1. Planning visit
Minutes of the meeting conducted by Mr. Moore:
Development Sheridan AV over the past year. Of the financial year up to 31 March 2021
As of March 31st, the company record a doubled turnover compared last year
Increased number of companies that purchases their product and increased volume of
Trade.
Planning to make a TV advertisements
Planning to have expansion on Europe
Managing accounts are not formally documented.
Planning to make it formally documented
Bunos scheme is expected have a documentation
There were always technical errors on management account in the two consecutive
meetings based on the documented minutes.
Asking question about the computer system to record the account
There some problem in ledger
There is a bit wrong in the management based upon the interviews and calls
High risk of materiality because of some errors.
2. INTERNAL CONTROL QUESTIONNAIRE
CONTROL ENVIRONMENT
QUESTION YES, NO,
N/A
Comments
Integrity and Ethical Values
1. Does the management set the “tone
at the top” by demonstrating a
commitment to integrity and ethics
through both its words and deeds?
2. Have appropriate entity policies
regarding acceptable business
practices, conflicts of interest, and
codes of conduct been established
and adequately communicated?
3. Have incentives and temptations that
might lead to unethical behaviour
been reduced or eliminated?
NO
NO
NO
The entity lacks of
Integrity and ethical
values, because The
management’s
actions to eliminate
or mitigate
incentives and
temptations on the
part of personnel to
commit dishonest,
illegal, or unethical
acts
Board of directors and audit committee
1. Are there regular meetings of the
board and are minutes prepared on a
timely basis?
2. Do board members have sufficient
knowledge, experience and time to
serve effectively?
3. Is there an audit committee
composed of outside directors?
NO
NO
NO
The management
didn’t always keep
in touch,
Board members
shows lack of
knowledge
They don’t have
audit committee.
Management’s philosophy and operating
style
1. Are business risks carefully
considered and adequately
monitored?
2. Is management’s selection of
accounting principles and
development of accounting estimates
consistent with objective and fair
reporting?
3. Has management demonstrated a
willingness to adjust the financial
statements for material
misstatements?
NO
N/A
NO
The management
has no audit
committee nor
internal auditor to
assess and monitor
The person in
charge in accounting
practice is not
willing to adopt the
new accounting
system
The entity has an
informal way in
3. presenting their
accounts
Human resource policies and practices
1. Do existing personnel policies and
procedures result in the recruitment
or development of competent and
trustworthy people needed to
support an effective internal control
structure?
2. Do personnel understand the duties
and procedures applicable to the
job?
3. Is the turnover of personnel in key
positions at an acceptable level?
NO
NO
NO
The management
are more focused on
finding new staff
4. INTERNAL CONTROL QUESTIONNAIRE
ORGANISATIONAL CONTROLS
QUESTION YES, NO,
N/A
Comments
Organisational controls
1. Are the following duties
segregated within the computer
department:
Systems design?
Computer programming?
Computer operations?
Data entry?
Custody of systems
documentation, programs and
files?
Data control?
2. Are the following duties performed
only outside the computer
department:
Initiation and authorisation of
transactions?
Authorisation of changes in
systems, programs and master
files?
Preparation of source
documents?
Correction of errors in source
documents?
Custody of assets?
NO
NO
NO
NO
NO
NO
N/A
N/A
N/A
N/A
N/A
The entity has no
specialist IT staff
The management do
not have a great deal
of knowledge about
computers
Systems development and maintenance
controls
1. Is there adequate participation by
users and internal auditors in new
systems development?
2. Is proper authorisation, testing and
documentation required for system
and program changes?
3. Is access to systems software
restricted to authorised personnel?
4. Are there adequate controls over
data files (both master and
transaction files) during
N/A
N/A
NO
N/A
The management
is
unknowledgeable
on appointing
authorized
personnel
5. conversion to prevent unauthorised
changes?
Access controls
1. Is access to computer facilities
restricted to authorised personnel?
2. Is access to data files and programs
restricted to authorised personnel?
3. Are computer processing activities
reviewed by management?
NO
NO
NO
Management
seems not to give
importance to
restrictions and
personnel
authorization
Other controls
1. Is there a disaster contingency plan
to ensure continuity of operations?
