Day 2 FAQs

Please read through even if you didn’t ask a question; it’ll help 
But if you do a sequence check then why do you need the exception report? Let’s start from the beginning.
1. I want all documents to be sequentially pre-numbered ( so sales orders for example should have automatic numbering in ascending order.
SO #1, SO #2 and so on). That is the first control. Having sequentially pre numbered documents.
2. A sequence check should be performed frequently. This is another control. Sequence check is conducted to ensure all documents have been completely processed/
taken to the next stage. In my example above, a sequence check would ensure that sales order numbers 1,2,3,4,5,6,7 etc ALL have been dispatched.
3. IF there is a sequence break ( for e.g sales order number 5 was not dispatched, this would be highlighted in an exception report. The exception report
is meant to highlight the odd things so to say!

Can we highlight through highlighter in paper based exams. Yes. There is a highlight tool available. Use it to highlight point in the QUESTION; not the answer!

Can we say that something is a weakness if it can be computerized rather than maintained manually.Yes.

Can we use short forms like P&L, FS and TOC?? Only if you have explained them somewhere in your answer once.

Can we write recommendation like: take samples of sales made and follow the whole sale process. No. This is too generic.

Can you qucikly explain CAATS. Techniques to make the auditor’s life easier! Test data (fake data) can be used by the auditor to test automated controls so this is ONLY
used at the “evaluating internal control over financial reporting” stage (NOT at any other stage!). The other technique is the use of audit software. I always say think of audit
software as a CD that will make my life easier at any stage of audit. It will help in my sample selection, in making exception reports, conducting analytical procedures etc.
could i use inspect, observe, recalculate, enquire and confirm and test data for toc? NO! A few of these yes, definitely not all of them!

Could you kindly clarify how is the GDN generated? The warehouse manager will create it.

Could you please clarify the details of Narratives Descriptive form; explanation in paragraphs.

could you use enquire and confirm, recalculate as toc? NO NO!

deficiencies in design means testing the controls , implementation - is to confirm the process right . ? Deficiency in design means weakness in the way the client
has made the system. Implementation, yep. As you wrote.

Do I need to understand the internal control during deciding the acceptance of new client or during the audit strategy or audit planning? UNDERSTAND the internal
control system at the planning stage, TEST it AFTER planning.
do we do the test on how it operates, or how it would operate after any recommendations we put forward? Can be either depending on the question given. Sometimes
the examiner gives you the system and simply says tell me the test of controls. OR she would ask you to first give a recommendation THEN tell the test of control.

do we do the tests on the recommendations we put forward or on the original processes? Can be either depending on the question given. Sometimes
the examiner gives you the system and simply says tell me the test of controls. OR she would ask you to first give a recommendation THEN tell the test of control

Do we need to be so specific as the answers in revision kit? Typical language? Or we can simply say inspect this and observe this because simply? Simple writing
Inspect or observe is a zero mark. You need to explain WHAT you are inspecting and WHY are you inspecting it (what are you looking for).

Does questions contain more deficiencies than it asked to answer? (i.e. 6 deficiencies found, but only required to answer 2)?Normally yes.

does the AEIOU acronym apply during test of controls. NO!

for test of controls can i say inspect doc..., observe eg goods been received etc Observe is very rarely used ( mainly for a live process that you are going to
go and look at. When using inspect, ensure you write ‘for a sample of sales orders, inspect if they were pre-numbered…”

If ICS strong, less substaitive. WHat's ICS? Internal control system

if internal controls are strong...more reliance can be placed on them and less on substantive testing? Yes.

If the auditor find out about a fraud done, will he prepare the Fs after knowing ? An auditor NEVER PREPARES the financial statements. He audits (verifies) them
to give reasonable assuance. If fraud is found in the financial statements, he will ask the management to correct it. If they don’t, the audit opinion will be affected
depending on its materiality.

in a purchase cycle payment is made after goods are recieved as opposed to sales cycle? why? No no. My example was specific to online sales ( when we wanted the
credit card to be charged before dispatch. For purchases, I can’t pay unless I received the goods and the invoice. Similarly, for sales, customer will only pay once
I have dispatched the goods and the invoice (unless it’s an online sale or cash on delivery etc.)

In answering audit risk. writing that there is a material misstatement or there is an understatement of purchases.
Then does this constitute as an explanation or does that only identify the risk? Identification will come from the scenario (so use words from the case).This is explanation
Of its impact on the financial statements.

Internal controls are done by the internal auditor? Or

It's designed by who? Designed and implemented by the management. NEVER by the internal or external auditors.

Is internal control part of the plan or the strategy? We UNDERSTAND the internal control as a part of the audit strategy but we TEST it in a separate stage.

is payment 'necessary' before delivery as per your question? In online sales, yes if you want to reduce chances of bad debts (unless it’s cash on delivery)
is studying this only can make me pass ummm no! Use the knowledge summary for revision and attempt ALL past exams from June 2012 to Dec 2017.

Is the auditor's work on internal control performed as part of the audit strategy? We UNDERSTAND the internal control as a part of the audit strategy but we TEST it in a
separate stage.

Is there any specific way to report deficiencies to management Yes. In a tabular form.

Maám, For Auditor’s response to Audit risks – How many points should we ideally provide to get that full 1 mark?One.

Maám, how imp is Audit documentation and quality control? Very! As are all the topics 

Maám, kindly explain Sequence checks again with the example you gave. Explained in the first question above.

Madam, what are the differences between "authorisation" included in "segregation of duties" and "authorisation" below? It’s the same. In segregation of duties,
the context was that this should be done by a separate person.

Should we learn ISA numbers?No!

so test of controls are more like substantive procedures ? NO NO NO! TOCs test system. Substantive testing is for amounts and disclosures etc.

what is the other name for mgt letter. Letter of weaknesses.

What should be included in the covering letter? Uploaded separately.

what's the difference between controls and tests of control? I am so confused Control is you recommendation of what should be happening. TOC is the confirmation that the
recommendation that you gave has been implemented and is working.

Which is the most preferred method out of the three Narratives, Flowcharts or Questionnaires? Each has its advantages and disadvantages.

who do you communicate management letter to, is it the audit committee or the managing directors? Those charged with governance ( Audit Committee or the entire board)

Why should deffeciencies be reported immediately? No point in waiting. These won’t affect our opinion. And you are giving recommendations regarding system
Improvement so they should know now.

why we are not recording transaction at the point of dispatched good or good receive notes? as the risk and rewards are transfer GDNs and GRNs only have the
quantity, not the price. You can raise the invoice and send it with the GDN.

Why would we need an exception report if we have the sequence check? Please see my answer to the first question.
why would you document the systems and when. Every work that I do HAS to be documented. It’s documented when you understand it at the planning stage.

Will you be covering Audit documentation for us? I'm having a hard time with it. Probably won’t be able to, It’s all knowledge based though. Please use the
Knowledge summary uploaded on day 1 to prepare this topic.