Describe the matters that the partners of Middletons should have considered and the procedure(s) the firm should have carried out in determining whether it should accept the appointment as auditors to Gramjon Limited. The most general definition of an audit is an evaluation of a person, organization, system, process, project or product. Audits are performed to ascertain the validity and reliability of information, and also provide an assessment of a system's internal control. (Wikipedia, 2009) Auditors have to do a lot of research on a firm before accepting an appointment.
The main matters they must consider are; • Fees – It is recommended that fees from any one client should not surpass 15% of the gross fees of the audit firm. • Legislation – Auditors must be familiar with the most recent Companies Act and follow the International Standards on Auditing. • Ethics – All auditors are bound by codes of professional ethics under ISA 200. These include integrity, independence, objectivity, confidentiality and professional competence. • Conflicts of interest – The auditor should not make any executive decisions for the company, or provide any accounting assistance.
It is the responsibility of the management to prepare the statements, the auditor just checks and verifies the items. • Resources – This includes making sure that staff within the firm possess the adequate skills to fulfill their duties. This is important because it is the responsibility of the management to prepare the financial statements – the auditors just check them. Similarly, it is important other employees can do their jobs properly, or the statements may be prepared on a false basis.
Boynton and Johnson (2006) outline six procedures that an auditor should undertake when deciding whether to accept an appointment; • Evaluating integrity of management – The auditor must be confident that the management of the firm can be trusted. Error and irregularity is more likely when the managers are deceitful. In order to assess the integrity of management, an auditor should do two things; 1. Contact the previous auditors of the firm to make sure the firm is not trying to cover up a misstatement in the accounts. 2.
Enquire with third parties who have dealt with the firm, such as banks and creditors. As Gramjon are a new client for Middletons, these steps should be carried out in order to ensure management integrity. If Gramjon do not give permission for the prior auditors to be contacted, or the auditors fail to respond, Middletons should refuse the appointment. • Identifying special circumstances and risks – Auditors need to be aware of the people who will be reading and relying on the financial statements the firm has produced.
This may require the auditor to write the audit report in a specific way so everyone can understand it. Also, he must consider the level of risk involved in performing the audit. • Assessing competence to perform the audit – Before the audit begins, the auditor must ensure he can conduct the audit with professional capability. This consists of identifying the audit team and considering the need to contact specialists. An audit team usually includes a partner who is responsible for the engagement, managers that have experience within the industry and staff who perform audit procedures.
In this case, a computer specialist is also required to evaluate the computerized controls. • Evaluating independence – The Companies Act 1989, s27 (ineligibility on ground of lack of independence) states that a person is ineligible for appointment as company auditor of a company if he is; (a) an officer or employee of the company, or (b) a partner or employee of such a person, or a partnership of which such a person is a partner, or if he is ineligible by virtue of paragraph (a) or (b) for appointment as company auditor of any associated undertaking of the company.
A person is also ineligible for appointment as company auditor of a company if there exists between him or any associate of his and the company or any associated undertaking a connection of any such description as may be specified by regulations made by the Secretary of State. Not only should the auditor be independent, but he must be perceived to be independent. • Making the decision to accept or decline the audit – The main issue an audit firm must consider when accepting or declining an audit is its own business risk.
If the auditor backs out of the audit after the engagement letter has been signed, he may be liable for breach of contract. • Preparing the engagement letter – The nature and scope of the audit must be clearly stated in the engagement letter. This is to ensure that there are no misunderstandings between the client and the auditor. b) Explain the implications for an audit firm, where it chooses not to issue an engagement letter to a new audit client. An engagement letter defines the legal relationship between a professional firm and its clients.
It forms the basis of the contract between the two parties and is legally binding. ISA 210 states it is in the interest of both client and auditor that the auditor sends an engagement letter to help in avoiding misunderstandings with respect to the engagement. It should help avoid disputes about fees seeing as they are included in the letter. The case of Tenants (1136) is frequently used to show the importance of an engagement letter. (Goldwasser, 2005) The auditor failed to inform clients of employee wrongdoings, making them liable in a court of law.
c) Identify the significant factors that you would expect to have influenced Mr. Toms to assess as ‘high’ the inherent risk associated with the audit of the financial statement of Gramjon Limited. You should explain the significance of each factor identified. Audit Risk is the risk that auditors may give an inappropriate audit opinion on financial statements. (Dunn, 1996) It is calculated by working out Inherent Risk x Detection Risk x Control Risk. Control Risk is the probability that material error in the financial statements will not be prevented or detected by the internal control system.
