This document was prepared by: Centre for Financial Reporting Reform (CFRR) Governance Global Practice, The World Bank Praterstrasse 31 1020 Vienna, Austria Web: www.worldbank.org/cfrr Email: cfrr@worldbank.org Phone: +43-1-217-0700 © 2018 International Bank for Reconstruction and Development / The World Bank 1818 H Street NW Washington DC 20433 Telephone: 202-473-1000 Internet: www.worldbank.org This work is a product of the staff of The World Bank with external contributions. The findings, interpretations, and conclusions expressed in this work do not necessarily reflect the views of The World Bank, its Board of Executive Directors, or the governments they represent. The World Bank does not guarantee the accuracy of the data included in this work. The boundaries, colors, denominations, and other information shown on any map in this work do not imply any judgment on the part of The World Bank concerning the legal status of any territory or the endorsement or acceptance of such boundaries. Rights and Permissions The material in this work is subject to copyright. Because The World Bank encourages dissemination of its knowledge, this work may be reproduced, in whole or in part, for noncommercial purposes as long as full attribution to this work is given. Any queries on rights and licenses, including subsidiary rights, should be addressed to World Bank Publications, The World Bank Group, 1818 H Street NW, Washington, DC 20433, USA; fax: 202-522-2625; e-mail: pubrights@worldbank.org. Audit Training of Trainers Contents Acknowledgments...................................................................................................................... 2 Introduction ............................................................................................................................... 3 About Volume III – Trainers’ Guide .................................................................................... 4 Other education and teaching resources ........................................................................... 5 Part A: Preliminary engagement activities ................................................................................ 6 Assignment 1 ...................................................................................................................... 6 Assignment 2 ...................................................................................................................... 6 Part B: Understanding the entity ............................................................................................... 8 Assignment 3 ...................................................................................................................... 8 Assignment 4 .................................................................................................................... 10 Assignment 5 .................................................................................................................... 12 Part C: Planning the engagement ............................................................................................ 14 Assignment 6 .................................................................................................................... 14 Assignment 7 .................................................................................................................... 15 Assignment 8 .................................................................................................................... 17 Assignment 9 .................................................................................................................... 19 Part C: Further audit procedures ............................................................................................. 20 Assignment 10 .................................................................................................................. 20 Assignment 11 .................................................................................................................. 22 Assignment 12 .................................................................................................................. 23 Assignment 13 .................................................................................................................. 27 Part D: Closing audit procedures ............................................................................................. 28 Assignment 14 .................................................................................................................. 28 1 Audit Training of Trainers Acknowledgments This Trainers’ Guide was developed by a team of World Bank Centre for Financial Reporting Reform (CFRR) experts led by Kalina Shukarova Savovska, Senior Financial Management Specialist, and including Piotr Pyziak, Extended Term Consultant. Members of the regional Audit Training of Trainers (Audit ToT) Community of Practice provided a platform for the exchange of ideas and information through several workshops and discussions. The team is very grateful to the following institutions, trainers and Professional Accountancy Organizations (PAOs) who participated in the Audit ToT Community of Practice and for the input they provided (listed below in order of country): • Institute of Authorized Charted Auditors of Albania (IEKA) • Association of Accountants and Auditors of Republika Srpska (AAARS) • Union of Accountants, Auditors and Financial Workers of Federation of Bosnia and Herzegovina (SRRF-FBH) • Auditors Chamber in the Federation of Bosnia and Herzegovina • Institute of Certified Public Accountants of Bulgaria • Croatian Audit Chamber • Estonian Auditors’ Association • Society of Certified Accountants and Auditors of Kosovo (SCAAK) • Institute of Certified Auditors of the Republic of Macedonia (ICARM) • Council for Advancement and Oversight of the Audit (CAOA) • Institute of Certified Accountants of Montenegro (ICAM) • Philippines Board of Accountancy • Chamber of Financial Auditors of Romania (CAFR) • Chamber of Authorized Auditors of Serbia (CAA) • Serbian Association of Accountants and Auditors (SAAA) 2 Audit Training of Trainers Introduction The PejaSko Cheese Case Study was developed to facilitate the Audit Training of Trainers (Audit ToT) workshops under the EU REPARIS 1 Program and simulates a small audit client. The Audit ToT workshops focus on Small and Medium Practices (SMP) and aim to develop the capacity of the audit profession to deliver targeted high-quality training to SMPs and provide continuing professional development (CPD) programs based on International Standards on Auditing (ISA). The workshops also develop practical tools and solutions to help SMPs implement ISAs, and maintain quality audit documentation from the quality assurance perspective at the firm and engagement levels. Please visit the program’s homepage for more details: http://go.worldbank.org/D6CT7QUHM0 The workshops topics covered are logically sequenced in the context of the audit cycle, as shown in the graph. The approach and format of the workshops is designed to be highly interactive and enable shared learning and peer exchange among countries in the region and members of the Community of Practice. 1 Road to Europe: Program of Accounting Reform and Institutional Strengthening. 