are so many things that the auditors do in every audit engagement. Firstly, there are two broad types of audit procedures:
1. Test of controls - this aims to check that an audit client's internal control systems are operating effectively.
2. Substantive procedures - this aims to ensure that there are no material errors at the assertion level in the client's financial statements. They include tests of details of transactions, balances, disclosures and substantive analytical procedures. Audit assertions include accuracy, completeness, classification, allocation, cut-off, occurrence, valuation, existence, and rights and obligations (can be remembered by ACCA COVER, although you can ignore allocation in exam as it is actually under 'valuation').

In general the audit procedures can be remembered as AEIOU + CR:

Analytical procedure (A)
This is the analysis of significant ratios and trends and the resulting investigation of fluctuations and relationships that are inconsistent. Essentially, auditor will compare something with something and any significant differences should be discussed with management. Ratio analysis is one technique of analytical procedure. Analytical procedure can be used as substantive procedure (known as substantive analytical procedure) to test for completeness of the records.

Inquiry (E, since it is similar to enquiry)
This means seeking information from knowledgeable persons (eg. management), both financial or non-financial, either within or outside the entity. This is normally used when other audit procedures are not enough to obtain the sufficient appropriate audit evidence, for example inquiring entity's legal council may be necessary for legal issues.

Inspection (I)
This involves examination of records or documents in whatever form (eg. manual or computerised, external or internal). Inspection is normally done to ensure that company's internal controls are running effectively (test of controls) but sometime auditor may need to inspect company's correspondence with outsider as part of substantive procedure.

Observation (O)
In this case, auditor is looking at the processes or procedures being carried out by others. Therefore, this is mainly used in test of controls as auditor needs to ensure that the workers are doing things correctly (eg. inventory count).

Recalculation (U, since 'u' is pronouned in the middle)
This means checking the mathematical accuracy of documents or records. Sometime, auditors need to cast or recalculate total of something (eg. payroll records) to ensure that the amounts are accurate or valued correctly.

Confirmation (C)
This is the process of obtaining a representation of an existing condition from a third party (eg. a receivables letter). External confirmation could be required when sufficient appropriate audit evidence cannot be obtained internally, and this can include confirmation with receivables (also known as circularisation of receivables), bank confirmation, payables confirmation etc. Confirmation can also be internal, for example confirmation with entity's legal council.

Reperformance (R)
This is the auditor's independent execution of procedures or controls that were originally performed as part of the entity's internal control system. For example, auditor may reperform bank reconciliation to ensure that company's bank reconciliation statement is done correctly.

In addition to the above, there are two common substantive procedures done by auditors:
1. Tracing/agree to/reprocessing - this begins from outside the accounting records (documents) and check back to accounting records. This can test the completeness of the records.
2. Vouching/agree back - this begins with the accounting records and check back to supporting documents. This can test the accuracy/valuation of the records.

Diversification - various papers

Diversification is where the company invests in other businesses, maybe in other industry, thus holding a portfolio of different investments. Diversification may be used to help a business to reduce its overall risk where unsystematic risk (risk that affects only specific market) can be reduced by investing in other business with negative correlation of current business, ie. one makes profit while the other makes loss.

At a point where one particular industry is thriving, another may be in difficulties. Thus, by operating in more than one industry, it may be possible to achieve less volatility in overall sales and profits. Furthermore, a diversified business may be in a stronger position to survive a downturn in one of the industries in which it has invested.

Diversification, however, may not enhance shareholder value. It can be costly exercise as a premium often has to be paid in order to acquire another business. The key issue is whether diversification by a business will provide any benefits to shareholders that the shareholders themselves cannot achieve. It may well be cheaper and simpler for a shareholder to hold a diversified portfolio of shares than for a business to acquire another. In Ansoff's product/market matrix (growth vector matrix), diversification is the highest risk strategic option because a business is entering into a totally new market and new product is to be sold.

Therefore, a business has to think twice before considering diversification, unless they are confident that through diversification, they can gain much more, probably through synergy effect and are able to cover the cost of acquisition soon in future, they should not diversify and better to return the cash to shareholders so that they can diversify themselves.

