PROFESSIONAL LEVEL EXAMINATION

WEDNESDAY 15 MARCH 2017

(2½ hours)

AUDIT AND ASSURANCE

This paper consists of six short-form questions (20 marks) and three long-form questions (80
marks).

1. Please read the instructions on this page carefully before you begin your exam. If you
have any questions, raise your hand and speak with the invigilator before you begin.
The invigilator cannot advise you on how to use the software.

2. Click on the Start Exam button to begin the exam. The exam timer will begin to count
down. A warning is given five minutes before the exam ends. When the exam timer
reaches zero, the exam will end. To end the exam early, press the Finish button.

3. You may use a pen and paper for draft workings. Any information you write on paper
will not be read or marked.

4. Answer the short-form questions in note form only. Complete sentences are not
required.

5. The examiner will take account of the way in which answers are structured. Do not write
anything which is not in direct response to the examination questions.

6. Ensure that all of your responses are visible on screen and are not hidden within cells.
Your answers will be presented to the examiner as they appear on screen.
1. Your firm is the external auditor of Shan plc (Shan), a large listed entity. The directors of
Shan have requested that your firm undertakes an additional engagement to value the
company’s investments for inclusion in the financial statements for the year ending 31 March
2017. Shan’s investments are a material proportion of the company’s total assets.

State, with reasons, how your firm should respond to this request. (3 marks)

2. Explain the importance of professional scepticism in the context of an external audit

engagement. (3 marks)

3. List the key purposes of:

 an engagement quality control review; and

 monitoring (‘cold’ audit file review). (3 marks)

4. Your firm is the external auditor of Munkee Ltd (Munkee) for the year ending 31 March 2017.
Jade Vachir, Munkee’s sole shareholder and managing director, has informed the
engagement partner that she intends to sell her shares after the year end and has started
negotiations with a prospective buyer.

Explain why this information should be considered by the engagement partner for the
external audit of Munkee for the year ending 31 March 2017. (4 marks)

5. During the external audit of Martial Ltd (Martial) for the year ended 31 January 2017, you
discover a letter to Martial dated 15 February 2017 from its largest customer, Artz Ltd (Artz).
The letter threatens the early termination of Artz’s contract with Martial due to issues over the
quality of goods supplied.

Explain the relevance of this letter to the external audit of Martial for the year ended
31 January 2017. (3 marks)

6. You are the audit senior responsible for the external audit of Crock Ltd (Crock) for the year
ended 31 December 2016. The directors of Crock have refused to provide a written
representation that all transactions have been recorded and reflected in the financial
statements. The audit junior has suggested that an emphasis of matter paragraph is included
in the audit report to highlight to users of the financial statements that the written
representation has not been provided by the directors.

State, with reasons, whether the audit junior’s suggestion is appropriate and outline the
impact on the auditor’s report of the directors’ refusal to provide the written representation.
(4 marks)

QUESTION 6 COMPLETES THE SHORT-FORM QUESTIONS

LONG-FORM QUESTIONS (7 – 9) FOLLOW

Copyright © ICAEW 2017. All rights reserved. Page 2 of 6

7. Your firm has recently been appointed as the external auditor of Shifu Ltd (Shifu). Shifu has
developed Nodle, an online human capital management system which includes payroll
processing, employee expense management and time tracking tools. Shifu contracts with
corporate customers to supply access to Nodle over the internet. You are the audit senior
responsible for planning the external audit for the year ended 31 January 2017. The
engagement partner has asked you to consider the following key areas of audit risk:

(1) Revenue – user licence fees and set-up fees

(2) Intangible assets – software development costs
(3) Compensation payable and receivable

Shifu charges customers an annual licence fee for Nodle based on the number of expected
users within the customer’s organisation. A user is any person at the customer’s organisation
that has access to Nodle. The expected full licence fee is payable by customers at the start of
each 12-month period covered by the contract. At the end of each 12-month period, Shifu
compares the number of actual users who have accessed Nodle with the expected number of
users to determine any over- or under-usage by the customer. Customers pay additional
licence fees to Shifu for over-usage and Shifu refunds customers for any under-usage. Shifu
recognises revenue from licence fees evenly over each 12-month contract period. Revenue
is adjusted for any anticipated over- or under-usage on contracts straddling the year end.