3 Audit Training of Trainers This Case Study is a core teaching resource during the Audit ToT modules and its aim is to provide an opportunity to bridge the gap between theory and the practical application of ISA by simulating a small audit client scenario. Audit documentation templates and examples form part of the case study and allow the audience to go through a real-life business situation, and tackle and solve some real-life problems. The Case Study is structured into three volumes that should be used simultaneously: • Volume I – Audit Simulation This volume represents a summary of the PejaSko Cheese scenario providing the background information about the audit case and also including references to the assignments that participants are expected to work through during the training sessions. • Volume II – Documentation Templates and Examples Volume II is a collection of documentation templates that should be used by participants when completing the assignments of the audit simulation. This section also includes a few examples aiming to assist participants to work through the Case Study. • Volume III – Trainers Guide The proposed solutions and examples outlined in Volume III – Trainers’ guide, have been complied based on the discussions and exchange of opinions among the members of the Audit ToT Community of Practice. Any audit engagement is however unique and subject to the exercise of professional judgment on behalf of the auditor. The proposed approach and examples shown on this client are therefore just one way to approach challenges related to performing an effective small audit. About Volume III – Trainers’ Guide The purpose of this Trainers’ Guide is to help guide trainers when replicating the Audit Training of Trainers workshops within their countries and institutions and facilitate the group work assignments of Volume I (the PejaSko Cheese small audit client simulation) and Volume II (forms and templates). The Trainers’ Guide was compiled based on proposed solutions and answers provided by the Audit Training of Trainers Community of Practice at several workshops that took place in Vienna between November 2015 and October 2017. The learning format and the group work sessions encouraged an interactive discussion among participants and allowed the participating trainers to work in smaller groups on a practical case, share their own experience and reflect how they have acted in certain situations, but also learn from other colleagues who faced similar situations. Any audit engagement is unique and subject to the exercise of professional judgment on behalf of the auditor. The proposed approach and examples shown on this Teachers’ Guide 4 Audit Training of Trainers are therefore just one way to approach challenges related to performing an effective small audit. The Trainers’ Guide is organized in several parts, logically sequenced in the context of the audit cycle and corresponding to topic covered during Audit Training of Trainers modules / workshops, including: • Preliminary Engagement Activities • Understanding the Entity • Planning the Engagement • Further Audit Procedures • Closing Audit Procedures The suggestions for each part include proposed objective and approach for the Assignments (Volume I and II) and suggested answers as discussed by the participating trainers community of practice. Other education and teaching resources In addition to the three volume PejaSko Cheese Ltd. Case Study, the Audit Training of Trainers program offers other available teaching resources and exercises that supplement the modules / workshops and in some instances, build further on the PejaSko Cheese Ltd. Scenario. These can be found at the Audit Training of Trainers web site: http://go.worldbank.org/D6CT7QUHM0, and include: • The Ethical Dilemmas Board Game • Group Challenge: Most Inspiring Audit Trainer • Role Play Exercise: Developing Effective Interview Skills • Simulated Client Meeting: Developing Client Relationship Skills • Group Exercise: Going Concern Judgements • Group Challenge: The PejaSko Quiz 5 Audit Training of Trainers Part A: Preliminary engagement activities Before the workshop, Volume I and II of the simulated audit client case study PejaSko Cheese Ltd. (“PejaSko” or “PC”) are provided to participants and asked to familiarize with the case study content, and especially read the chapters that relate to preliminary engagement activities and understanding the entity. At the workshop, a short presentation is delivered by the facilitators covering the key highlights of the PejaSko case study as well as with the requirements of SA 210, Agreeing the terms of audit engagements. Following the presentations, participants are divided into five table groups, each group ranging between 5-7 participants and are asked to work together in the table groups on the assignments provided in the case study and by referring to information, examples and templates available in Volume I and II of PejaSko. Assignment 1 Review Example 1: Engagement Letter (Volume II) The purpose of this assignment is to familiarize participants with the concept and content of the Engagement Letter. The suggested approach is to allow participants to read the Engagement Letter (for app. 5 minutes) and then the facilitator should highlight some key take-aways (app. 10 minutes) in the context of PejaSko including that this is a voluntary audit based on ISA with modest audit fees and that the financial reporting framework is the IFRS for SMEs. Assignment 2 Based on the information provided complete the Template 2: Client / Engagement Acceptance Form. This assignment allows participants to follow a structured template and practice documenting client and engagement considerations important for making acceptance decision. It is suggested that teams are allowed up to 30 minutes for group work time while documenting client / engagement considerations, followed by a facilitated group discussion of up to 25 minutes (5 minutes per each table group). Each table group is required to present documented considerations of the allocated sections of the Client / Engagement Acceptance Form template. Key takeaways from these discussions may include the following industry and company specific factors that should be documented, including: 6 Audit Training of Trainers • In the case of PejaSko there is no indication that the company has been engaged in questionable issues associated with its owners, management or activities, the business integrity, competence and reputation of the client’s principal owners, key management or any history of questionable financial reporting practices, aggressive interpretation of accounting standards and the internal control environment. • No issues are noted regarding the Audit firm’s competence, capability (including considerations related to conflicts of interest, appropriate industry knowledge, experience with relevant regulatory and reporting requirements) and availability of resources. • Communication with predecessor auditor have not indicated any reasons for concerns, other than a small delay with audit fee collection. • The company is managed by Mr. Svetozar Brankomat, Chairman of the Boars, founder and majority shareholder. Mr. Brankomat is a strong leader with hands-on management style. There appears to be a potential issue with succession as none of his children have shown interest to continue the business. Mr. Brankomat is well experienced in running the business and knows well the production process. He also has a clear strategy for the future of the company. • The Company’s results are below expectations and have deteriorated compared to prior years. There may be issues related with poor budgeting skills or shrinking market share that need to be considered throughout the audit. • There is an overreliance on a few key customers and the company is attempting to diversify by introducing new product lines and expanding in foreign markets. These will require additional capital and investment. • Dividend is paid regularly and there is an expectation from the owners (majority and minority) to achieve results and continue the dividends payout history. • There is a change in tax legislation and the company needs assistance to understand and deal with these new requirements. The company also expects some assistance in other areas, such as counting the livestock and some assistance with preparation of financial statements. • The company has a history of multiple related party transactions, majority of which are with the shareholders and CEO. • There may be issues with appropriate segregation of duties and possibility of management override of controls, however this is typical for any smaller client. 