Client’s Name: ABCD SDN BHD Prepared by: Date

Year End: «YPEDate»1 Reviewed by: Date

UNDERSTAND THE ENTITY AND ITS ENVIRONMENT

UNDERSTAND THE LEGAL AND REGULATORY FRAMEWORK:

1 Describe the legal and regulatory framework applicable to the entity and the
industry or sector in which the entity operations, based on our understanding and
inquiry of management.

Applicable legal and regulatory framework Tick if

applicable

1.1 Companies Act

1.2 Income Tax Act
1.3 Employment laws, including Employment Act, EPF Act, SOCSO Act
1.4 Local government’s business or operating license
1.5 Sales and Services Tax Act
1.8 Others (please describe)

2 Inquire the management on the policies and procedures regarding compliance

with laws and regulations.

Management has represented that they have complied with all applicable laws
and regulations.

3 Inquire the management on the policies or procedures adopted for identifying,

evaluating and accounting for litigation claims.

Currently none, as the Company has no litigation.

4 Any indications of non-compliance with laws and regulations?

Yes
No

If Yes, specify further planned procedures.

UNDERSTAND THE NATURE OF THE ENTITY:

1 Ownership and Governance Structures, and Strategic Plan

1.1 Describe the group structure, including significant shareholders, subsidiaries,

joint ventures and associates.
The Company has three directors – Mr A, Mr B and Mr C. Mr A has 40%
shareholding in the Company. The Company is a subsidiary of AB Holdings

-1-
Client’s Name: ABCD SDN BHD Prepared by: Date

Year End: «YPEDate»1 Reviewed by: Date

which holds 60% equity interest in the Company. Mr B is also a director in AB

Holdings.
The Company has no subsidiaries, associates or joint ventures.

1.2 Describe the relationships between owners and other people or entities.

They have a good working relationship.

1.3 Describe the composition of those charged with its governance, (or Board of
Directors) and their background, including experience, qualifications and key
functions.
Mr A, Mr B and Mr C are all from the manufacturing industry with more than 10
years of experience in the industry and business. Mr A is also on the Board of the
Malaysian Manufacturing Firms Association.

1.4 Describe the composition of the key management members and their
background, including experience, qualifications and key functions.
Other than the three directors who are actively involved in the business
operations, Ms D is the CFO and Mr E is the Chief Marketing Officer. They
respectively have more than 10 years of experience in their respective fields. Ms
D is a chartered accounted and Mr E is a chartered member of the Malaysian
Institute of Marketers.

1.5 Describe the objectives, which are the overall plans of the entity.

To continuously grow their manufacturing business and move into other business
sectors in the future.

1.6 Describe the principal strategies to achieve its objectives.

Continuous marketing, improved business process and increased networking

within the industry.

1.7 Describe the business risks facing the entity.

Poor/slow collection from customers due to cash flow problems faced by
customers
Slowing demand from customers for Company’s products due to drop in
demand from its key customers
Slow moving or possible obsolete stocks due to drop in demand for
Company’s products
Possible delay or default in repayment of bank borrowings due to poor
cash flow from the business affected by slowing demand for Company’s
products

-2-
Client’s Name: ABCD SDN BHD Prepared by: Date

Year End: «YPEDate»1 Reviewed by: Date

2 Entity’s Business Operations

2.1 Describe the principal activities of the entity.

Manufacturing and trading of XYZ products

2.2 Describe the revenue sources, products or services and the markets.

Sales of products XYZ and related by-products to primarily Malaysian customers.

2.3 Describe the involvement in electronic commerce, such as internet sales and
marketing activities.
None

2.4 Describe the conduct of operations, such as the operational flows for the
production.

Mainly manufacturing process which is labour intensive with limited use of

machinery or automated process/equipment.
Trading of goods via sales persons or marketing channels.

2.5 Describe the arrangements of alliances, joint ventures and outsourcing activities.

None.

2.6 Describe the geographical dispersion and industry segmentation.

Primarily in Malaysia.

2.7 Describe all the locations of the entity’s operations.

Kuala Lumpur, Johor Bahru and Penang.

2.8 Describe key customers.

Customers are mainly local manufacturers of XXX.

Main customers are:
1. Customer A
2. Customer B
3. Customer R
Collectively they make up 65% of the company’s sales.

2.9 Describe key suppliers of goods and services.

Suppliers are mainly local manufacturers of YYY.

-3-
Client’s Name: ABCD SDN BHD Prepared by: Date

Year End: «YPEDate»1 Reviewed by: Date

Main suppliers are:

1. Supplier XX
2. Supplier ZZ

Collectively they make up 80% of the company’s purchases.

2.10 Describe key employment policies and arrangements.

Salaries and wages with standard employee benefits such as bonuses,

allowances, overtime and paid leaves.

2.11 Describe the research and development activities.

None.

2.12 Describe related party relationship and transactions.

Related company is the holding company AB Holdings and Directors of the

Company. Director A owns 40% equity interest in the company and has
significant transactions in the forms of payments and advances on behalf.

