0% found this document useful (0 votes)

244 views61 pages

Risk Assessment Toolkit (Déc. 2018)

Uploaded by

Mounia Lorche

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

244 views61 pages

Risk Assessment Toolkit (Déc. 2018)

Uploaded by

Mounia Lorche

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 61

Risk

Assessment
Toolkit

Internal use only

_______________

December 2018

Document Classification - KPMG Confidential

Introduction
Audit quality, supported by our methodologies and processes, is at the heart of our culture of integrity and
drive for continuous improvement. At KPMG in the Cayman Islands, our relentless focus on quality is
anchored by:

Our Culture where audit quality is the responsibility of everyone at the KPMG and is driven from the top
by the leadership of our firm.

Our People who approach all matters in an audit with objectivity and professional skepticism to offer
relevant, valued insight and impartial views through candid communications on a timely basis.

Our Approach which has embedded globally consistent methodologies and policies enabled by
innovative tools.

Our Monitoring programs which are fundamental to understanding the root causes to any quality issues
to sustain quality through effective remediation and continue to build on our success.

Purpose of this document

Audit quality is fundamental to maintaining public trust and is the key measure on which our professional
reputation stands. We define ‘audit quality’ as being the outcome when:

— Audits are executed consistently, in line with the requirements and intent of applicable professional
standards, within a strong system of quality controls.
— All of our related activities are undertaken in an environment of the utmost level of objectivity,
independence, ethics and integrity.

Delivering a quality audit can be challenging, with lots of tasks to be executed at the same time. Even if
you feel well prepared for the audit, there’s always the risk that some unexpected issue catches you by
surprise. Such issues can have a domino effect on your audit plan, increasing the time pressure as you
approach your reporting deadline, and putting audit quality at risk.

This document is developed to provide you with application reminders related to risk assessment
procedures and is based on findings and emerging issues from our audit quality monitoring programs.

While this document can be used as a quick reference guide, it is not a substitute for an in depth
understanding of the KPMG Audit Methodology and the relevant technical standards which is the
professional responsibility of each individual.

Please contact any of the AQPP team members if you would need any clarification with respect to any of
the content in this document.

Audit Quality and Professional Practice

Document Classification - KPMG Confidential

Significant accounts and disclosures 8

Significant risk 12

Materiality and aggregation risk 22

Estimates 31

Understanding of IT 41

Information produced by the entity that we use as audit evidence 47

Document Classification - KPMG Confidential

Have you appropriately performed risk assessment procedures?

1.1 The risk assessment model

Document Classification - KPMG Confidential 1

© 2018 KPMG, a Cayman Islands partnership and a member firm of the KPMG network of
independent member firms affiliated with KPMG International Cooperative (“KPMG International”),
a Swiss entity. All rights reserved.
1.2 Have you appropriately performed risk assessment
procedures?
Risk assessment procedures: Those audit procedures that are performed to obtain an
understanding of the entity and its environment, including the entity’s internal control, to identify
and assess the risk of material misstatement, whether due to fraud or error, at the financial
statement and assertion levels.

Understanding the entity and its environment, including the entity’s internal controls:
Obtaining an understanding of the entity and its environment, including the entity’s internal
control, is a continuous, dynamic process of gathering, updating and analyzing information
throughout the audit.

Understanding the entity

Document Classification - KPMG Confidential 2

© 2018 KPMG, a Cayman Islands partnership and a member firm of the KPMG network of
independent member firms affiliated with KPMG International Cooperative (“KPMG International”),
a Swiss entity. All rights reserved.
We can obtain an understanding of the elements of entity and its
environment by performing following procedures:

Key elements of entity Worth highlighting

and its environment, Procedures Sources of information couple of these areas
including internal control in more detail to
successfully identify
• Industry, and other Inquiry and • Offering
risk of material
external factors inspection memorandum
misstatement:
• Laws and regulation • registration statement
• Nature of the company • form ADV — Applicable financial
• Objectives, strategies • BOD meeting minutes reporting framework
and related business which entails
risk
understanding not
• Company performance
only of the relevant
measures
financial reporting
• Selection and Inquiry and • Draft financial
standards (IFRS,
application of inspection statements
U.S. GAAP) but also
accounting principles • BOD meeting minutes
any relevant industry
• Disclosures
specific regulation
• Entity level control Inquiry and • Policy manual
(CIMA, CFTC,
inspection • Compliance manual
Cayman Island
• BOD meeting minutes
Insurance Law, to
• Process level controls Inquiry, • Inspect process
name a few).
• Information systems inspection, documents, e.g.
(GITCs) observation flowcharts
and • Perform walkthrough — Knowledge of entity’s
objectives, strategies
reperformance • Involve IRM
and business risk
• Significant unusual Inquiry and • BOD meeting minutes
transactions
Inspection,
analytical
procedures