7 Audit Training of Trainers Part B: Understanding the entity Before group work on this section begins, the facilitators present the requirements of: ISA 315, Identifying and Assessing the Risks of Material Misstatement through Understanding the Entity and Its Environment and ISA 240, The Auditor's Responsibilities Relating to Fraud in an Audit of Financial Statements. Following the presentations, participants are divided into five table groups, each group ranging between 5-7 participants and are asked to work together and complete the assignments provided in Volume I and II of PejaSko. Assignment 3 Based on the information provided, complete Template 3: Understand the Entity and its Environment. ISA 315, requires that the auditor perform risk assessment procedures to provide a basis for the identification and assessment of risks of material misstatement at the financial statement and assertion levels. Risk assessment procedures by themselves, do not provide sufficient audit evidence on which to base the audit opinion, however the auditor should document the risk of material misstatement arising from the entity and its environment, including: risk description, significance of risk, class of transactions or account balances affected by the risk and nature of a misstatement. The risk assessment procedures consist of inquiries of management, analytical procedures, observation and inspection. The auditor should obtain: • Understanding of relevant industry, regulatory, and other external conditions including the applicable financial reporting framework; • The nature of the entity, including: operations, its ownership and governance structures, types of investments, subsidiaries, financing sources, balances and disclosures to be expected in the financial statements, entity’s selection and application of accounting policies, including the reasons for changes, entity's objectives, strategies and related Business Risks, and measurement and review of the entity’s financial performance. Participants are asked to refer to the information provided in Volume I of the PejaSko Case Study scenario and read section D. Understanding the entity. Based on this information, participants are required to find the use the relevant information in the scenario and complete the audit documentation required in Volume II by using Template 3: Understand the Entity and its Environment. It is suggested that participants are allowed up to 30 minutes to read the scenario and complete the documentation in the template, and the facilitator 8 Audit Training of Trainers moderates a discussion on the results of this work, up to 30 minutes when each team is asked to present their findings. Key takeaways from the group discussions may include the following: • The market for cheese is divided and the company’s market share is estimated at 6.5%. There are many producers offering similar products. Product quality and good reputation are key to customer loyalty. • The business cycle is relatively non-cyclical with lower production during winter months – due to lower production of milk. Production technology is relatively simple and standard health and safety affect the business and production process. Management is aware that in order to expand into the EU market, the company needs to invest in new technologies improving the process of preparation of cheese because of more stringent health and security standards (HACCP). • The company is a small sized producer of pasteurized and unpasteurized sheep and goat cheese, which sells self-produced cheese locally and for export. The company started as a family business and has expanded from 1995. Customers vary from medium size grocery store chains to smaller independent stores. Export to neighboring countries comprises approximately 20% of sales. Sales of unprocessed wool comprise 10% of total revenue. • There is a high concentration of sales into a few customers as clients for company’s cheeses include: one international grocery chain contributing to 100% of export sales; two local grocery chains contributing to 70% domestic sales. The reminder of sales, approximately 30, are scattered into different family owned shops and supermarkets around the country contributing to 30% of domestic revenue. The clients for unprocessed wool include 10 different local clients – producers of woolen blankets, toys and tourist memorabilia. • The company applied the IFRS for SMEs for reporting purpose. Standard taxation rules and regulations apply. Fluctuations in exchange rates have led to foreign exchange losses and gains when settling accounts payables and receivables. The company’s transactions are rather straightforward and there are no changes in accounting policies. • There is pressure on maximizing profit and dividends payable to Company’s shareholders while minimizing the amount of tax payable. There may be a risk of material misstatement related to events close and after balance sheet date. • The following accounts may have a greater risk related to misstatements: revenues, property, plant and equipment, issues with counting the livestock at year-end, contingent liabilities, inventory valuation, provisions, recognition of insurance claim. 9 Audit Training of Trainers Assignment 4 Based on the information provided, complete Template 4: Entity Level Control Form. Document your conclusion on the overall effectiveness of the entity level environment in PC. ISA 315 requires that the auditor gains an understanding of the entity’s internal control in order to assists the auditor during: (i) identifying types of potential misstatements and factors that affect the risks of material misstatement, and (ii) in designing the nature, timing and extent of further audit procedures. There are inherent limitations in every internal control environment, for example, errors in human judgement and breakdowns of internal control because of human error or collusion of two or more people or the possibility of management override of internal controls. When it comes to smaller entities, there are several special considerations that need to be considered, including: • Smaller entities may use less structured means and simpler processes and procedures to achieve their objectives (ISA 315, A45). • Information systems and related business processes relevant to financial reporting in smaller entities are likely to be less sophisticated than in larger ones (ISA 315, A85). • Communication may be less