Categories of risk - P1

Here are a list of risks that have not been asked or focused in P1 past exam.
1. Political risk - risk due to political instability and arises from the change of government or change in government policy.
2. Legal/litigation risk - risk that legal action being taken against an organisation.
3. Regulatory risk - risk of changes in regulation affecting the business.
4. Compliance risk - risk of non-compliance with the law resulting in fines/penalties, etc.
5. Product risk - risk of failure of new product launches/loss of interest in existing products.
6. Commodity price risk - risk of a rise in commodity prices (eg. oil).
7. Contractual inadequacy risk - risk that the terms of a contract do not fully cover a business against all potential outcomes.
8. Economic risk - risk that changes in the economy such as inflation, fiscal policy etc might affect the business.
9. Financial risk - risk of changes in level of distributable earnings as a result of the need to make interest payments on debt finance or prior charge capital.
10. Technology risk - risk that technology changes will occur that either present new opportunities to businesses, or on the downside make their existing processes obsolete or inefficient.
11. Fraud risk - vulnerability of an organisation to fraud.
12. Employee malfeasance risk - malfeasance means doing wrong or committing an offence. This is the risk of actions by employees that result in an offence or crime (other than fraud).
13. Credit risk - risk of non-payment by customers.

You will study many types of risks; those not listed here such as market risk (arising from product market, capital market and resource market), reputation risk, strategic risk and operational risk (both of these are part of business risk), environmental risk, entrepreneur risk and so on. It is not difficult to explain these risks because you will roughly understand it by just looking at the words and the above is to provide you the idea of how to get the meaning of the risk. Remember that risk can be either downside (threat) or upside (opportunity).

Assessing creditworthiness using 5C - FFM, F9

One of the key areas in accounts receivable management is credit analysis. This is done before granting credit to the customers and the main element of credit analysis is to assess the creditworthiness of the customers. There are a number of ways such as analysing customers' financial statements, trade reference, reference to report from credit agency etc. Bank uses 5C and this gives us some ideas on how to assess creditworthiness. The 5Cs are capacity, capital, collateral, condition and character.

Capacity
This refers to how capable is the customer in repaying the debt. Statement of cash flows provide an indicator of such capacity so bank might require a projected statement of cash flows from customer.

Capital
Customer should have sufficient assets so that in the event of making losses, he/she can continue to run the business. Capital can also refers to debt vs equity level so bank is interested at gearing ratio.

Collateral
This refers to the assets provided by customer as the security for the loan so that in the event of default, the assets can be used to compensate the bank. This may not be applicable in a trade.

Condition
The business condition of the customer or the overall environment that customer is operating in are considered to determine the key risks faced by customer. A customer in difficult environment is more likely to delay payment or default.

Character
This refers to whether the customer can be trusted by looking at his/her characteristic. For a business, referring to the customer's supplier or bank is one way to check the character of the customer.

A business can also apply a number of these criteria in credit assessment. It is important to choose a correct customer to minimise default risk.

Value engineering - F5, P5

Currently, we can see that accountant has started to change role to become a hybrid accountant. Hybrid accountant has both accounting knowledge and an in depth understanding of the operating functions or commercial processes of the business. Creation of value becomes one of the roles for management accountant. This is an important part of performance management as it leads to competitive advantage.

Value engineering aims to help design products which meet customer requirements at the lowest cost while assuring the required standards of quality and reliability are maintained. It is often regarded as the same as value analysis but we can separately discuss these concepts and include value analysis as part of value engineering. Value engineering techniques include:
1. Value analysis - this involves identifying and cutting out non-value-added activities. Harmon gives a number of examples for non-value-added activities: preparation and set-up, control and inspection, simply moving a product from one place to another without physically changing it, activities that result from delays or failures of any kind. All these should be eliminated as far as possible.
2. Functional analysis - this involves analysing the production functions to determine how changes can be made to improve so as to reduce costs while adding value to customers. For a camera, a number of functions are highly valued by customers, you can see now digital camera is widely used worldwide and functional analysis could have been undertaken to modify the old camera.
3. Design analysis - this involves determining the best design of the product that will keep the costs at the minimum while adding value to customers. Computer has become smaller and smaller, the design is liked by customers and the cost of producing the smaller computer should have been lower than before.

Management accountant can assist in identifying the opportunities for value enhancement and also removing activities that destroy value. Value engineering is also commonly used to close the cost gap identified in target costing so that target price can be used.