• Related parties Inquiry and • Organization chart

inspection • Offering documents
• Shareholders register

• Litigations, claims and Inquiry and • Legal expense

assessments inspection account
• BOD meeting minutes
• Correspondence with
external legal counsel

Remember: Inquiry alone is not sufficient (KAM 9.1340)

Document Classification - KPMG Confidential 3

1.3.2 eAudit 2.5.1 – Minutes

Summarize matters
identified to be
addressed in audit,
either in the eAudit
screen or in a separate
attachment

1.3.3 eAudit 2.6.1 – Entity and its environment

Document Classification - KPMG Confidential 4

Remember to add any related

party transaction identified,
to the Tracker

1.3.4 eAudit 2.6.8 – Related parties

Document Classification - KPMG Confidential 5

Conducting a discussion among engagement team members – Risk assessment and

planning discussion – RAPD
One of the required steps in risk assessment process is to conduct a discussion among
engagement team members about the susceptibility of entity’s financial statements to material
misstatement due to fraud or error.

The engagement partner and other key members of the engagement team shall be involved in
planning and participating in the discussion among engagement team members.

What is the purpose of the risk assessment and planning discussion?

An opportunity for the most experienced Exchange information about business risk
members of the audit team to share their applicable to entity and how and where the
vision of the entity financial statements might be susceptible to
material misstatement due to fraud or error.

A better understanding by the audit team of Define the basis upon which team members
the impact on their work of the risks communicate and share information
identified and the consequences of the obtained that may affect the assessment of
results of their work on the approach. RMM and audit procedures.

Enables us to consider appropriate Permits us to determine how the results of

response to the susceptibility to material the audit procedures will be shared among
misstatement due to fraud. the engagement team and how to deal with
any allegation of fraud that may come to
our attention.

Document Classification - KPMG Confidential 6

— Engagement
Required discussion items partner should
lead the
Key elements discussion on
Application of Susceptibility
of our fraud and
applicable of financial Significant
understanding significant risk.
financial statements to unusual
of the entity, — Document the
reporting material transactions
including minutes of the
framework misstatement
internal control discussion.
— Ensure audit
Risk of fraud
approach
or error
Accounting discussed in
Risk of resulting from
estimates RAPD consistently
Fraud risk management related party
(estimation flows through the
factors override of relationship
uncertainty, eAudit file.
control and related
significant risk) — Communicate the
party
transactions. key matters with
those team
Planned members and
Significant Planned response to Importance of other engagement
changes in the procedures to identified maintaining reviewers that
entity from prior respond to significant risk professional were not involved
period fraud risk and other skepticism in the discussion.
matters

1.3.6 Where can you find out more?

― Risk Assessment Practice Aid

Document Classification - KPMG Confidential 7

© 2018 KPMG, a Cayman Islands partnership and a member firm of the KPMG network of
independent member firms affiliated with KPMG International Cooperative (“KPMG International”),
a Swiss entity. All rights reserved.
Significant accounts and disclosures
2.1 Determination of significant accounts and disclosures and
relevant assertions (eAudit activity 2.3)

Questions to consider

— Did you evaluate whether all significant accounts and disclosures identified are
appropriate, is there a risk of material misstatement?
— Does the level of disaggregation of the account appear reasonable?

2.2 Did you evaluate whether all significant accounts and

disclosures identified are appropriate, is there a risk of material
misstatement?
Significant account: A significant account is an account where there is a reasonable possibility
that the account could contain a misstatement that, individually or when aggregated with others,
has a material effect on the financial statements, considering the risks of both overstatement
and understatement.

Significant disclosure: A significant disclosure is a disclosure where there is a reasonable

possibility that the disclosure could contain a misstatement that, individually or when aggregated
with others, has a material effect on the financial statements.

Relevant assertion: A relevant assertion is an assertion related to a significant account or

disclosure that has a reasonable possibility of a misstatement that individually or in aggregate
would cause the financial statements to be materially misstated, considering the risks of both
overstatement and understatement.
Note: The determination of whether an account or a disclosure is significant or an
assertion is a relevant assertion, is based on inherent risk, without regard to the effect of
related controls.