New customers are charged a fixed set-up fee, which must be paid before work commences
on setting up Nodle for the organisation. Set-up takes between three and nine months to
complete. On completion of the set-up customers are required to confirm in writing that Nodle
has been satisfactorily set up. Set-up fees are recognised evenly over the set-up period.

Shifu has a reputation in the market for making continuous improvements to Nodle. Shifu’s
software developers make changes to Nodle to fix software problems (bugs), make
improvements and release new features. Developers keep a record of the time spent working
on each change. Each month Shifu’s head of development uses these time records to
calculate the amount of developers' costs relating to improvements and new features. These
software development costs are capitalised and amortised over their estimated useful lives.
Amortisation and developers' costs incurred to fix bugs are included in cost of sales.

Contracts between Shifu and its customers require Nodle to be available to users for 99.5%
of the time. Shifu must pay compensation to its customers, at the rate agreed in each
contract, for each month in which the 99.5% service level is not met. In January 2017, Shifu
did not meet the 99.5% service level due to a failure at the data centre where Nodle is
hosted. The data centre is owned and operated by Mantis Ltd (Mantis). Shifu intends to claim
compensation, under its contract with Mantis, for the costs incurred as a result of the failure
at the data centre. Shifu’s directors have estimated that the compensation due to its
customers in respect of this failure is £920,000. No amounts for compensation payable or
receivable have been included in the draft financial statements as the directors expect the
compensation to be claimed from Mantis to exceed the amount due to Shifu’s customers.

You have obtained the following information from Shifu’s management to use in your
consideration of the key areas of audit risk:

Year ended 31 January: 2017 2016

Average number of Nodle users 627,546 572,158
New customers 49 63

Copyright © ICAEW 2017. All rights reserved. Page 3 of 6

Statement of profit or loss for the year ended 31 January (extract)

2017 2016
(draft) (audited)
£’000 £’000
Revenue
- User licence fees 58,187 42,198
- Set-up fees 11,997 12,480
70,184 54,678
Cost of sales (note) (35,051) (34,454)
Gross profit 35,133 20,224

Note: Cost of sales for the year ended 31 January 2017 includes costs of £899,000 incurred
in fixing bugs (year ended 31 January 2016: £1,678,000).

Extract from notes: Intangible assets – software development costs

2017 2016
(draft) (audited)
£’000 £’000
Carrying amount at 1 February 8,745 10,163
Additions 5,791 3,417
Amortisation in the year (4,124) (4,835)
Carrying amount at 31 January 10,412 8,745

Requirements

7.1 Justify why the items listed by the engagement partner as (1) to (3) have been identified
as key areas of audit risk and, for each item, describe the procedures that should be
included in the audit plan to address those risks.

You should present your answer in a two-column format using the headings:

 Justification; and
 Procedures to address each risk. (28 marks)

7.2 Companies, such as Shifu, have a responsibility to put measures in place to protect
their customers from loss of data and breaches of data security.

Identify and explain the audit risks that would arise if Shifu failed to meet these
responsibilities. (5 marks)

7.3 State, with reasons, the implications for the auditor’s report if Shifu’s directors do not
make any changes to the financial statements for the year ended 31 January 2017 in
respect of the £920,000 compensation payable to Shifu’s customers. (3 marks)

Total: 36 marks

Copyright © ICAEW 2017. All rights reserved. Page 4 of 6

8. Described below are four situations which have recently arisen at four unrelated firms of
ICAEW chartered accountants.

Oogway Group plc (Oogway)

Jade LLP is the external auditor of Oogway. Li Ping was the engagement partner for the audit
of Oogway, a listed company, for five years. In April 2016 he was rotated off the audit
engagement and replaced by Sarah Bao. On 6 March 2017, whilst planning the audit for the
year ended 28 February 2017, Sarah became unwell and took an indefinite leave of absence
from your firm. The directors of Oogway have requested that Li immediately returns as
engagement partner to complete the planning and ensure that the audit remains on schedule.

