AUDIT AND ASSURANCE Syllabus Topics - UNICEF Agora

AUDIT AND ASSURANCESyllabus topicsAudit and Assurance (AA) is one of four modules comprising the CIPFADiploma in International Public Financial Management (Dip IPFM).A Audit environment20%B Risk assessment and planning20%C Audit testing20%D Audit evidence10%E Audit finalisation procedures10%F Internal audit20%The AA module provides an introduction to the role of assurance inmodern governance and accountability frameworks, with a morespecific focus on the roles of and the techniques used by auditors. Thisis a crucial element of the stewardship role that finance professionalsperform in modern organisations, and is also relevant to the roles ofenabler and innovator and business partner.AA is designed to provide candidates with the necessary knowledge,understanding and skills to perform internal and external auditingwithin the public services. The module focuses on both the theoreticaland practical aspects of auditing and is designed to assess the abilityof candidates to perform audit work and prepare high quality auditdocumentation. Students are introduced to the duties of auditors andthe frameworks in which they operate, such as the key legal, ethicaland professional arrangements and the contribution of audit to goodgovernance. The module considers how auditors of financialstatements assess risk, plan audits and gather audit evidence beforeforming and reporting their audit opinion. Further areas studiedinclude the application of audit concepts to more specific forms ofaudit activity such as the role of internal audit in reviewing andimproving an organisation’s operationsOther information, including assessmentPrior knowledge:Financial Accounting (ethical principles)Standards:ISSAIsValidity:2019 examinationsAssessment:An exam of 150 minutes with 75 marksavailable consisting of: 25 multiple choicequestions of 1 mark each; 6 short formquestions worth 5 marks each and 2 longerscenario questions worth 10 marks each. Thepass mark is 50%.The module outcomes are based on the requirements of theInternational Standards of Supreme Audit Institutions (ISSAIs), therequirements of the Institute of Internal Auditors and the tasks foundin typical audit job descriptions within public sector organisations.1

Overall AimLearning outcomeContentA Identify and explain thescope, regulatory and ethicalenvironment within whichaudits are performed (20%)A1 Explain the concepts of audit andassurance(i)Objectives of external audit and other assuranceengagements(ii)Levels of assurance and concept of reasonableassurance(iii) Accountability and stewardship(iv) True and fair presentationA2 Explain the provisions relating toaudits within the public services andprivate sector(v)The assurance engagement process(i)General requirements relating to the provision ofinternal and external audit services(ii)Auditor’s rights and duties(iii) Auditor’s liability including criminal liability andliability to third parties(iv) Impact of International Standards of SupremeAudit Institutions Auditing (ISSAI) on externalaudit work(v)Fundamental principles of public sector auditing(vi) Public sector audit frameworks(vii) Company audit requirementsA3 Explain the scope of internal andexternal audits(i)Basic tenets and concepts of internal andexternal audit work(ii) Power and authority available to internal andexternal auditors(iii) Concepts of independence and objectivity(iv) Materiality2

A4 Discuss and demonstrate theimportance of ethical behaviour andthe requirements of applicablestandards(i)Professional ethical and legal principles relatingto auditor behaviour(ii) Ethical principles, their associated threats andsafeguards and their relevance in an audit andassurance context(iii) IFAC Code of Ethics for Professional Accountants(iv) CIPFA Standard of Professional Practice on Ethics(v) Code of Ethics - ISSAI 30A5 Explain the quality controlrequirements for an auditA6 Explain corporate governancerequirements and their impact onaudit work(i)Good practice in quality control as presented inquality control standards(i)Objectives of corporate governance(ii) Structure and role of an Audit Committee(iii) Contribution of internal and external auditors tocorporate governance, in particular through theirrelationship with the Audit CommitteeB Explain the risk assessmentand planning proceduresrequired by relevant auditingstandards (20%)B1 Explain the objectives and generalprinciples of audit planning and riskassessment(i)Agreeing the terms of audit engagements(ii) Audit strategy and audit planning(iii) Purpose of interim and final audits(iv) Impact of interim audit work on the final audit(v) Documenting the audit planB2 Explain the audit assurance modelunderpinning the ISSAI approach tothe conduct of audits(i)B3 Identify the information required for(i)Definition of audit risk(ii) Importance of professional scepticism(iii) Role of professional judgementUnderstanding of the organisation and its control3

the risk assessment processenvironment(ii) Fraud risks and the related internal controlsestablished(iii) Evaluation of the design and implementation ofinternal controls(iv) Preliminary analytical procedures(v) Matters arising from audit team meetingproceedings(vi) Using the work of internal auditorsB4 Identify audit risks and discuss theirimplications(i)Identification of risk at the financial statementlevel(ii)Identification of risk at the assertion level(iii) Determination of potential misstatements inrespect of each assertion(iv) Nature of significant risk and required auditresponsesC Discuss the requirements ofaudit programmes, includingthe design of audit tests, inorder to obtain sufficient andappropriate audit evidence(20%)C1 Identify and discuss an overall auditresponse to address assessed risks atboth the financial statement and theassertion level(v)Setting of planning and performance materiality(i)Use of experienced staff(ii)Enhanced supervision(iii) Changes in nature, timing and extent of audittests(iv) Considerations regarding the controlenvironment(v)Focus on potential misstatements or key controlweaknesses(vi) Role of controls testing(vii) Role of substantive testing4