Document Classification - KPMG Confidential 8

© 2018 KPMG, a Cayman Islands partnership and a member firm of the KPMG network of
independent member firms affiliated with KPMG International Cooperative (“KPMG International”),
a Swiss entity. All rights reserved.
Qualitative and quantitative risk factors We consider
qualitative and
quantitative risk
factors to identify
significant account
and disclosures
and their relevant
Volume of activity,
Susceptibility to assertion (KAM
Size and composition complexity, and
misstatement due 10.1318)
of the account homogeneity of the
to error or fraud
transactions

Changes from the

Exposure to
Nature of the prior period in
losses in the
account/disclosure account/disclosure
account
characteristics

Existence of Accounting/reporting
Possibility of related party complexities
significant liabilities transactions in the associated with
account account/disclosure

2.3 Does the level of disaggregation of account

appear reasonable?
2.3.1 Significant accounts and disclosures: Aggregation vs.
disaggregation

As per KAM 10.1330, we usually start by considering financial statement

captions as accounts. However, if the financial statement captions
contains general ledger accounts (or group of general ledger accounts)
with different risks, we many disaggregate them further to the level of
general ledger accounts or a group of such accounts, based on our
assessment of different inherent risks of error, inherent risks of fraud,
control risk, or controls in place.

Document Classification - KPMG Confidential 9

Significant disclosure: If the financial statements contain disclosures with different risks,
we may disaggregate them further based on our assessment of the different risk or error,
inherent risks of fraud, control risks, or controls in place.

Example – Significant disclosure: Disaggregation of disclosure

Document Classification - KPMG Confidential 10

Questions Response

Is an account with a balance Not necessarily. For an account to be significant, the

above materiality, significant? account should carry a risk of material misstatement. Hence,
an account balance with no risk of material misstatement is
not considered significant even though they are above
materiality. Such accounts are called “Material non-
significant” accounts.

Can an account with zero Yes. In order to determine whether an account is significant
balance be significant? or not, the amount of potential misstatement on the account
should be considered.
For example: Investment in a private security carried at nil
value. In this example, even though the value of investment
in private security account is nil, the amount of potential
misstatement as a result of valuation error could be material.

Document Classification - KPMG Confidential 11

— Have you assessed whether any risks of material misstatement represent a significant
risk at the assertion level?
— Have you described significant risks, including fraud risks, with sufficient specificity?
— Is it clear that your planned audit approach adequately responds to significant risks?

3.1 Have you assessed whether any risks of material misstatement

represent a significant risk at the assertion level?
Significant risk: A significant risk is an identified and assessed risk of material misstatement
that, in our professional judgement, requires special audit consideration because of the nature of
the risk or the likelihood and potential magnitude of misstatement related to the risk.
Failure to correctly identify significant risks– of fraud or of error – could result in you:
― not obtaining sufficient appropriate audit evidence to support the audit opinion; or
― performing unnecessary audit procedures.

Document Classification - KPMG Confidential 12

© 2018 KPMG, a Cayman Islands partnership and a member firm of the KPMG network of
independent member firms affiliated with KPMG International Cooperative (“KPMG International”),
a Swiss entity. All rights reserved.
3.2 What you need to do to identify significant risks – factors
To evaluate whether any identified risks are significant risks, consider the following factors
based on the indicators listed in KAM 47.1060.

3.2.1 Identifying significant risks- factors

Quantitative/qualitative factors

Complexity, judgment,
measurement, uncertainty

Significant transactions with

related parties

Risk of fraud

Complexity of transactions

Risk involves SUTs

Significant economic, accounting,

other developments

In making this assessment, disregard the effect of identified controls

relating to the risk.
Involve the engagement partner and EQC reviewer early to confirm
key risk assessment decisions. Once you have identified a significant
risk, you’ll need to design your audit approach to specifically
address it

Document Classification - KPMG Confidential 13

Significant risk often Guidance

relates to:
Significant non-routine Non routine transactions are transactions that are unusual,
transactions due to either size or nature, and that therefore occur
infrequently.
Risk of material misstatement may be greater for significant
non-routine transactions arising from matters such as the
following:
― greater management intervention to specify the
accounting treatment
― greater manual intervention for data collection and
processing
― complex calculation or accounting principles
― nature of the transaction, that makes it difficult for
entity to implement effective internal control over the
risks
― related party transactions.
Significant judgement Judgemental matters may include the development of
matters accounting estimates for which there is significant
measurement uncertainty. For example, valuation of non-
marketable security, estimation of insurance claims reserve.
Risk of material misstatement may be greater for significant
judgemental matters that require the development of
accounting estimates arising from matters such as the
following:
― accounting principles for accounting estimates or
revenue recognition may be subject to differing
interpretation
― required judgement may be subjective or complex, or
require assumptions about the effect of future events,
for example judgement about model used in fair value
measurement, estimate of life expectancy used in
actuarial valuation.