Detection Risk is the probability that audit procedures will fail to detect material error in the financial statements. (Spicer, 1990) Inherent risk is the risk which derives from the nature of the entity itself, its business and of its environment, or at the transaction level it is the susceptibility of the transactions to possible misstatement due to their nature or complexity. (Millichamp, 2008) It corresponds to the likelihood of a misstatement in the final figures. It is made up of two components, both of which are further broken down. These are; Entity Level Risk, factors include;
- Integrity of management - Management Knowledge and Experience - Management changes - Nature of the business Factors influencing Inherent risk at this level include; • Experience and Reputation of Management – Inexperienced managers may make errors in the preparation of financial statements as they are still getting used to how the business works. The appointment of a new Financial Director during the period may affect the level of risk, as he has a lack of experience. Profits could be materially over/understated and subsequently the financial statements could contain material errors.
• Market Competition – The amount of market competition could influence trading as firms frequently contend with each other to bring the best prices to the public. In trying to gain a stronger hold in the market, Gramjon’s could complicate transactions and increase inherent risk. • Nature of the Business – Auditors must consider how volatile the company they are dealing with is, in order to assess as a going concern. As Gramjon’s do have many customers, the business is less risky than a company that trades with only a few customers.
The second component of inherent risk is Account Balance and class of transaction level risk, factors include; - Balances susceptible to misstatement - Unusual and complicated transactions - Degree of judgment - Quality of accounting systems The significant factors here include; • Fraud – As two managers had been dismissed earlier in the year for carrying out a fraud, the auditor must consider whether that was a one off issue or whether the same situation will arise again. In instances where cash transactions are made, it is easy for transactions to be rigged.
Instead of depositing a cash payment, someone may pocket it. This would understate the cash figure, and if carried out often, would understate the final year profit. This could result in tax and other implications. • Proposed takeover bid – The auditor must consider that the directors may be tempted to overestimate figures in order to convince the bidders that the company is worth more than it is believed, or has been offered. This is more of an issue in this case because the offer price depends on the company’s trading results from last year.
• Computerized accounting systems – As Gramjon operate computer based systems, a lot of time and attention must be dedicated to their controls. If any sort of modification or upgrade has been carried out in the last year, it needs to be disclosed, as something could be incorrect, resulting in errors. It would not be immediately obvious that any errors have arisen, so internal tests need to be carried out to test the system. New computer systems also take a while to get used to. Another issue is considering that managers were able to override the controls last year.
The same could happen again this year. • Renovation and Improvements – It is a possibility that the expenditure may have been incorrectly classified between capital expenditure and maintenance expenditure. This results in an error in the financial statements. • Worker Bonuses – As the productivity scheme is quoted as complex, the distribution of bonuses may follow suit. Employees that are not entitled to the bonuses could receive them and vice versa. Complicated transactions such as these could increase the possibility of misstatement in the accounts and therefore not represent a true and fair view.
d) Explain the significance of planning with regard to any audit engagement. ISA 300: Planning an audit of financial statements states; “Auditors should develop an overall audit plan for the audit in order to reduce audit risk to an acceptably low level. ” Planning should be carried out to ensure the audit will be performed in a professional way, to reduce audit risk as much as possible and ensure deadlines are met. A good plan allows the auditor to acquire a good knowledge of the business prior to the audit so he can evaluate the suitability of accounting procedures and disclosures.
Sufficient knowledge should include that of the industry, market and financial stability of the company. This ensures that an appropriate amount of attention is paid to important areas and that problems are suitably identified before any audit work commences. If problems are discovered whilst performing the audit then all the work done will have been in vain. The auditor will have to re-start the whole audit so as to confirm that the problem does not influence the financial statements or any other numerical recorded item within the business. e) Explain the general and specific matters that Mr.
Toms should consider when carrying out the detailed planning of the final audit of the financial statements of Gramjon Limited for the year ending 31 March 2009. Prior to an audit being carried out, an Audit Planning Memorandum must be compiled. This is an essential document as it is the auditor’s evidence to prove that a plan has been carried out. It is important for an audit to be planned in advance because any potential problems can be identified early and attention can be focused on areas of high risk. The factors that should be considered include;
• Size and complexity of the business – Firms with many branches will be more difficult to audit as transactions are not being carried out in just one place. Rotational testing must be scheduled so the auditor can visit more than just the one store. • Auditor experience and knowledge of the business – Planning for a new client will take longer than for an existing client. This is because the auditor has to fully research the business industry first in order to understand transactions and events. • Staff – Does the company have enough staff? If not, certain areas of the business may not have sufficient numbers of workers to assist the auditor.
• Client Co-operation – This is considering whether required information will be presented in good time. This should not be an issue for Gramjon as they have an established accounting system. • Changes in Legislation – The auditor must be sure that there have not been any updated Auditing Standards or Law. If there has been and the auditor doesn’t apply the new standards, the audit will be void as it is not based on current legislation. This will create problems for Gramjon as their published accounts will not show a true and fair view and for Middletons as Mr. Toms has not exercised the required ability of an auditing expert.