structured and easier to achieve in a small entity rather than larger entity (ISA 315, A87). • The concepts underlying control activities in small entities are likely to be similar to those in larger entities, but the formality with which they operate may vary (ISA 315, A93). It is suggested that participants are allowed up to 30 minutes to complete the documentation in the template provided in Volume II, and the facilitator moderates a discussion on the results of this work, up to 35 minutes, when each team is asked to present their findings. Key takeaways from the group discussions may include the following: 1. Considerations for smaller entities: In the context of PejaSko the size and complexity of the business will have an impact on the overall internal control. Factors to consider include: (i) having fewer employees and potential issues with segregation of duties, (ii) having a committed and “hands-on” owner-manager that may be an effective entity level control and may compensate in instances when there is lack of appropriate segregation of duties, and (iii) there is a risk of management override of controls as the system of internal control is less structured. 10 Audit Training of Trainers 2. Integrity, ethical values, and behavior of key executives: The company does not have a formal code of conduct and its culture is dominated by the Chairman and majority shareholder, who likes to have a final decision on any aspect of operations of the company. The predecessor auditors explained that in certain instances it was suspected that company assets are used for private purposes, however they have always been explained and supported. Mr. Brankomat has a good reputation in the community and is seen as a respected community benefactor. The Chairman knows the production process well and is competent entrepreneur and businessman. 3. Management’s Control Consciousness and Operating Style: The Chairman usually approves all payments made through electronic banking (including payroll and taxes). The Chairman authorizes electronically in the system orders received from grocery chains and major purchase orders. In some cases, especially during holidays the Chief Accountant authorizes the payments using her password and password of Mr. Brankomat. Mr. Brankomat controls all such payments made upon his return. Although management believes that such control is effective further investigation is required during the audit. 4. Risk assessment processes: A formal process for identifying and developing plans to address external and internal risks relevant to the preparation of financial statements in conformity with accounting principles is not available, however there are informal processes that seem to be effective. At least once every 3 months key finance personnel meets with executive management, IT personnel, HR personnel, and legal counsel to identify issues that may affect financial reporting. The Chief Accountant prepares a limited scope quarterly financial information which is presented to the chairman/owner for commentary and feedback on variances against budget. 5. Control activities: Adequate physical controls are in place and management is able to timely capture changes in legislation, due to periodical assessment and consultation from the Lawyer. The Company has in place processes of budgeting, reviewing actual performance versus budgets, forecasts, and prior period performance. The Chief Accountant is adequately trained and is working for the company for many years. 6. Monitoring procedures: The Chief Accountant prepares a limited scope quarterly financial information which is presented to the Chairman/owner and in addition the company reports the limited financial performance indicators (unaudited) every 6 months to the banks, from which loans are borrowed. The borrowing covenants require that the audited year-end financial statements 11 Audit Training of Trainers must be presented to the bank by April following the year end. The minority shareholders do not receive any financial information during the year. They receive the audited annual financial statements of the company, but their knowledge and interest in the financial matters is limited. 7. Conclusion: The control environment is typical for a small business. Many of the entity level controls are not in place but there is a Chairman who oversees all decision in the company, including those affecting financial results. Lack of segregation of duties and possibility for management override are present, but there are entity level controls in place to adress these weekensses. Assignment 5 Refer to Template 5: Fraud Considerations and document your findings. According to ISA 240, the primary responsibility for prevention and detection of fraud rests with both those charged with governance of the entity and management while the auditor is responsible to obtain reasonable assurance that the financial statements taken as a whole are free from material misstatement, whether caused by fraud or error. More specifically, the objectives of the auditor in respect of fraud include (ISA 240, par. 10): • Identifying and assessing the risks of material misstatement of the financial statements due to fraud; • Obtaining sufficient appropriate audit evidence regarding the assessed risks of material misstatement due to fraud, through designing and implementing appropriate responses; • Responding appropriately to fraud or suspected fraud identified during the audit. While identifying the risks of material misstatement due to fraud, the auditor should take into account the following factors: (i) integrity, ethical values, and behavior of key executives, (ii) management’s control consciousness and operating style (iii) management’s commitment to competence, (iv) Board of Directors and/or those charged with governance participation in governance and oversight, (v) Organizational structure and assignment of authority and responsibility, (vi) Human Resource policies and practices. It is suggested that participant groups are allowed up to 15 minutes to consider the appropriate documentation in the template provided in Volume II, and the facilitator moderates a discussion on the results of this work, up to 30 minutes, when participant groups are asked to present the findings of their work. Key takeaways from the group discussions may include the following: 12 Audit Training of Trainers • Documenting the investigation of any unusual or unexpected observations from the results of analytical procedures performed in planning the audit, particularly those related to revenues, purchases and related accounts. • Documenting the audit team discussions with management and employees of PejaSko regarding fraud, including how and when the discussion took place and who was present. • In the course of investigation, the audit team would inquire the following representatives regarding fraud: (i) senior management, (ii) those charges with governance, (iii) internal auditors (if any), (iv) service organizations (if financial reporting is outsourced) and (v) employees regarding the following matters: o If they have knowledge of any fraud that has been perpetrated or any alleged or suspected fraud; o If they are aware of allegations of fraudulent financial reporting, for example, because of “whistleblower” or other communications from employees, former employees, analysts, or other sources. • The team would investigate programs and controls the entity has established to mitigate specific fraud risks the entity has identified, or that otherwise help to prevent, deter, and detect fraud, and how senior management monitors those programs and controls. • Identified risk factors should be considered relating to incentives/pressures associated with misstatements arising from fraudulent financial reporting and factors relating to misappropriation of assets. 