Fraud risk: Fraud risk is the risk of material misstatement due to fraud.
Misstatement in the financial statements can arise from either fraud or error. The distinguishing
factor between fraud and error is whether the underlying action that result in misstatement of the
financial statements is intentional (fraud) or unintentional (error).

Document Classification - KPMG Confidential 14

— misstatement resulting from fraudulent financial reporting, and

— misstatements resulting from misappropriation of assets.
When performing risk assessment procedures and related activities, our objective is to identify
and assess any fraud risk factors and fraud risks and perform procedures to respond to the
identified fraud risk.

3.2.2 Fraud in 5 steps

Document Classification - KPMG Confidential 15

2.14.2
2.14.1
Identification and evaluation
Risk assessment and planning of fraud risk factors
discussion (RAPD)

Brainstorming on fraud and topics  Identify fraud risk factors

requiring increased critical thinking.
 Evaluate if the identified
fraud risk factors resulted in
fraud risk
2.5 • if yes, document the
Risk assessment Inquires with risk of fraud in tracker
management, TCWG, internal audit • if no, document your
rationale

Mandatory meeting with

management, TCWG, internal
audit. Discuss fraud risk.
When risk factors create a
risk of fraud

2.14.3. x
Work covering Identification and evaluation
2.11, 3.1 and of fraud risk
fraud risk 3.2

• Indicate if the risk relates to only a

part of the account balance rather
 Perform D&I of relevant than the entire account
controls that is intended to • Evaluate initial RoMM due to fraud
respond to a risk of fraud. (Moderate/High)
 Test of details to address • Document the planned audit
the identified fraud risk. approach to address the risk
(nature, timing and extent)
Note: TOE of relevant control
identified above, is not
required, as the risk of failure
of that control will be “Higher”.
Summary and conclusion 4.5.4.2
on the risk of fraud

Summary of our response to

the risk of fraud

Document Classification - KPMG Confidential 16

Risk identification (eAudit Activity - Tracker)

Identify significant risk(s) at the assertion level, whether due to error or fraud, and/or at the
financial statement level by adding a tracker issue in the Tracker Summary.

Risk of fraud

Risk of error

Clearly document the judgement you made when identifying a significant risk in the eAudit
Tracker.

Description of a significant risk factor

Document Classification - KPMG Confidential 17

3.3.2 What else should you consider?

Consider what matters you expect to include in your communications with those charged with
governance – and, if applicable, in your auditors’ report as ‘key audit matters’. Are these matters
broadly consistent with your risk assessment and planned audit approach?
Keeping these end deliverables in mind can help you:
― challenge whether all your ‘significant risks’ really are significant;
― identify any you might have missed; and
― assess whether your planned procedures will appropriately respond to the risks you
identified.

3.3.3 Where can you find out more?

― Significant risk (eAudIT Tracker) (KAM 47.1045)
― Enhancing auditor reporting topic page
― Key audit matters (KAM Topic 8)
― Communicating with the Audit Committee toolkit

3.3.4 Have you described significant risks, including fraud risks, with sufficient
specificity?

What’s the issue?

Sometimes teams identify significant risks – including risks of fraud – without properly
documenting their rationale.
And sometimes teams conclude that a significant risk is present, but fail
to define it with sufficient specificity. In particular for fraud risks, teams
have failed to:

