The pass rate for P7, Advanced Audit and Assurance continues to be low. The examiner’s reports, which are published after each exam session, provide a valuable insight into the strengths and weaknesses of candidates’ performance, and useful exam technique points. This article provides supplementary advice on exam technique, reiterating and expanding on comments made in the examiner’s reports, and focusing on some of the more common requirements that feature in P7.
A common feature of a Section A question is the requirement to assess the risks to be considered in planning an audit of financial statements. Candidates often seem well prepared for this type of requirement, but often fail to be sufficiently specific in how risks are identified, explained or evaluated. When tackling a requirement involving risk assessment, the first issue is to be clear on exactly what type of risk assessment has been asked for. According to the P7 syllabus Section D1 (i), there are three different categories of risk assessment that can feature in a requirement – business risk, audit risk, and risk of material misstatement. Despite being related to each other, they are different, and require a different focus in answering the relevant requirement.
Business risk is defined in ISA 315, Identifying and Assessing the Risks of Material Misstatement through Understanding the Entity and Its Environment as a risk resulting from significant conditions, events, circumstances, actions or inactions that could adversely affect an entity’s ability to achieve its objectives and execute its strategies, or from the setting of inappropriate objectives and strategies. Auditors assess business risk in order to develop business understanding, and as part of forming a view on the overall risk of the audit assignment.
Business risks are often linked to inherent risk, which itself is a component of audit risk. ISA 200, Overall Objectives of the Independent Auditor and the Conduct of an Audit in Accordance With International Standards on Auditing explains that external circumstances giving rise to business risks may also influence inherent risk. For example, for a company operating in a high-tech industry, technological developments might make a particular product obsolete, thereby causing inventory to be more susceptible to overstatement.
However, if a question requirement in the exam involves the specific assessment or evaluation of business risk only, candidates should focus their attention on the specific business risks identified from the scenario, and not develop their answer to include other types of risk, or discuss the impact of the risk on the financial statements.
ISA 200 explains that the risk of material misstatement is the risk that the financial statements are materially misstated prior to audit, and is composed of inherent risk and control risk. Therefore, if a requirement relates to the risk of material misstatement, candidates are advised to focus on inherent and control risks arising from the question scenario. Unlike an assessment of business risk, when it is not necessary in answering a question to consider the specific financial statement implication of the risk, when assessing the risk of material misstatement it is crucial to discuss the specific impact of the risk on the financial statements. This should include details as to the specific account balance or transaction affected, whether the potential misstatement is an over or understatement, or whether the potential misstatement relates to a specific disclosure requirement in the notes to the financial statements.
Finally, audit risk is the broadest level of risk, as it includes not only inherent and control risks, but also detection risks. So, if a requirement involves audit risks candidates should consider these three components of risk in their answer.
Analytical review is required at the planning stage of the audit. For that reason, questions involving audit planning and risk assessment may contain extracts from financial statements, either complete elements of the financial statements or shorter components, which candidates are expected to use as a means of identifying potential risks. These may be business risks, audit risks, or risks of material misstatement.
Analytical procedures may involve ratio analysis, the calculation of simple trends, or comparisons of figures. When answering a question that involves risk assessment, candidates are encouraged to perform analytical review as a means to identify potential risks, even if the question requirement does not specifically ask for analytical review. It is important that calculations are not performed in isolation, but are used in a discussion of the specific risk as required.
Requirements asking candidates to recommend specific audit procedures are a common feature of P7 questions, and can feature in many different types of question, not confined to scenarios involving the planning stage of the audit. Here, candidates often fail to answer the specific question requirement. It is important that the answer only provides actual audit procedures. No discussion of other matters, such as the relevant accounting treatment, or the materiality of the balance or transaction in question is necessary.
When recommending an audit procedure, the wording should be as specific as possible, and should focus on the exact requirement, which often stipulates a particular issue for which procedures are required – for example, the classification of a lease, or the recoverability of a receivable. In order to provide sufficiently focused answers, candidates must understand the objective of audit procedures required, and tailor the recommended procedures to meet that objective.
Ethics is a core component of the syllabus, and can feature in Section A or Section B questions. While candidates often seem well prepared for questions on ethical matters, they do not always provide sufficiently detailed answers.
The International Ethics Standards Board for Accountants’ (IESBA) (IFAC) Code of Ethics for Professional Accountants provides a useful framework for discussing ethical matters. A three-step process is useful to apply the provisions of the IESBA Code. The first step is to identify what type of ethical matter is apparent from the question scenario. This could be a threat to objectivity and independence, or an issue such as confidentiality or conflict of interest. If the ethical matter is a threat to objectivity then there should be identification of the specific risk factor – for example, a self-review or intimidation threat, and then a brief explanation as to why that risk factor is relevant.
The second step is to evaluate the significance of the threat identified. The level of significance depends on many matters and will vary depending on the specific type of threat that has been identified. It could include, for example, the seniority of the people involved with the threat, or the materiality of an issue to the financial statements.
The third step is to consider whether safeguards are available to eliminate the threats identified, or to reduce them to an acceptable level. Safeguards should be recommended that are appropriate to the scenario – for example, taking into account the size of the audit firm. Candidates should also be ready to recognise situations when safeguards cannot be used to reduce threats to an acceptable level. Candidates are also reminded that for public interest entities there are stricter requirements in relation to ethical matters, which should be discussed where relevant.
Candidates in the UK and Ireland can draw on the principles and requirements of the Ethical Standards issued by the Auditing Practices Board. The same three-step process can be used, as described above, and candidates will earn equal credit whether they refer to the IESBA Code, or the Ethical Standards as the relevant regulatory framework.
This article is intended to provide greater clarity for candidates in how to answer some of the more common features of requirement in P7. Candidates are strongly encouraged to attempt recent exam questions and to read the relevant examiner’s reports, which are available on ACCA’s website. This is a very effective method to practise exam questions, develop exam technique, and benefit from the resources available to all candidates.
Written by a member of the P7 examining team