13 Audit Training of Trainers Part C: Planning the engagement The requirements of standards: ISA 300, Planning an Audit of Financial Statements, ISA 320, Materiality in Planning and Preforming and Audit, ISA 520, Analytical Procedures and ISA 330, The Auditors Responses to Assessed Risks, should be understood while planning the audit engagement as well as during risk assessment and determination of the audit strategy. Following the presentations covering the requirements of these ISAs, participants divided into five table groups, each group ranging between 5-7 participants and are asked to work together and complete the assignments provided in Volume I and II of PejaSko. Assignment 6 Complete the documentation required in Section 1 of the Audit Planning Memorandum Template 6. Participants are required to read Section E. Planning the engagement of the PejaSko audit simulation and to familiarize themselves with the data regarding planning analytics, materiality and risk analysis and approach. The proposed approach is to ask participants to work in groups (for up to 30 minutes) and complete the documentation required by Section 1 of the Audit Planning Memorandum template that covers the: (i) scope of the engagement; (ii) audit team and need for specialist assistance; (iii) audit time plan; (iv) significant changes in client business or operations; (v) significant risks, matters identified in the internal control evaluation and fraud considerations; (vi) preliminary analytical procedures; (vii) planning and performance materiality. Participant gorups present their work in a moderated discussion led by the facilitator for up to approximately 35 minutes. Participants should also refer to the audit methodology section that requires performance materiality threshold to be set in the range between 50 and 75 percent of materiality for the financial statements, based on expectations of errors in the financial statements. The limit of trivial errors is normally 10 percent of the performance materiality. All errors of this amount — individually or on aggregate — are considered when forming the audit opinion. Other factors should be taken into account while calculating materiality, including: (i) the nature of the entity and the industry; (ii) the economic environment in which the entity operates; (iii) the entity’s ownership structure and the way it is financed (financed by debt vs equity); (iv) volatility of the benchmark; (v) whether there are items of more attention to the users of the entity’s financial statements (e.g. profit, revenue or net assets). Determining materiality involves exercising professional judgment on belhalf of the auditor. The participant group discussed and agreed on using “gross revenue” as benchmark for calculation of materiality because of diminishing results compared to prior year and budget, indicating that the use of net profit may not be appropriate for the current year. The higher 14 Audit Training of Trainers range of 1% proposed percentages was applied as the entity is not listed, while for determining performance materiality a middle range (of 65%) was applied suggesting a more conservative approach for a first-year audit. The trivial error amount was set at 10% of performance materiality. Benchmark: Gross Revenue Period Considered: Prior year Percent: 1% Materiality amount: 13.000 Euros (1% of 1.300.000) Performance materiality: 8.450 Euros (65% of 13.000) Trivial error amount: 845 Euros (10% of 8.450) Justification Gross revenue is selected as benchmark for calculation of materiality because of diminishing results compared to prior year and budget, indicating that the use of net profit may not be appropriate for the current year. The higher range of 1% proposed percentages was applied as the entity is not listed, while for determining performance materiality a middle range (of 65%) was applied suggesting a more conservative approach for a first-year audit. Assignment 7 Complete the documentation required in Section 2 of the Audit Planning Memorandum Template 6. The proposed approach is to ask participants to work in groups (for up to 30 minutes) and complete the documentation required in Section 2 of the Audit Planning Memorandum template that covers documentation for determining: (i) significant accounts and (ii) significant disclosures. Participant groups present their work in a moderated discussion led by the facilitator for approximately for up to 35 minutes. The extent and nature of audit procedures performed will vary depending on whether accounts and disclosures are significant or not because only for relevant assertions of significant accounts / disclosures the auditor identifies and gains an understanding of the processes and related IT applications that affect those significant accounts. Accounts and disclosures are significant if they may contain material misstatements and there are a number of quantitative and qualitative considerations that should be considered, including: • Quantitative considerations: size of account (the larger the account balance, the greater the possibility that it contains material misstatements), composition of the account, and volume of the transactions processed through the account. 15 Audit Training of Trainers • Qualitative considerations: Susceptibility of loss due to errors or fraud, complexity and homogeneity of the transactions, nature of the account (e.g., suspense accounts generally warrant greater attention), accounting and reporting complexities or changes, exposure to losses, likelihood (or possibility) of significant contingent liabilities arising from the activities represented by the account, existence of related-party transactions, changes from the prior period in account characteristics (e.g., new complexities, subjectivity, IT technology, or types of transactions) Quantitative considerations are more easily measured while qualitative ones are usually risks associated to the account/disclosure. The table below summarizes proposed responses: In EUR Is High Complex or millions Significant 31 Account Transaction Judgmental (converted Account Process Dec Material Volumes Transactions from local (Y or N) (Y or N) (Y or N) (Y or N) currency) Sales of goods, Revenue 1,30 Y Y Y Y Cash receipts Purchase of goods, Cost of sales 0,60 Y Y Y Y Cash disbursments Payroll, Cash Payroll 0,25 Y Y N Y disbursments Other Purchase of goods, operating 0,20 Y Y N N Cash disbursments expenses Depreciation 0,12 Y N Y Y Estimates Net financial 0,05 Y N N N costs Income taxes 0,01 N N N N Fixed assets 0,30 Y Y Y Y Purchases, Cash Inventory 0,24 Y Y Y Y disbursments Other Purchases, Cash current 0,36 Y N N N disbursments assets Equity 0,10 Y N N N Long-term 0,20 Y N N N liabilities 16 Audit Training of Trainers In EUR Is High Complex or millions Significant 31 Account Transaction Judgmental (converted Account Process Dec Material Volumes Transactions from local (Y or N) (Y or N) (Y or N) (Y or N) currency) Short term 0,10 Y N N N debt Other 0,50 Y N N N liabilities Significant disclosures include estimates (accounts receivable, provision for