Document Classification - KPMG Confidential 18

― adequately consider how the fraud could be perpetrated, in order Fraud risk factor:
to design audit procedures that appropriately respond to the risk. ― The cash
collection clerk is
What’s the impact? generally paid low,
Inadequate documentation over your rationale for: low skilled
― identifying a significant risk; or employee and
hence are more
― the specific nature of the risk and/or your planned audit response susceptible to
raises questions about whether your planning decisions are rationalize
appropriate. This could have a significant downstream impact on misappropriation of
your planned audit approach and whether you are able to obtain assets.
sufficient appropriate audit evidence. ― CFO’s bonus
depends on the
What do you need to do? profitability of the
If you identify a significant risk, you need to define it with sufficient entity. Journal
specificity that you can design an audit approach that responds to that entries passed by
risk. CFO are not
reviewed.
When a risk is defined too broadly, it may be difficult to determine how
the audit procedures address the actual risk. Conversely, if the risk is How fraud could be
defined too narrowly, audit procedures may be focused too narrowly and perpetrated:
not be sufficient to address the actual risk.
― CFO has the ability
If you identify a risk of fraud, then you need to articulate why you believe to record fictitious
there is a fraud risk. This means documenting: revenue and
hence increase
― the fraud risk factors – e.g. incentives/pressures, opportunities,
profitability of the
and attitudes/rationalizations – that were given substantive
entity, as the
consideration; and
journal entries
― how the fraud could be perpetrated, in order to appropriately passed by CFO
design and perform procedures that respond to the fraud risks. are not reviewed.
― As the cash
collections and
deposits in the
bank, are not
reconciled on a
daily basis, the
Involve the engagement partner and EQC reviewer early to confirm key
cash collection
risk assessment decisions.
clerk could
process the
transaction and
take the money
away and never
1
Fraud risk factors are the specific events or conditions that indicate an incentive or pressure to deposit in bank.
commit fraud, provide an opportunity to commit fraud, or indicate attitudes or rationalisations to
justify a fraudulent action.

Document Classification - KPMG Confidential 19

© 2018 KPMG, a Cayman Islands partnership and a member firm of the KPMG network of
independent member firms affiliated with KPMG International Cooperative (“KPMG International”),
a Swiss entity. All rights reserved.
Where can you find out more?
― Identifying and assessing fraud risks (KAM 25.1870)
― Identifying risks with appropriate specificity (KAM 47.1025.1)
― Enhancing auditor reporting topic page
― Key audit matters (KAM Topic 8)
― Communicating with the Audit Committee toolkit

3.4 Is it clear that your planned audit approach adequately

responds to significant risks?
3.4.1 What’s the issue?
Sometimes teams fail to develop an audit approach that specifically responds to the significant
risks they’ve identified.
For example, if you identify a significant risk, you need to assess the design and implementation
(D&I) of controls that are relevant to that risk. Or if you identify a fraud risk, your audit response
must include an appropriate test of details that addresses the specific risk.
At other times, teams fail to clearly articulate in their audit documentation the link between a risk
and how their response specifically targets it.

3.4.2 What’s the impact?

Inadequate documentation of the link between the risk and your response could mean you fail to
demonstrate how you obtained sufficient and appropriate audit evidence to support your audit
opinion.
And that raises questions around the quality of the team’s planning and review process.

Document Classification - KPMG Confidential 20

― Not identifying a significant risk with sufficient specificity.

― Identifying a significant risk but not designing your planned audit approach to respond
accordingly – for example:
- not evaluating the D&I of controls for significant risks; and
- identifying a relevant control for testing that is intended to respond to a risk of
fraud, but not assessing the risk of failure for that control as being ‘higher’.
― Concluding that there is no significant risk during risk assessment, but not making the
basis for this conclusion clear in your audit documentation.
― Failing to consider how fraud could be perpetrated when designing procedures that
specifically respond to identified fraud risks.
― Failing to appropriately articulate the link between an identified risk and your response.
― Not performing a test of details to address an identified fraud risk.
― Failing to perform a test of details for significant risks of error when required – for
example, if the controls over a significant risk of error were deficient, or when a
decision has been made to not rely on controls and take a substantive approach.

3.4.3 What do you need to do?

Your planned audit approach needs to clearly demonstrate a link between:
― your risk assessment; and
― the procedures you perform in response to that assessment.

3.4.4 What else should you consider?

KAM 25.2091 says that generally, we obtain more persuasive audit evidence in response to
fraud risks than in response to risks of error. Merely increasing the extent of testing – e.g. by
using larger sample sizes – is unlikely to be an adequate response to fraud risks.
Significant risks identified in the Tracker need to be linked to the controls and substantive
procedures that address that risk, in the Planning section of eAudIT (activity 2.14.3).

3.4.5 Where can you find out more?

For requirements and guidance on appropriate responses to assessed risks (including fraud
risks), go to:
― Response to assessed risks (KAM 47.1385)
― Responses to the assessed fraud risks (KAM 25.1950)
― Risk of failure when testing the operating effectiveness of controls (KAM 57.1340)
For specific considerations about the presumed risk of fraud in revenue recognition, see the
revenue quick reference card.