2.13 Describe whether there are any restrictions on the business, such as, franchise
agreement, licensing agreement, borrowing collaterals.
None.

2.14 Describe the extension of the adoption of information technology.

Normal Microsoft office and accounting software – UBS system.

3 Investments and Investing Activities

3.1 Describe the planned or recently executed acquisitions or divestitures.

None.

3.2 Describe the investments and dispositions of securities or loans.

None

3.3 Describe the capital investment policies.

None

3.4 Describe the investments in non-consolidated entities, including partnerships,

joint ventures and special-purpose entities.

-4-
Client’s Name: ABCD SDN BHD Prepared by: Date

Year End: «YPEDate»1 Reviewed by: Date

None

4 Financing and Financing Activities

4.1 Describe the major subsidiaries and associated entities, including consolidated
and non-consolidated structures.

None.

4.2 Describe the equity-debt structure and related terms.

Share capital = RM1,000,000

Total debts (as at 31.1.2018) = RM5,000,000.

4.3 Describe the capital investment policies.

None.

4.4 Describe the extent of usage of derivative financial instruments.

None.

5 Financial Reporting

5.1 Describe the accounting principles and industry specific practices.

No industry-specific accounting principles

5.2 Describe the revenue recognition practices.

Based on risk and rewards transferred to customers

5.3 Describe the accounting for fair values and accounting estimates
Based on market values – only for quoted investments

5.4 Describe the extent of foreign currency assets, liabilities and transactions.

Only for trade receivables – minimal foreign customers

5.5 Describe the accounting for unusual or complex transactions.

None.

-5-
Client’s Name: ABCD SDN BHD Prepared by: Date

Year End: «YPEDate»1 Reviewed by: Date

6 Selection and Application of Accounting Policies

6.1 Describe the methods used to account for significant and unusual transactions.

No unusual transactions have come to our attention.

6.2 Describe the effect of significant accounting policies in controversial or emerging

areas for which there is a lack of authoritative guidance or consensus.

None

6.3 Describe if there are changes in the significant accounting policies.

No major changes

6.4 Describe the applicable financial reporting framework, laws and regulations that
are new to the entity and when and how the entity will adopt such requirements.
None

7 Measurement and Review of the Financial Performance

7.1 Describe the information used by management for measuring and reviewing
financial performance, such as key performance indicator, key ratios.

7.2 Describe whether budgets are prepared and the process of developing budgets
and comparing budgets against actual results.
The Company has an annual budget which is compared and monitored monthly
against monthly management accounts. Major variances are investigated and
reported to the Board.

7.3 Describe whether management and employees are appraised based on the
achievement of financial performance.
Yes. Annual performance appraisal.

7.4 Describe other information used by management to measure and review financial
performance.
The management also monitors closely their bank balances and movements on a
weekly basis.

-6-
Client’s Name: ABCD SDN BHD Prepared by: Date

Year End: «YPEDate»1 Reviewed by: Date

FINDINGS (To document significant findings or risks of material misstatements on

the entity and its environment – legal & regulatory framework and nature of the
entity):

No. Findings / Risks of material misstatements

1 Due to the economic uncertainties and decrease in customer orders,
demand for the Company’s products have significantly decreased.
2 The slow-down in the economy and decrease in customer orders have also
affected the cash flows of the Company due to much slower collections
from customers.
3 Significant amount of stocks have remained unsold for the year.
4 Possible delay or default in bank loans due to cash flow concerns arising
from slow collection and unsold stocks
5 Director of the Company (Mr A) has a substantial interest in the Company
and have significant transactions with the Company as well.

Understand the Control Environment:

1 Control Environment

1.1 Describe the extent of communication and enforcement of integrity and ethical
values.

No specific approach on this matter

1.2 Describe the entity’s commitment to competence, for example, management’s

consideration of the competence levels for particular jobs.

Based on yearly appraisal and training for new and existing staff on annual basis
to improve their competency, especially when there are new requirements or
standards as well as new business requirements.

1.3 Describe the extent of the participation by those charged with governance, for
instance, their independence from management, experience, extent of
involvement.

The Board approves all policies and procedures adopted by the Company. The
Board also reviews the financial statements before they are issued. Mr A, who is
a substantial shareholder of the Company is also an executive director involved
in day-to-day business operations of the company and has significant
transactions with the Company.
[** Be weary of management override of controls]

-7-
Client’s Name: ABCD SDN BHD Prepared by: Date

Year End: «YPEDate»1 Reviewed by: Date

1.4 Describe the management’ philosophy and operating style, such as their
approaches to taking and managing business risks.

The Board and management take a balanced view & approach in mitigating their
business risks. The Board evaluates major business decisions (such as
acquisitions) through Board meeting deliberations and appoints competent and
experienced consultants to advise them, where necessary.

1.5 Describe the organisation structure, the framework within which the entity’s
activities for achieving its objectives are planned, executed, controlled and
reviewed.

The Board and key management personnel – CFO and Chief Marketing Officer;
makes decision on the company’s polices and strategic plans.