inventories), including management judgments. It is also important to adequately disclose any contingent liabilities and subsequent events as well as claims from insurance company for damages sustained. Assignment 8 Complete the documentation required in Section 3 of the Audit Planning Memorandum Template 6. Similar with the proposed approach in the previous two assignments, participants work in groups (for up to 30 minutes) and complete the documentation required in Section 3 of the Audit Planning Memorandum template that covers: (i) audit or accounting issues; (ii) fraud risk factors; (iii) audit approach (determination of timing and extent of procedures). Participant groups present their work in a moderated discussion led by the facilitator for approximately for up to 35 minutes. The audit approach selected should appropriately address the audit risk and is a product of Inherent Risk, Control Risk and Detection Risk. The risk assessment affects the nature, timing and extent of procedures to be performed. For example, the higher the risk assessment, the closer to period-end testing is performed (e.g. for low risk up to 6 months before year-end; for medium risk up to 3 months before the year-end and for high risk the audit procedures should be at or around year-end) and the higher the extent of the audit procedures (e.g. greater samples, more substantive procedures). Key takeaways from the group discussions indicated that there are several audit areas that require specific attention during the audit since either audit and accounting issues may be present, including the lack of physical count of the live-stock, valuation of inventories, personal tax issues due to recent changes in legislation, asset valuations, related party transactions with owner etc. The participant discussion identified Revenue recognition as a possible class of transaction where fraud risk factors may be present. In smaller companies, internal controls are weaker 17 Audit Training of Trainers compared to large ones, mainly due to possible segregation of duties issues (driven by lesser resources, including human, IT, etc.) and there is an increased opportunity for override of controls (dominant influence by the chairman and majority shareholder). The table below summarizes the participants proposed risk assessment and audit approach: Inherent Audit risk Timing and risk Reliance on (low, Process Related audit area Extent of (Higher controls medium and procedures or Lower) higher) Sale of goods Higher Control Medium Revenue, Up to 3 reliance Receivables, months Estimates before YE Purchase of Higher Control Medium Purchase of goods, Up to 3 goods reliance Inventory, Fixed months Assets, Payables before YE Payroll * Lower Control Low Payroll Up to 6 reliance months before YE Various Lower Substantive Medium Financial Up to 3 financial transactions months processes before YE Various Lower Substantive Medium Taxation Up to 3 financial months processes before YE Various Lower Substantive Medium Transactions of Up to 3 financial equity and months processes dividend payments before YE Estimates Higher Control Medium Provision for bad Up to 3 reliance debt, Depreciation, months Claims provision, before YE Inventory obsolescence, Claims provision Proceeds Lower Control Low Bank and cash, Up to 6 reliance Receivables months before YE 18 Audit Training of Trainers Inherent Audit risk Timing and risk Reliance on (low, Process Related audit area Extent of (Higher controls medium and procedures or Lower) higher) Payments: Higher Control Medium Bank and cash, Up to 3 (Bank) reliance Payroll, Payables months (to suppliers) before YE Payments Bank and cash, At YE Higher Substantive High (Cash) Payables (sundry) * The discussions among participants debated that due to the small size of the company, the payroll process can also be effectibvelly tested with substantive procedures. Assignment 9 Refer to Example 7: Internal Control Review and Example 8: Walkthrough documenting the work on Payments. The suggested trainers approach is to ask participants to spend up to 15 minutes and review Example 7: Internal Control Review Template and Example 8: Walkthrough Template, after which the facilitator will moderate a short discussion with the participates for up to 15 minutes. Both examples focus on the Payments process and illustrate how appropriate audit documentation should be prepared in order to document and confirm understanding that the system documentation is appropriate. The example also illustrates how when issues are identified, adequate audit response should follow. For example, as the system documentation and walkthrough identified an issue with inadequate segregation of duties during cash payments to suppliers, the audit risk was identified as higher for this audit area. 19 Audit Training of Trainers Part C: Further audit procedures Volume I of the PejaSko audit simulation provides further analysis regarding the major business cycles of the business, such as revenues, purchases of goods, bank and cash, payroll, and various processes (taxes, debt, equity). It also provides further guidance regarding statistical and non-statistical approached to audit sampling. Participants should familiarize themselves with these sections in advance to the workshop. The requirements of standards ISA 230, Audit Documentation, ISA 330, The Auditor’s Responses to Assessed Risks, ISA 500, Audit Evidence, ISA 501, Audit Evidence – Specific Conditions for Selected Items, ISA 510, Initial Audit Engagements – Opening Balances, ISA 505, External Confirmations, and ISA 530, Audit Sampling are relevant as participants will engage into case study work involving testing of controls, substantive procedures, and sampling. Following the presentations covering the requirements of these ISAs, participants divided into five table groups, each group ranging between 5-7 participants, are asked to work together and complete the assignments provided in Volume I and II of PejaSko. Assignment 10 Calculate the sample for confirming accounts receivable using the information provided in Template 9. This exercise requires participants to apply Monetary Unit Sampling (MUS), also known as probability proportional-to-size sampling (PPS) or dollar unit sampling (DUS). MUS is a statistical sampling method used to determine the accuracy of financial account balances. Under this sampling method, each individual dollar (i.e. monetary unit) in an account balance is considered a sampling unit, thus accounts in the population with a higher balance have a proportionately higher chance of being selected. This sampling method is commonly used for sampling accounts receivable selected for circularization. The confidence factor is provided in the sampling methodology. Each amount in the population is added to a cumulative total. The amount which causes the cumulative total to equal or exceed the random start (e.g. 2 in the example below) is selected as the first sample. The remaining samples are selected from subsequent amounts which cause the cumulative total to equal or exceed each increment of the sampling interval (i.e. 4,8; 7,6, etc.). Sampling Parameters Population book value 100.000 EUR Number of items 30 Sampling Interval (Performance Materiality / Confidence Factor) 8.450 EUR / 3 = 2,8 Random number (between 1 and sampling interval) 2 20 Audit Training of Trainers Balance Cumulative Customer Name Sampling item (‘000 Euro) Balance (‘000 Euro) 1 0,1 0,1 No 2 0,1 0,2 No 3 