Document Classification - KPMG Confidential 21

© 2018 KPMG, a Cayman Islands partnership and a member firm of the KPMG network of
independent member firms affiliated with KPMG International Cooperative (“KPMG International”),
a Swiss entity. All rights reserved.
Materiality and aggregation risk
4.1 Determining materiality for the financial statement as a whole
(eAudit activity 2.2.1) [Guidance at KAM 38.2065]
Questions to consider

— Did you use appropriate benchmarks and percentages, and consider other relevant
metrics, when determining materiality?
— Did you appropriately consider aggregation risk when determining performance
materiality?

4.1.1 Did you use appropriate benchmarks and percentages, and consider other
relevant metrics, when determining materiality?
Materiality is the amount beyond which the economic decisions of the users of the accounts are
likely to be influenced. The significance level is determined in 3 steps: each step of the
reasoning must be documented in the file! (Note: KAM US has 4 step process).

1) Identify the indicators of the financial statements (Metrics) that influence the economic
decisions of the users, including the one that will be considered as the reference aggregate
(Benchmark)

Refer to KAM's Materiality Benchmark and Other Metrics Table (MBT) to identify Metrics
and Presumed Benchmark ("Presumed Benchmark") based on entity and industry
characteristics

Consult the AQPP team in the following when both:

― materiality falls outside of the expected ranges for the benchmark; and
― the presumed benchmark is not used or there is no presumed benchmark (i.e. an
industry or scenario in the MBT is not applicable to the circumstances of the
entity).

Refer to the Updated Cayman Consultation Policy for guidance relating to materiality
benchmark consultations for liquidation audits.

Document Classification - KPMG Confidential 22

Factors Examples

Elements of the financial statements Assets, liabilities, equity, income, operating

expenses

Elements on which the attention of In order to assess financial performance,

users of an entity's financial users may tend to focus on income, or net
statements tends to focus assets

Nature of the entity, where is the Consult the MBT for examples of entities
entity in its operating cycle, as well as with results-oriented activities, activities
the business sector and the economic based on the size of the balance sheet,
environment in which the entity entities with little result, non-profit entities ...
operates

Entity's ownership structure and how If the entity is financed primarily by debt
it is financed rather than equity, users can put more
emphasis on assets, rather than on entity
results.

2) Determine Metrics amounts

Adjust the amount of Metrics specific items that do not reflect the normal activity of the
entity. Use an average if the Metrics are volatile, or choose a more stable Metric for the
reference aggregate.

Examples of items that do not reflect the normal activity are:

1. Decline in NAV of a Fund in liquidation due to capital distributions.
2. A significant increase in legal cost in the current year, due to one-time settlement
paid by the company for a litigation claim that it does not typically encounter.

3) Determine the Materiality for the financial statements as a whole, considering the Metrics
and certain qualitative factors

We use our professional judgment to determine the amount of Materiality within the
expected range for the benchmark.

The following are the expected range of materiality as a percentage of the benchmark:

Document Classification - KPMG Confidential 23

© 2018 KPMG, a Cayman Islands partnership and a member firm of the KPMG network of
independent member firms affiliated with KPMG International Cooperative (“KPMG International”),
a Swiss entity. All rights reserved.
 PBTCO" is the profit before tax of continuing operations
 Net assets correspond to equity
 Total assets are the total assets after taking into account depreciation and
amortization

For audits conducted in accordance with the standards of PCAOB, a Materiality

greater than 5% of the profit before tax of continuing operations or 0.5% of the
total assets or turnover must be submitted for approval to the EQCR before work
begins

Document Classification - KPMG Confidential 24

© 2018 KPMG, a Cayman Islands partnership and a member firm of the KPMG network of
independent member firms affiliated with KPMG International Cooperative (“KPMG International”),
a Swiss entity. All rights reserved.
The following qualitative factors can be taken into account when determining the Materiality as a
percentage of the benchmark (KAM 38.2465).

