Lack of controls that increase the

Intentional act involving the use of opportunity of fraud

deception to obtain an unjust or Motive
illegal advantage
Dishonesty

Opportunity
Reason for fraud

Prerequisites for fraud

Definition

Fraud detection
Fraud prevention
FRAUD

1. Anti-fraud Fighting fraud It is not the 1. Performing

Reduce opportunity
responsibility of external regular checks
and remove culture
2.Risk awareness auditors to look for fraud 2. Paying attention
temptation for fraud
3. Whistleblowing to warning signs

Fraud response

The fraud response plan sets out the 1. Internal disciplinary action
arrangements for dealing with suspected cases of 2.Civil litigation for the recovery of loss
fraud, theft or corruption. 3. Criminal prosecution through the police
1
BA4 Nov. 2020 – Controls Mind Maps – Boopathy Kahathuduwa
 Error of commission
Spot checks

Error of omission Error of principle

Types of errors Detection of errors

Transactions should be authorised at

an appropriate level ERRORS Evidence of transactions

Authorisation procedure Documentation

Prevention of errors

Segregation of duties Safeguarding of assets

2
BA4 Nov. 2020 – Controls Mind Maps – Boopathy Kahathuduwa
 An independent appraisal activity established within an
organisation as a service to it. It is a control which
functions by examining and evaluating the adequacy and
effectiveness of other controls
1. Reviewing accounting and internal control systems
2. Examining financial and operating information
3. Assisting with the identification of significant risks
4. Special investigations
5. Reviewing the economy, efficiency and effectiveness of operations
6. Reviewing compliance with laws and other external regulations

Definition

Role of internal audit department

Types of audit

The need for an internal audit department

INTERNAL
1. Financial audit
AUDIT
2. Operational audit
3. Project audit
4. Value for money audit 1. Scale and diversity of activities
5. Social and environmental audit 2. Complexity of operations
6. Management audit 3. Number of employees
4. Cost/benefit considerations
Qualities of an effective
Internal audit 5. The desire of senior management to have
internal audit function assurance and advice on risk and control
report

1. Terms of reference
1. Sufficiently resourced 2. Well organised 2. Executive summary
3. Independent and objective 4. No operational responsibilities 3. Body of the report
5. Work plan agreed by the audit committee 6. No limitation on the scope of their work 4. Appendix
7. Chief internal auditor appointed by the audit committee
3
BA4 Nov. 2020 – Controls Mind Maps – Boopathy Kahathuduwa
 To enhance the degree of confidence of the intended users in
the financial statements.
Purpose
Elements of an external audit
engagement
A three-party relationship, involving: the
practitioner, a responsible party and intended users
Appropriate subject matter
Suitable criteria
Sufficient, appropriate evidence to support the conclusion
A conclusion contained within a written report
BA4 Nov. 2020 – Controls Mind Maps – Boopathy Kahathuduwa
1. Obtain reasonable assurance about whether the financial are free from
material misstatements
2. Express an opinion on whether the financial statements are prepared in
accordance with an applicable financial reporting framework.
3. Report on the financial statements, and communicate in accordance
with the auditor's findings.
Objectives of an auditor
EXTERNAL
AUDIT
Requirement for external audit
Every company in UK needs to conduct an
Audit, unless they come with two of the
following exceptions:
• Turnover < £10.2m
• Total assets < £5.1m
• Number of employees < 50
4
 Audit opinion is a guarantee the financial
statements are 'correct' and not an absolute
assurance.
This misconceptions about the role of an auditor
are referred to as expectations gap.
1. Financial statements include subjective estimates and other judgmental matters.
2. Internal controls may be relied on which have their own inherent limitations.
3. Representations from management may have to be relied upon.
4. Evidences often persuasive not conclusive.
5. Do not test all transactions and balances, only a sample is tested.

Limitations of an audit
Expectations gap

EXTERNAL
AUDIT

Audit testing
Rights of auditors

Controls testing - Assessing the

reliability of accounting systems,
procedures and controls. 1. Access to accounting records
2. Access to information and explanations as necessary
3. Receive notice of, attend and speak at general
Substantive testing - Detailed meetings of shareholders
testing designed to detect material 4. Rights relating to their removal, resignation and
misstatement retirement.

5
BA4 Nov. 2020 – Controls Mind Maps – Boopathy Kahathuduwa

Inherent risk - The susceptibility
of a transaction, account balance or
disclosure to material misstatement
irrespective of the internal controls
in place.
Control risk - This risk is caused by the
failure of existing controls or the absence of
controls, leading to incorrect financial
statements.
Detection risk - This risk is
caused by the failure of the auditor
to discover a material
misstatement in the financial
statements.

Audit risk

EXTERNAL
Sufficient evidence AUDIT Appropriate evidence

Quantity Audit evidence Quality

There needs to be 'enough' evidence to Reliable - Obtain evidence from the Relevance - Audit evidence has to
support the auditor's conclusion. most trustworthy and dependable source address the objective/purpose of a
possible procedure

6
BA4 Nov. 2020 – Controls Mind Maps – Boopathy Kahathuduwa
 Preliminary engagement activities: Audit strategy - Sets the scope,
1. Evaluating compliance with ethical timing and direction of the audit
requirements
2. Establishing the terms of the Audit planning
engagement activities
Audit planning Audit plan - Detailed plan on how
process the various matters identified in the
audit strategy will be applied
Planning activities:
1. Developing the audit strategy
2. Developing an audit plan

Audit engagement letter

Audit opinion

EXTERNAL
AUDIT Specifies the nature of Contents
Unmodified report with unmodified opinion – the contract between
Opinion that financial statements are presented, in the audit firm.
all material respects, in accordance with applicable
financial reporting framework.

Modified report with unmodified opinion –
The financial statements show a true and fair view but
there is something that needs to be brought to the
attention of the user by way of an additional paragraph.
Modified report with modified opinion –
The financial statements don’t fully show a true and
fair view or the auditor has not obtained sufficient
appropriate evidence to make that conclusion.
BA4 Nov. 2020 – Controls Mind Maps – Boopathy Kahathuduwa
Letter of
1. The objective and scope of the audit
representation
2. The responsibilities of the auditor
3. The responsibilities of management
4. The identification of an applicable financial
reporting framework
5. Reference to the expected form and content
of any reports to be issued
A written statement by management
to the auditor to confirm certain
matters or to support other audit
evidence
7
 Contents of an unmodified Management letter
audit report

1. Title and Addressee

2. Introductory Paragraph Covers reporting deficiencies in internal
3. Management's Responsibilities control that have been identified during the
4. Auditor’s Responsibilities course of the audit.
5. Opinion
EXTERNAL
6. Other Reporting Responsibilities AUDIT
7. Signature, Date and Address

Audit Firm Governance Code

Leadership Values Independent non- Operations Dialogue Reporting

executives

8
BA4 Nov. 2020 – Controls Mind Maps – Boopathy Kahathuduwa