• Risk – A risk assessment should be planned and then carried out to determine the level of audit risk. It is impossible to eliminate all risk, so most companies tend to work towards a 95% margin. • Industry – The auditor must understand the market that the client is trading in, as well as the level of competition and general market conditions. • Economy – Auditors will also have to take into account the current economic situation. If the economy is declining, then trading may also decline, meaning Gramjon may have to finance day to day running of the business in a different way to what they usually do.
• Previous Auditors – Why have they been replaced after being Gramjon’s auditors for a number of years? Gramjon were originally happy with the service the previous auditors had been giving them, so Middletons must try and decide why a replacement was necessary. Auditors can only be replaced by letter of resignation or by removal at the annual general meeting by shareholders. • Financial Performance – Generally accepted auditing standards require auditors to understand the performance of the firm, by using accounting ratios, budgets and variance analysis.
Although these things will be created by Gramjon’s computerized system, the auditor must make sure the ratios are correct so there are no errors in the financial statements. f) Describe FIVE typical control procedures that you would expect Mr Toms to have found when ascertaining the system employed for repairs to personal computers, television sets and DVD players by Gramjon Limited. Such controls could cover for example physical security of items held for repair, job costing or completeness of recording in the company's accounting records.
You should explain the objective of each control procedure described. An internal control system is a system of controls, financial and otherwise, established by the management in order to; (Dodge, 1990) • Carry on the business of the enterprise in an orderly and efficient manner • Ensure adherence to management policies • Safeguard the assets • Secure as far as possible the completeness and accuracy of the records Typical control procedures can be represented by the mnemonic SOAPSPAM, which stands for; Segregation of duties Organisational Controls Authorisation and Approval
Physical Controls Supervision Personnel Arithmetical Procedures Management Segregation of duties involves the idea that no transactions should be the sole responsibility of one person, but of many. The objective of this procedure is to eliminate risk of accidental error and is the main protection against fraud. One employee could accept the TV bought in and record it; another could accept the payment and authorize a receipt for when the customer returns. Failure to maintain segregation makes it easier for employees to commit error or fraud and cover it up.
Authorization and approval refers to the idea that all transactions should be approved by the relevant person. All items bought in for repair should be authorized by the engineering manager and all items returned to customers should be approved by the general manager. Acceptance limits should also be placed on departments, to guarantee for example that the engineers are not taking on too many items at once. This could increase the risk of error in recording transactions. Physical Controls involve security measures that limit access to authorized personnel only.
Gramjon should have coded doors to prevent the public from entering the workshop. This ensures that the items that have been bought in for repair are safe and will not be stolen. Also, with a computerized system, Gramjon should adopt a security procedure to limit staff access to their required program only. Sales staff do not need to access the repair logs that engineers will use; similarly, neither needs managerial access to the full system. This control reduces the risk of bogus accounts being created, as staff can’t carry out a full accounting transaction alone. Management controls are more extreme than general controls.
Managers must be aware of day to day activities within the business and must perform regular checks to make sure business is running smoothly. They should acknowledge sales contracts by means of stamps or initialing the document, to show that the transaction has been checked. Arithmetical procedures are carried out to check that transactions have been accurately recorded and processed. An example of this would be checking the sales account off with the invoices retained from each transaction. Doing this confirms that nothing is in the accounts that shouldn’t be and that all calculations have been done correctly.
g) Explain why testing by the auditor for completeness of income in a company such as Gramjon Limited would be considered to be more complex than testing for completeness of income in a similarly well controlled single site manufacturing company selling to a relatively small number of wholesalers on credit terms. Income testing would be easier for a business that makes credit transactions as it is clear that the debtors exist. Trading to a small number of customers increases inherent risk, but makes it easier for an auditor to test.
The mnemonic CAVEBOP can be used to illustrate the assertions that should be made about balance sheet items. CAVEBOP stands for; • Cost • Authorisation • Value • Existence • Beneficial Ownership • Presentation If auditing a company like this, Mr Toms could collect evidence to verify that the debtors represent genuine customers (existence), that the amounts due have stated at the correct value (value) and that all transactions have been recorded (presentation). It is not unknown for a company selling of credit terms to create frauds, like in the case of McKesson and Robins Inc.
, USA (1939), but it isn’t as straight forward to do so as it would be for Gramjon. For a firm like Gramjon who sell items on cash terms, it is impossible to contact all the customers. Also, invoices are not issued to people who pay by cash, so it is harder for the auditor to check that these transactions have in fact been made. Some aspects of CAVEBOP will be harder to verify so more time and expertise is required. As long as a sufficient audit plan has been previously compiled, it is possible to complete the verification process.