Factors Higher Amount Lower Amount

Concentration of
Concentration of ownership in a Entity with a high public profile or an
ownership and/or
small number of well-informed entity that is planning to list in the
management
individuals foreseeable future.
Debt Profile
• Restricted debt • Publically traded debt
• Lenders have access to • Loan Covenants sensitive to
management information and operational results
do not rely solely on financial
statements
Business
• Stable business environment • Unstable business environment
environment
• Relatively uncomplicated • Complex or diverse activities
activities
• Politically unstable geographical
• Limited number of products or areas
services
• Profitable and sustainable
activity
Changes in
• No changes in the investment • Changes in the investment
business activity
strategy or objectives strategy or objectives
from the prior
year • No to minimal changes in • Changes in market conditions
market conditions for the for the Fund’s principal market
Fund’s principal market
• Changes in the capital structure
• No changes in the capital
• Significant unusual transactions
structure
• No unusual transactions
Other sensitivities
• Few changes in stakeholders • The entity operates in a highly
have occurred or are regulated industry
expected
• Intention to list or register
• Few external users of the securities
entity's financial statements
• Recent or expected sale of the
entity
• Potential impact of audit
anomalies and users of financial
statements particularly sensitive
to the evolution of the entity's
performance

Document Classification - KPMG Confidential 25

© 2018 KPMG, a Cayman Islands partnership and a member firm of the KPMG network of
independent member firms affiliated with KPMG International Cooperative (“KPMG International”),
a Swiss entity. All rights reserved.
4) Evaluate the materiality amount determined in step 3 as a percentage of benchmark,
considering expected ranges (Applicable only for KAM US).

We shall document (eAudit activity 2.2.1):

a) the amount of materiality and its percentage of the benchmark, and the factors considered
in their determination;

b) the rationale for a significant change in the amount of materiality and/or its percentage of
the benchmark from that determined in the previous audit, where relevant (for e.g.,
materiality calculated at 3% of Net Asset for year 20X2 is significantly higher than
materiality for year 20X1, the engagement should document the reason for the change in
materiality amount, such as increase in NAV due to additional subscriptions);
c) our rationale when materiality falls outside of the expected range for the benchmark.

4.1.2 Determine performance materiality (eAudit activity 2.2.1)

As per KAM 38.1245, we shall determine performance materiality for purpose of assessing the
risk of material misstatement and determining the nature, timing and extent of further audit
procedures.

We shall determine performance materiality at an amount (or amounts) that reduces to an

appropriately low level the probability that the aggregate of uncorrected and undetected
misstatements in the financial statements exceeds materiality for the financial statements as a
whole (the aggregation risk).

Aggregation risk is the probability that the aggregate of uncorrected and undetected
misstatements in the financial statements exceeds materiality. As this risk increases, performance
materiality decreases.

Do not assume PM at 75% of materiality by default without appropriate consideration of

aggregation risk.

Document Classification - KPMG Confidential 26

© 2018 KPMG, a Cayman Islands partnership and a member firm of the KPMG network of
independent member firms affiliated with KPMG International Cooperative (“KPMG International”),
a Swiss entity. All rights reserved.
Examples of aggregation risk factors that can lower PM (KAM 38.2595)
1. The number and/or value of detected misstatements;
2. The value of uncorrected misstatements, including the cumulative current-period effect of
immaterial prior-period uncorrected misstatements;
3. Entity level control deficiencies;
4. The number and severity of deficiencies in control activities;
5. Turnover of senior management or key financial reporting personnel; and
6. Management’s attitude towards correcting misstatements.

As per KAM 38.1255, in determining performance materiality, the following are the expected
percentages to be applied to materiality for the financial statements as a whole, based on the level
of aggregation risk identified. If there are indicators that aggregation risk is higher than normal,
consider the expected percentages for PM in KAM 2018

Ω Also, consider whether a higher than normal aggregation risk is focused on any specific
significant account or disclosure. If so, specifically adjust PM for that significant account or
disclosure. See KAM 38.2675.

Document Classification - KPMG Confidential 27

© 2018 KPMG, a Cayman Islands partnership and a member firm of the KPMG network of
independent member firms affiliated with KPMG International Cooperative (“KPMG International”),
a Swiss entity. All rights reserved.
4.1.3 What else should you consider?
Reassessing If during the audit you detect more misstatements than you
aggregation risk expected at planning, or if the aggregate of uncorrected
when you identify misstatements is approaching materiality, then you’ll need to
misstatements consider:
― whether your initial assessment of aggregation risk is still
appropriate; and
― whether you’ll need to revise performance materiality or
other aspects of your audit strategy and approach.

Reassessing We may also need to assess aggregation risk when we plan to

aggregation risk disaggregate an account and test the portions separately. For
when you plan to example, we may disaggregate an account balance and:
disaggregate ― sample a portion of the population; and
― perform a substantive analytical procedure (SAP) on the
remaining portion.
In these circumstances, it may be appropriate to set a lower
performance materiality for sampling and/or a lower acceptable
difference for the SAP.
Similarly, when we perform a SAP at a disaggregated level, we
also develop an expectation and determine an acceptable
difference for each disaggregated portion; then to determine the
extent of evidence that the disaggregated SAP provides, we
determine the acceptable difference at the account balance level
and compare this to PM.