(viii) Use of a combined testing approachC2 Identify internal controls, designappropriate audit tests and identify therequirements for audit working papers(i)Tests of internal controls(ii) Evaluation of control weaknesses(iii) Substantive analytical procedures(iv) Substantive tests of detail(v) Internal control procedures for key transactionsand processes(vi) Use of audit sampling(vii) Using the work of internal auditorsD Discuss the use of auditevidence and apply auditevidence to form an auditopinion (10%)C3 Explain the role of audit in an ITenvironment in relation to selectingand evaluating audit evidence(i)Risks of auditing in an IT environment(ii)Specialist software for sample selection andtestingD1 Discuss the sufficiency andappropriateness of audit evidenceobtained(i)Relevance and reliability(ii)Importance of obtaining written representations(iii) Approach to corroborating and conflictingevidence(iv) Response to insufficient evidence5

D2 Identify and discuss the issues that anauditor would consider when assessingcontrol weaknesses or whetherunadjusted misstatements arematerial, individually or in aggregate(i)The size and nature of misstatements(ii) The nature of control weaknesses(iii) Communications with management and thosecharged with governance(iv) Protocols relating to the correction of errors oraddressing control weaknessesE Discuss the preparation ofworking papers to documentaudit finalisation proceduresperformed (10%)E1 Identify audit finalisation procedures(i)Final analytical procedures(ii) Subsequent events review(iii) Going concern reviewE2 Identify the requirements for the auditclose-down process and discuss auditreporting(i)Overall review of audit evidence(ii) Communication within the audit function(iii) Audit opinion on financial statementsReporting to stakeholders on identifiedweaknesses in internal controls(iv)F Explain the role of internalaudit and describe theperformance of internal audittasks (20%)F1 Explain the scope and contribution ofinternal audit work to an organisation(i)Scope of internal audit activity within the publicservices and the private sector(ii) Role of internal audit as a contributor to themanagement of an organisation(iii) Organisation of internal audit function;outsourcing options(iv) The impact of regulatory and professionalframeworks on the conduct of internal audit(v) Application of ethical principles to internal auditwork(vi) Public Sector Internal Audit Standards6

(vii) Independence and objectivity(viii)Internal audit planning(ix) Internal audit reportsF2 Explain the Demonstrate internal audittechniques used in the review ofinternal control and explain thecontribution of specialist internal auditengagements(i)Internal audit of internal control(ii) Contract audit(iii) Fraud investigations(iv) Performance audit7

EXAMINABLE STANDARDSNB: The following table is intended to provide a general indication only of the extent to which knowledge and application of each standardmay be tested in the Audit and Assurance examination. Syllabus guidelines, learning materials and the specimen examination paper willprovide further detail on the specific aspects of each standard that candidates should focus their attention on and the style ofexamination question that they are likely to encounter.EXAMINATION STATUS OF INTERNATIONAL STANDARDS OF SUPREMEAUDIT INSTITUTIONS (ISSAIs)ISSAIAudit andAssurance at levelABCPrerequisites for the functioning of SAIs30Code of ethics40Quality control for SAIsXXGeneral auditing guidelines on financial audit100Fundamental principles of Public-Sector Auditing(2013)X200Fundamental principles of Financial Auditing (2013)X1200Overall objectives of the independent auditor and theconduct of an audit in accordance with InternationalStandards on AuditingX1210Agreeing the terms of audit engagements1220Quality control for an audit of financial statementsXX8

X1230Audit documentation1240The auditor’s responsibilities relating to fraud in anaudit of financial statementsX1250Consideration of laws and regulations in an audit offinancial statementsNot examinable1260Communication with those charged with governanceX1265Communicating deficiencies in internal control tothose charged with governance and managementX1300Planning an audit of financial statementsX1315Identifying and assessing the risks of materialmisstatement through understanding the entity andits environmentX1320Materiality in planning and performing an auditX1330The auditor’s responses to assessed risksX1402Audit considerations relating to an entity using aservice organizationNot examinable1450Evaluation of misstatements identified during theauditX1500Audit evidenceX1501Audit evidence – specific consideration for selecteditemsNot examinable1505External confirmations1510Initial audit engagements – opening balances1520Analytical proceduresXNot examinableX9

X1530Audit sampling1540Auditing accounting estimates, including fair valueaccounting estimates, and related disclosures1550Related parties1560Subsequent eventsX1570Going concernX1580Written representationsX1600Special considerations – audits of group financialstatements (including the work of componentauditors)Not examinable1610Using the work of internal auditorsX1620Using the work of an auditor’s expertNot examinable1700Forming an opinion and reporting on financialstatementsX1705Modifications to the opinion in the independentauditor’s reportX1706Emphasis of matter paragraphs and other matterparagraphs in the independent auditor’s report1710Comparative information – corresponding figures andcomparative financial statementsNot examinable1720The auditor’s responsibilities relating to otherinformation in documents containing audited financialstatementsNot examinableXNot examinableXPublic Sector Internal Audit Standards10