0,1 0,3 No 4 0,3 0,6 No 5 0,3 0,9 No 6 0,3 1,2 No 7 0,4 1,6 No 8 0,4 2 Yes (equal or exceeds random start - 2) 9 0,6 2,6 No 10 0,6 3,2 No 11 0,7 3,9 No 12 0,9 4,8 Yes (equal or exceed random start and sampling interval – 2+ 2,8 = 4,8) 13 1 5,8 No 14 1,1 6,9 No 15 1,4 8,3 Yes (equal or exceed increment of the sampling interval – 4,8 2,8 = 7,6) 16 1,5 9,8 No 17 1,6 11,4 Yes (7,6 + 2,8 = 10,4) 18 1,6 13 No 19 2 15 Yes (10,4 + 2,8 = 13,2) 20 2 17 Yes (13,2 + 2,8 = 16,00) 21 2 19 Yes (16,00 + 2,8 = 18,8) 22 2,5 21,5 No 23 3 24,5 Yes (18,8 + 2,8 = 21,6) 21 Audit Training of Trainers Balance Cumulative Customer Name Sampling item (‘000 Euro) Balance (‘000 Euro) 24 3 27,5 Yes 25 4 31,5 Yes 26 4,5 36 Yes 27 8 44 Yes 28 11 55 Yes 29 20 75 Yes 30 25 100 Yes Total 100 Sampled amount 88.8 % of population 89% The sampling assignment can be either assigned to table groups or assigned to each participant as an individual exercise. Assignment 11 Use Template 10 to select controls for testing and required sample sizes. The proposed approach is to ask participants to work in groups (for up to 30 minutes) and complete the documentation required in the Template including documenting details of planned audit procedures to test operating effectiveness of internal controls within the sales, purchases, payroll, cash receipts and cash payments cycle. Each group is randomly assigned a cycle (for example – table group 1 should focus on sales, table group 2 on purchases, and etc.). Participants should provide a description of the details of controls selected, related audit area and assertion, sample size, and timing of the tests. Participant groups present their work in a moderated discussion led by the facilitator for approximately for up to 35 minutes. Key takeaways from the group discussions may include the following controls: 1. Sales: • Verification of the proper entry of the sales orders into the system (by warehouse manager) and authorisation (by CEO or lawyer). Relevant assertions: Completeness, Rights & Obligations, Occurrence, Existence; • Approval of sales prices by CEO or lawyer. Relevant assertion: Accuracy; 22 Audit Training of Trainers • Credit analysis is performed before accepting the customer by Chief Accountant, lawyer and approved by CEO. Relevant assertions: Existence and Valuation; • Sales invoices issued by Chief Accountant, Chief Accountant performs a review of the “orders shipped not invoiced” with the warehouse manager. Relevant assertions: Completeness, Cut off, Rights and Obligations. 2. Purchases: • Matching amounts and data of orders to final records (purchasing documents, for description, quantity and price). Relevant assertions: Existence and Valuation; • Inventories – testing existence, including the inventory count. Relevant assertions: Existence, Completeness and Cut off. 3. Payroll: • Differences are investigated by monitoring the salary deviation report. Relevant assertions: Occurrence and Accuracy; • Review of fixed salary approved by Chairman. Relevant assertions: Occurrence and Accuracy; • Approval of overtime by Production Manager and Chairman. Relevant assertions: Occurrence and Accuracy. 4. Cash receipts and payments: • Testing payment authorisation - by both Mr. Brankomat and the Chief Accountant. Relevant assertions: Existence and Accuracy; • Testing of bank reconciliation – performed by Chief Accountant, approved by CFO. Relevant assertions: Existence and Accuracy; • Cut off test of payments - based on a weekly proposal produced by the accounting system based on the registered due dates of invoices. Relevant assertions: Rights and Obligations and Cut Off. Assignment 12 Use Template 11 to design substantive procedures of fixed assets, receivables, cash and bank, revenues, and cost of sales. The proposed approach is to ask participants to work in groups (for up to 30 minutes) and complete the documentation required in Template 11 that involves designing substantive procedures for fixed assets, receivables, cash and bank, revenues, and cost of sales. Each group is randomly assigned a cycle (for example – table group 1 should focus on fixed assets, 23 Audit Training of Trainers table group 2 on receivables, and etc.). Participants should provide relevant audit procedures to address the risks and potential issues for PejaSko. Following the group work, participant groups present their work in a moderated discussion led by the facilitator for approximately for up to 35 minutes. Key takeaways from the group discussions may include the following proposed audit procedures: 1. Fixed assets Potential issues for PejaSko may include physical existence and counting of livestock; depreciation rate estimates as well as low valuation of land and buildings. Possible audit procedures could include: • Physically verifying most material items of property, plant and equipment or observing the physical count of assets. Relevant assertions: Completeness and existence; • Testing material additions and disposals in the reporting period to supporting documents: purchase invoices/documents and evaluating the valuation of selected items. Relevant assertions: Rights and Obligations and Valuation; • Verify title to land and buildings by inspection of title deeds or registry certificates. Relevant assertions: Rights and obligations; • Test of depreciation rates for selected items of property, plant and equipment in terms of useful lives of assets, residual amounts, gains/losses on disposal, consistency in accounting policies, replacement policy. Relevant assertions: Valuation; • Evaluate the valuation of land and buildings. Check independent valuation performed by an expert, if justified. Discuss the findings with management. Relevant assertions: Valuation; • Review any additional costs capitalised in the value of property, plant and equipment for reasonableness, e.g. labour, material and overhead costs for self-constructed assets, search for any profit element, review capitalisation of finance costs, if any. Relevant assertions: Valuation. One of the specific issues discussed in the PejaSko case study scenario is about the lack of physical count of the livestock and the management decision to place a same value for the livestock due to the issue with the fire in the barn this year. Further, counting live animals has always been problematic for PejaSko as they prefer to roam around and some of them never come back to the barn. Management is counting on the auditors for potential ideas how to solve the issue of counting the animals and how to improve the counting of the livestock, possibly using some technologically advanced tools or services that are currently available. Potential solutions to this problem may include: 24 Audit Training of Trainers • Geotagging / GPS solutions: using tracking devices attached to animals (chipping), which allow identification of every single animal via satellite or locally installed antennas. The advantages with this system are the accuracy and real time data, but the technology may be expensive and not optimal solution for smaller farmers. • Using Areal Pictures: either renting a plane, helicopter, hot air balloon or drone to take pictures from the air or livestreaming video and then counting animals on the pictures or from the video stream. The advantages of this option is that is be relatively cheaper than geotagging and does not require capital investment since the equipment can be rented out from a third party, as well as being relatively accurate. However, the procedure could not be easily repeated and retrieving / analyzing data requires some specific technical knowledge. 