1.6 Describe how the authority and responsibility are assigned.

Principal authority and responsibility in the Company lies with the Board of
Directors

1.7 Describe the human resource policies and practices on recruitment, orientation,
training, evaluation, counselling, promotion, compensation and remedial actions.

The Company practices standard HR policies and practices. These policies and
practices are included in the Company’s Staff Handnbook.

1.8 Describe the entity’s process for identifying business risks relevant to financial
reporting objectives, estimating the significance of the risks, assessing the
likelihood of their occurrence, and deciding about actions to address those risks.
Business risk are identified by heads of departments and communicated to the
Board through regular meetings between management and the Board. Risk
management is primarily determined and decided by the Board.

1.9 Describe any significant deficiencies on internal controls identified in previous

audits and action taken by management.
In previous year audit, the following deficiencies were noted:
1. Stock quantity and amounts in stock cards and system did not tally to
stock listing provided by accounting. Management is still rectifying the
variances between the stock system and stock listing.
2. Debtors ageing report does not tally to AR ledger. Management has not
updated us with their latest action.
3. Credit management has not been properly undertaken by management. A
significant amount of debtors > 2 years were outstanding and had not
been collected. Provision for doubtful debts amounting to RMXX,000 were
provided for in prior year’s audited accounts.

-8-
Client’s Name: ABCD SDN BHD Prepared by: Date

Year End: «YPEDate»1 Reviewed by: Date

2 Information System Relevant to Financial Reporting

2.1 Describe the classes of transactions that are significant to the financial
statements.
1. Sales
2. Purchases
3. Trade receivables
4. Inventories
5. Loans

2.2 Describe the procedures, both information technology and manual systems, of
initiating, recording, processing, correcting, transferring transactions to the
general ledger and reporting in the financial statements.
The Company uses its UBS accounting software for processing accounting
transactions.

2.3 Describe how the information system captures events and conditions, other than
transactions, that are significant to the financial statements.
None.

2.4 Describe the financial reporting process used to prepare the financial statements.
Transactions are passed through journals supported with supporting documents
that are usually raised by the Accounts Executive through the UBS system.
Transactions are checked and approved by the Finance Manager and CFO, also
via the UBS system.

2.5 Describe the controls surrounding journal entries, including non-recurring,

unusual transactions or adjustments.
Transactions are processed via the UBS system which have controls within the
application for posting and authorisation controls embedded within the system.

[Attach/Cross reference to selected journal entries items tested for

assessment of controls over journal entries]

2.6 The extent and complexity of the use of information technology is:
ERP System Semi-integrated Bookkeeping only

2.7 The importance of the information technology to the entity is:

Very important Important Not important

2.8 Describe the IT resources of the entity, IT applications and other aspects of IT
environment used in financial reporting and general IT controls to address
significant risks identified.
-9-
Client’s Name: ABCD SDN BHD Prepared by: Date

Year End: «YPEDate»1 Reviewed by: Date

The Company has a documented IT Policy approved by the Board and is

reviewed yearly by the IT Manager/Executive Director. The company uses an IT
system for its Sales (Sales Pro-X20) and Accounting (UBS v5.0). The Company
also has a server on Cloud as well as a physical server located at XXXX, to back-
up data. The Company also has a full time qualified IT Manager to over sea IT
matters of the company.

Transactions are processed via the UBS system which have controls within the
application for posting and authorisation controls embedded within the system
(application controls) and general IT controls (IT policy, use of passwords and
limited access to IT systems)

Authorised access only given to accounts and finance staff to post or initiate
entries into the accounting system using their designated User IDs and
passwords. Transactions are also authorised by Finance Manager using his User
ID and password. Similarly for Sales & Collection IT System – authorised access
only given to Sales Team using their designated user IDs and passwords.

Company policy requires passwords to be changed once every 6 months. Logs of

access to the accounting system and sales system is maintained and reviewed
on a quarterly basis by IT Manager and Executive Director.

Any amendments or changes to transactions into the IT systems requires

approval from the Sales Director (for Sales System) and Finance Director (for
Accounting System).

Back-up of data is done to the Company’s server on a monthly basis by the IT

Manager.

[Attach/Cross Company’s IT Policy]

2.9 Describe the cycles or systems that have been tested in previous audits and
system/cycles that are planned for the current audit.
No test of controls has been performed in previous audit on any systems/cycles.

[Note down any TOC planned for current audit – Cross reference to TOCs]

FINDINGS (To document significant findings or risks of material misstatements on

our understanding of the entity’s control environment):

No. Findings / Risks of material misstatements

1. Poor stock controls
2. Poor credit control/management
3. No specific or additional controls in accounting or management
information system to capture significant transactions.
4. Potential management override of controls

- 10 -
Client’s Name: ABCD SDN BHD Prepared by: Date

Year End: «YPEDate»1 Reviewed by: Date

CONCLUSION:

Based on the understanding above, the overall audit risk is:

High

Medium

Low

- 11 -