Answering Section A questions in the Advanced Audit and Assurance (AAA) exam

The Section A question in the AAA exam is worth 50 marks, therefore gaining a strong mark in this question is key to passing the exam.

There are a few important points to remember when approaching the question:

  1. The question is always set at the planning stage of the audit
  2. The current date will always be 1 July 20X5, with the year end of the client being 30 September 20X5.
  3. There will be a significant proportion of the marks in respect of the identification and evaluation of the risks associated with the client (these may be business risks, risks of material misstatement or audit risks. On occasion, it may be a combination of risks which the partner is asking for analysis on).
  4. Exhibit 1 will be the partner’s email which will outline the requirements and what will need to be addressed. The format will always be in the form of briefing notes to the partner.

Stepping up from AA to AAA

Candidates will have addressed audit risk questions at AA. The same principles apply, but require a broadened range of the risks which include identification of risks of material misstatement and business risks. For more information on these type of risks, use the articles published on risks.

Candidates will also require an additional depth of knowledge and demonstrate greater understanding of the financial reporting requirements. At AA, the required knowledge of financial reporting was limited to that examined at FA. AAA will require the knowledge gained at FR and SBR. Although candidates can take the exams in any order they wish, it is highly recommended to sit and pass SBR prior to sitting the AAA exam. Without the relevant knowledge of financial reporting, it will be very difficult to explain the impact of the potential misstatement by incorrectly applying the relevant accounting standard.

Structure of the question: what will be asked?

At least 20 marks will be attributable to the identification, evaluation or assessment of the risks in the scenario which will affect the audit plan.

The remaining 20 marks (remember that there are 10 professional skill marks) will be based on a selection of ‘other issues’. These may include:

  • Ethical and professional issues
  • Discussion of actions and/or procedures to mitigate the risks already identified
  • Discussion of the auditor’s responsibilities in respect of laws and regulations (including fraud, money laundering, breaching specialist industry regulations, licence agreements, etc)
  • Other issues, for example, using data analytics, problems assessing non-financial KPIs, sustainability issues, internal controls, auditing outsourced services, use of audit experts,

This is not an exhaustive list of the content of the questions, but will provide candidates with some guidance as to what they may face in the live exam.

Approaching the exam

With the revisions to ISA 315, candidates will have seen requirements which ask for:

‘Evaluation and prioritization of the significant risks of material misstatement/audit risk’

Business risks, however, do not require prioritization as the Examining Team do not assume any industry specific knowledge.

Other types of questions may also be asked which use the same basic principles:

  1. What are the significant (important) risks in this scenario?
  2. What type of risks are the candidates being asked about?
  3. Why are the risks significant in this audit plan?
  4. What can the audit team do to mitigate these risks?

The assessment of risks may be asked in a variety of different ways, here are some of the main examples (note that the specific issues are used as guidance and will not necessarily feature in the live exam, this is purely for illustrative purposes).

Assessment of risks style

1) ‘Evaluation and prioritization of the significant risks of material misstatement/audit risk’
Candidates will need to use the guidance provided in the requirement (using specific exhibits where indicated) to identify and then assess the different risks (these may be audit risks or ROMMs). Candidates will gain credit for prioritizing the most significant of these risks.


A) ‘Evaluate and prioritise the risks of material misstatement to be considered in developing the audit strategy and audit plan

You are NOT required to consider the risks relating to goodwill

B)(i) Justify why goodwill has been identified as a significant risk of material misstatement; and

(ii) Design the audit procedures to be performed on the valuation of goodwill’

This style is breaking the risk assessment into two parts. In Part (A) candidates are required to use their skills in identifying and explaining the risks of material misstatement (or audit risk if the question specifies it). However, the risks associated with goodwill should not be discussed, as these will be addressed in part (B). Part (B) then requires the student to use their auditing and financial reporting knowledge to justify why this specific issue is a risk in the context of the specific scenario. The audit procedures will then be associated with that specified risk.

For part (A) candidates should remember that marks are available for the prioritization of risks in their answer. Note that goodwill can be disregarded for this part of the question (the Examining Team will be looking to see how the candidates will prioritise the other risks they identify).

3) ‘Justify why each of the following issues have been identified as a significant risk of material misstatement:

a. Goodwill
b. Inventories
c. Non-current assets’

In this style of question (again, which can relate to audit risk or ROMM), the partner has identified what areas they have identified as significant. Candidates will need to use their auditing and financial reporting knowledge to justify why these are risks. This style has already steered the candidates to what they need to discuss, but equally, they will have to ensure that they can discuss the selected issues in depth (each issue will be worth 3-6 marks).

4). ‘Evaluate the business risks to be considered in planning the Group audit’
Business risks will only ever be asked in a more general context and will require no pre-existing industry knowledge with all the relevant information being given in the scenario. It is important that candidates can take the information provided in the scenario and identify what are the business risks which are relevant to the context of the specific audit.


What the risks are have already been established by the partner, however, it is the student who must state why these are risks. This may require explaining the underlying financial reporting treatment, or explaining that it is an area where significant judgement or estimation has to be used.

Finally, candidates should explain the implications of this risk, there may be material misstatements impacting the financial statements, an issue which is highlighting a potential wider issue (poor estimation or judgement by management, lack of adequate controls, etc) or an issue which requires additional disclosure or reporting to other parties (TCWG, legal authorities, etc).


Revise the knowledge, but ensure that there is plenty of question practice to get used to the style and type of questions. Where candidates are required to evaluate risks, they should remember the What/Why/Implication approach.

Further reading