2. Is there off-site storage of back-up
files and programs?
3. Are sufficient generations of
programs, master files and
transaction files maintained to
facilitate recovery and
reconstruction of computer
processing?
4. Are there adequate safeguards
against fire, water damage, power
failure, power fluctuations, theft
etc?
YES
YES
YES
YES
The management
has no formal
plan or s but it
has considered
threats to the
computer
hardware and
Software so they implemented
controls that will deal with
these threats.
6. POTENTIAL RISKS
Risk Factors relating to industry
conditions
Consider if this presents a risk and if so
consider how this will be addressed
New accounting, statutory, or regulatory
requirements that could impair the financial
stability or profitability of the entity
The entity is advantage to
know about the new
accounting, statutory, or
regulatory requirements to
know how it impacts the
stability or profitability of the
entity.
High degree of competition or market
saturation, accompanied by declining margins
Evaluate the entity’s
performance
Declining industry with increasing business
failures and significant decline in customer
demand
Evaluate and assess the risk
and cause of the failures and
immediately respond to it.
Rapid change in the industry, such as high
vulnerability to rapidly changing technology
or rapid product obsolescence
Evaluate the entity’s
performance and have an
overview about the flexibility
of the entity.
Risk Factors relating to operating
characteristics and financial stability
Consider if this presents a risk and if so
consider how this will be addressed
Inability to generate cash flows from
operations while reporting earnings and
earnings growth
Have a mandatory
requirement to present FS in
a formal and timely manner
Significant pressure to obtain additional
funds to finance for example expansion
Evaluate the entity’s
performance and have an
overview about the flexibility
of the entity.
Significant related party transactions not in
the ordinary course of business or with
related entities not audited or audited by
another firm
Testing how related-party
transactions are identified
and coded in the company’s
enterprise resource planning
(ERP) system, interview the
accounting personnel
responsible for reporting
related-party transactions in
the company’s financial
statements, and analyze the
presentation of related-party
transactions in financial
statements.
7. Unusually rapid growth or profitability,
especially compared with that of other
companies in the industry
Assess the risk of material
misstatement of the financial
statements due to fraud and
consider that assessment in
designing audit procedures to
be performed.
Unrealistically aggressive sales or
profitability incentive programmes
Ask the necessary documents
and must supported by
evidences
Threat of imminent bankruptcy or
foreclosure, or hostile takeover
Review and conduct ways to
avoid foreclosure
Risk Factors relating to management Consider if this presents a risk and if so
consider how this will be addressed
A significant portion of management’s
compensation is represented by bonuses,
stock options or other incentives, the value of
which is contingent upon the entity achieving
unduly aggressive targets for operating
results, financial position, or cash flow
The financial statements must
be properly reviewed and
provided by evidences.
Management setting unduly aggressive
financial targets and expectations for
operating personnel
Advise the management to
display and communicate an
appropriate attitude regarding
internal control and the
financial reporting process.
Management continuing to employ an
ineffective accounting, information
technology or internal audit staff
Advise the management to
properly select and hire
skilled, independent and
competent accounting and
audit staff
Domineering management behaviour in
dealing with the auditor, especially involving
attempts to influence the scope of the
auditor’s work
Advise the management to
collaborate to the auditor so
that the auditor can produce a
good audit.
Formal or informal restrictions on the auditor
that inappropriately limit his or her access to
people or information or his or her ability to
communicate effectively with the board of
directors or audit committee
Auditor will ask for
assistance in order to get the
information required to be
fully effective and efficient.
Risk Factors relating to susceptibility of
assets to misappropriation
Consider if this presents a risk and if so
consider how this will be addressed
Large amounts of cash on hand or processed Perform a detailed review of
the entity's quarter-end or
year-end adjusting entries
8. PRELIMINARY ANALYTICAL REVIEW
and investigate any that
appear unusual as to nature or
amount.
Inventory characteristics, such as small size,
high value, or high demand
Have a regular physical
count.
Risk Factors relating to controls Consider if this presents a risk and if so
consider how this will be addressed
Lack of appropriate management oversight
(for example, inadequate supervision or
monitoring of remote locations)
Have a surprise visit to
different locations including
remote ones
Inadequate record keeping with respect to
assets susceptible to misappropriation
Visit locations or perform
certain tests on a surprise or
unannounced basis.