Dragoon Ltd (Dragoon)

Wok LLP is considering whether to accept appointment as external auditor of Dragoon for the
year ending 30 June 2017. Wok LLP has written to the previous auditor, Master LLP,
requesting information which could influence its decision. Master LLP has responded that it
did not accept reappointment because it identified irregularities in the recognition of revenue
during the audit for the year ended 30 June 2016. Master LLP considered the irregularities to
be deliberate misstatements. When Wok LLP raised the matter with Dragoon’s directors, they
responded that the misstatements had been genuine errors which were corrected and that
Master LLP had issued an unmodified auditor's report.

Pand Ltd (Pand)

Red LLP provides internal, but not external, audit services to Pand, a luxury holiday
company. During a recent visit to Pand, Peony Meng, a member of the internal audit team,
identified that two payments of the same amount were paid to the same supplier. Further
investigation showed that only one transaction had taken place. Enquiries of the accounts
department personnel produced unsatisfactory responses. A few days later Pand’s finance
director telephoned Peony. He offered her a free holiday to compensate for the additional
work that she had to undertake due to this issue. He also requested that she keep the matter
quiet so as not to make the accounts department appear incompetent.

Dymsum Group Ltd (Dymsum)

Shen LLP is the external auditor of Dymsum and its UK-based subsidiaries. Dymsum has
recently acquired 100% of the share capital of Mei Ltd (Mei), a company incorporated and
operating in China. The directors of Dymsum have requested that Shen LLP accepts
appointment as external auditor of Mei and undertakes a one-off engagement to review and
report on the adequacy of internal controls at Mei. Shen’s annual audit fee is expected to rise
to £998,400 if it accepts appointment as auditor of Mei. The fee to review and report on
internal controls at Mei is expected to be £155,000. Your firm's total annual fee income is
expected to be £7.2 million. None of the entities within the group is listed.

Requirements

8.1 Identify and explain the professional and ethical issues arising in each of the situations
above. State any actions that each firm’s partners or its other employees should take to
address these issues. (22 marks)

8.2 List the specific matters, arising from the acquisition of Mei, that Shen LLP should
consider when planning the audit of Dymsum. (4 marks)

Total: 26 marks

Copyright © ICAEW 2017. All rights reserved. Page 5 of 6

9. Your firm is performing an engagement to review and provide an assurance report on the
financial statements of Viper Ltd (Viper) for the year ended 31 January 2017. The review was
requested by Po Bank plc (Po Bank) which is considering a loan application from Viper. Viper
is not required to have an external audit under the Companies Act 2006.

The following matters arose when performing the planned procedures:

 When reviewing the accounting records for significant journal entries, it was noted that
the year-end journal to record prepayments had been posted to the general ledger twice
in error. The journal entries had not been authorised or reviewed and IT controls do not
prevent the posting of journals with a reference number which is identical to an existing
journal.

 Your firm’s analytical procedures identified that trade receivables days had increased
from 35, at 31 January 2016, to 42 at 31 January 2017. Viper’s credit terms are 30 days.
Enquiries of management revealed that trade receivables included an overdue balance of
£152,000 in respect of Warrior Ltd (Warrior). Warrior has refused to pay the balance
because it claims it did not receive the goods. Viper does not retain evidence that goods
have been dispatched from its warehouse or received by its customers. The directors do
not consider it necessary to make any adjustments to the financial statements in respect
of this matter.

Viper’s financial statements show profit before tax for the year ended 31 January 2017 of
£1.2 million.

Requirements

9.1 State the internal control deficiencies identified when performing the planned
procedures. For each deficiency, outline the possible consequence(s) of the deficiency
and provide recommendation(s) to remedy each deficiency. (7 marks)

9.2 List the differences between a report prepared by a practitioner for an engagement to
review financial statements and the report prepared by auditors for an external audit
engagement of an unlisted company. (3 marks)

9.3 In respect of Warrior's overdue balance, state whether you would modify your firm’s
assurance report. Give reasons for your conclusion and describe the modifications, if
any, to the assurance report. (4 marks)

9.4 Outline the possible consequences for your firm of reaching an inappropriate conclusion
following the review of the financial statements of Viper. Describe how firms can
mitigate the impact of any financial consequences arising from an inappropriate
conclusion. (4 marks)

Total: 18 marks

Copyright © ICAEW 2017. All rights reserved. Page 6 of 6