2. Receivables Potential issues for PejaSko may include valuation of receivable for reimbursement from Insurance company, high concentration and dependency of a few customers (going concern issue), possible provisions for bad debts. Possible audit procedures could include: • Match shipping documents to invoices and to recorded amounts in sales and receivables ledger. Relevant assertions: Completeness, Valuation; • Investigate the payment of insurance claim received from insurance company for fire outbreak after the year end and verify amount and period of the payment. Check existing correspondence with insurance company and relevant documentation. Relevant assertions: Existence, Valuation, Cut off; • Circulate account receivables and follow-up with supported explanations for differences or alternative procedures, if needed. Confirm also turnover and match to sales. Relevant assertion: Existence; • Analyse ageing of receivables, compare analysis with prior year, including bad debt expense % of sales and provision as % of sales or receivables. Distinguish between different type of customers (big retail chains, small retailers). Summarise their payment patterns. Evaluate the risk of potential cash flow issues. Discuss provision % with management. Relevant assertions: Valuation, Accuracy; • Review material credit notes and adjustments after year end. Relevant assertions: Valuation, Accuracy; • Perform analytical procedures on sales returns during the year and after year end. Relevant assertion: Cut-off; • Evaluate presentation of related party receivables. Relevant assertions: Presentation and disclosures. 25 Audit Training of Trainers 3. Cash and Bank: Potential issues for PejaSko may include dormant bank accounts, lack of segregation of duties concerning cash payments and Mr. Brankomat travel advances / costs in case charged through petty cash. Possible audit procedures could include: • Discussing with management the purpose of keeping each bank account and mailing confirmations to each bank / reviewing the results (search for any restrictions and non- reconciling accounts). Relevant assertions: Existence, Valuation, Completeness, Cut off, Rights and Obligations; • Obtain all reports/certificates on cash counts at the year end and verify with accounting records. Also, if possible plan to attend the cash on hand count at year end, if the balance is material. Relevant assertion: Existence; • Follow-up on banked cash receipts and reconcile with bank statements after cut-off date. Relevant assertion: Cut off; • Review the purpose of the of costs settled using cash on hand. Investigate the amounts and purpose of travel costs of management during the year. Relevant assertions: Existence, Completeness, Rights and Obligations. 4. Sales Potential issues for PejaSko may include possible overstatement of revenues at year end caused by omitting to record volume based discounts timely or trouble with proper sales cut off. Possible audit procedures could include: • Performing analytical procedures on revenue: (i) comparing to prior years, comparing month by month, investigating margins: monthly, by product, by client, etc. and (ii) comparing the level of gross profit % each month and to respective month prior year. Comparing the results with peers in industry, if available; • Performing a test of subsequent cash payments and invoices issued just after year end. Tracing them to documentation for dispatch and to terms of the contract. Relevant assertions: Cut-off, Completeness; • Testing sale returns post year end – verifying goods received shipping documents and documents correcting sales, which were issued in the beginning of next financial year. Relevant assertions: Cut-off, Occurrence; • Reviewing significant sales contracts and discounts - inquiring about and examining the volume based discounts granted to supermarkets. Relevant assertions: Cut-off, Accuracy; • Investigating sale transactions with related parties. Evaluating financial statement presentation and disclosure. Relevant assertions: Presentation and disclosures. 26 Audit Training of Trainers 5. Cost of Sales Potential issues for PejaSko may include possible understatement of costs being deferred to the next accounting period. Possible audit procedures could include: • Performing analytical procedures on cost of sales: (i) comparing amounts to prior years, comparing month by month, investigating margins: monthly, by product, by client, etc. Investigating large and unusual items, and (ii) comparing the level of gross profit % each month and to respective month prior year. Comparing the results with peers in industry, if available; • Testing the year-end cutoff of purchase transactions (both goods and services) – verifying the purchase invoices from end of the audited year and beginning of next year to relevant shipping documents and to relevant contract agreements, service orders or other documentation. Relevant assertions: Cut-off, Completeness; • Verifying major purchases of services during the year to supporting documentation, including the contracts. Inquiring the nature and relevance of these purchases. Relevant assertion: Occurrence; • Investigating unusual items of costs, e.g. the nature and amounts of private expenses of the owner. Considering potential tax implications of these items. Relevant Assertion: Accuracy; • Investigating purchase transactions from related parties and evaluating financial statement presentation and disclosure. Relevant Assertions: Presentation and disclosure. Assignment 13 Use Template 12 to design audit procedures to test estimates. The proposed approach is to ask participants to work in groups (for up to 15 minutes) and complete the documentation required in Template 12 that includes documenting details of planned audit procedures to test accounting estimates. Participant groups present their work in a moderated discussion led by the facilitator for approximately for up to 30 minutes. The following estimates should be considered and participants are required to develop specific audit procedures to address: • Provisions for bad debt • Depreciation • Inventory Obsolescence • Claims Provision • Other provisions (taxation, etc.). 27 Audit Training of Trainers Part D: Closing audit procedures A number of ISAs are relevant for finalization and review, including ISA 450, Evaluation of Misstatements Identified During the Audit, final analytical review procedures required by ISA 520, Analytical Procedures, ISA 560, Subsequent Events and ISA 580, Written Representations. Assignment 14 Use Template 13 to prepare sections of the Audit Conclusion Memorandum. It is suggested that participant groups are allowed up to 25 minutes to consider the appropriate documentation in the template provided in Volume II, and the facilitator moderates a discussion on the results of this work, up to 30 minutes. Key takeaways from the group discussions may include the following: 1. Evaluating the audit differences and appropriateness of use of audit materiality There are no indications in the scenario, based on the audit differences identified that would require reassessment of planning materiality. 2. Documenting significant audit areas including estimates, asset valuations, audit of revenues and sales returns, related parties, etc. 3. Final analytical review based on the financial statements. 28 \1