Lack of appropriate segregation of duties or
independent checks
Advised the management to
have proper segregation of
duties.
Lack of appropriate system of authorisation
and approval of transactions
Obtain sufficient appropriate
evidence to corroborate
management's explanations
Poor physical safeguards over cash,
investments, inventory or non current assets
Alter the audit approach in
the current year
Lack of mandatory holidays for employees
performing key control functions
Conduct interviews of
personnel involved to obtain
their insights about the risk
and whether or how controls
address the risk.
9. It is mandatory that the auditor should perform risk assessment for the identification and
assessment of risks of material misstatement at the financial statement and assertion level, and
the risk assessment procedures should include analytical procedures It is also mandatory that the
auditor should perform analytical procedures near the end of the audit that assess whether the
financial statements are consistent with the auditor’s understanding of the entity.
Analytical procedures are also commonly used in non-audit and assurance engagements,
such as reviews of prospective financial information, and non-audit reviews of historical
financial information. While the use of analytical procedures in such engagements is not covered
in the ISAs, the principals regarding their use are relevant.
Preliminary analytical reviews are performed to obtain an understanding of the business
and its environment financial performance relative to prior years and relevant industry and
comparison groups to help assess the risk of material misstatement in order to determine the
nature, timing and extent of audit procedures, to help the auditor develop the audit strategy and
programmed.
Preliminary analytical review is basically tests are needed as evidence to support the
assertion that the financial records of an entity are complete, valid, and accurate. Most of firms
were taking this into consideration that during planning, majority were all much ready to let
planning activities 'occur' as part of the fieldwork. There is a greater emphasis on planning
activities that have placed on risk standards and risk assessment procedures and focus as an
integral part of the risk based audit approach. Drawing comparisons to the types of procedures is
a good way to understand the role of preliminary analytical review in an audit in performing a
review engagement.
10. DETERMINING MATERIALITY LEVEL
Depending on the audit risk, auditors will select different values inside these ranges.
5% to 10 of total revenue
1% to 2% of total assets
1% to 2% of gross profit
2% to 5% of shareholders’ equity
5% to 10% of net income
To detect the misstatements that could be material to the financial statements taken as a whole,
the auditor selects 5% of revenue, 1% of total assets, 1 % of gross profit, 2% of shareholders
equity and 5% of net income to be the material level.
Statement base (Dec. 31
2020)
Amount Materiality level
Revenue 5,410,175 270,508.75
Total assets 3,055,151 30,551.51
Gross profit 961,809 9,618.09
Shareholder’s equity 1,193,831 23,876.62
Profit before tax 75,270 3,763.5
Therefore, the amount less than the materiality level will be considered as immaterial
11. Short document about the assessment of risk in this audit and how this will affect
subsequent work
In conducting the audit engagement, in accordance with International Standards on Auditing
(ISAs), the risk assessments that are to be conducted will focus on the financial statements of
Sheridan Audio Visual Ltd, which comprise the balance sheet as at December 31, 20X1, and the
income statement, statement of changes in equity and cash flow statement for the year then ended,
and a summary of significant accounting policies and other explanatory information.
Auditors must determine risks when working. One type of risk to be aware of is inherent risk.
While assessing this level of risk, you ignore whether the client has internal controls in place
such as a secondary review of financial statement in order to help mitigate the inherent risk. You
consider the strength of the internal controls when assessing the client’s control risk. Your job
when assessing inherent risk is to evaluate how susceptible the financial statement assertions are
to material misstatement given the nature of the client’s business.
Planning analytics to shine light on risks. Provided by the draft accounts, minutes of the meeting
and other relevant documents, all will be made use for identifying whether there are unexplained
variations in the numbers, for the reason that these present fraud signals.
In addition, the potential risks and control environment questionnaire results will serve as a guide
and limit the scope to where the audit must pay more emphasis on.
Together with the inherent limitations of internal control, there is an unavoidable risk that some
material misstatements may not be detected, even though the audit is properly planned and
performed in accordance with ISAs. However, we will communicate to you in writing concerning
any significant deficiencies in internal control relevant to the audit of the financial statements that
we have identified during the audit.