4.1.4 Determine audit misstatement posting threshold ("AMPT") (eAudit activity

2.2.1, 4.5.7)
The AMPT is an amount below which misstatements of amounts in the primary financial
statements would be clearly trivial

AMPT ordinarily falls between 3 to 5 percent of materiality for the financial statements as a whole.

"When we set a lower significant account/disclosure materiality, we may set a lower AMPT and
accumulate misstatements for that significant account or disclosure based on this lower AMPT."

Document Classification - KPMG Confidential 28

© 2018 KPMG, a Cayman Islands partnership and a member firm of the KPMG network of
independent member firms affiliated with KPMG International Cooperative (“KPMG International”),
a Swiss entity. All rights reserved.
Key reminders:
Don’t
― Determine your
materiality by
considering only a
single benchmark
in isolation.
By selecting only one relevant metrics ― Consider 75% of
we have ignored other potentially materiality for PM
relevant metrics, which may lead to to be default
selection of an incorrect benchmark.
assumption.

Do
― Ask yourself…
would your
materiality
judgement stand
up to external
scrutiny?
― Document your
assessment of
aggregation risk
factors.
― Document the
basis for your
judgements clearly
and consistently
on the audit file.

There is no documentation of the

consideration around the nature and
circumstances of the entity being
audited. Inadequate documentation of
your judgements in the audit file could
raise questions about whether your
materiality is appropriate.

Document Classification - KPMG Confidential 29

Adequately documents the engagement team’s considerations to arrive the

relevant metrics.

4.1.5 Where can you find out more?

― Determination of performance materiality (KAM 38.1240 and KAM 38.2575)

― Determining lower materiality and performance materiality for specific significant

accounts/disclosures (KAM 38.1265 and KAM 38.2605)
― Lowering PM for aggregation risk within an account balance when sampling (KAM
54.1280.1)or disaggregating a SAP (KAM 53.1525)
― Revise materiality and performance materiality, if appropriate (KAM 38.1295)
― Aggregation Risk – Team Talk Toolbox
― Materiality Practice Aid

Document Classification - KPMG Confidential 30

© 2018 KPMG, a Cayman Islands partnership and a member firm of the KPMG network of
independent member firms affiliated with KPMG International Cooperative (“KPMG International”),
a Swiss entity. All rights reserved.
Estimates
5.1 Accounting Estimates (eAudit activity 2.6.11)
As part of risk assessment procedures, audit teams may determine that a significant account or
disclosure contains an estimate that gives rise to a risk of material misstatement. Estimates
usually arise due to uncertainties inherent in business activities and or the basis of or method of
measurement prescribed by the financial reporting framework.

When performing risk assessment procedures audit teams shall obtain an understanding of how
management identifies transactions/events that may give rise to the need for accounting
estimates to be recognized or disclosed in the financial statements.

Inherent risk of error for the relevant assertion of the significant account or a disclosure that
contains an estimate may be assessed as Not Significant or Significant.

This eAudit screen lists significant accounts and disclosures that contain a significant estimate
identified earlier at eAudit screens 2.3.1. (Significant Accounts and Relevant Assertions) and
2.3.2 (Disclosures) respectively.

The following table provides examples of situations where accounting estimates may be
required:

Accounting estimates (other than fair Fair value accounting estimates [Source:
value) [Source: ISA 540.A6] ISA 540.A7]

— allowance for doubtful accounts — complex financial instruments, which are

not traded in an active and open market
— depreciation method or asset useful life
— share-based payments
— provision against the carrying amount of
an investment where there is — property or equipment held for disposal
uncertainty regarding its recoverability
— certain assets or liabilities acquired in a
— outcome of long term contracts
— business combination, including
— costs arising from litigation settlements goodwill
and judgments.
— and intangible assets

Document Classification - KPMG Confidential 31

I. How management makes the estimates?

a) Requirements of the applicable financial reporting framework
b) Understand management’s method, including where applicable the model
used for developing the estimate
c) Data used to prepare the accounting estimate
d) Identify the significant assumptions underlying the estimate
e) Changes in circumstances that require management to revise the estimate and
should there be a change in the method of making estimate from prior year
f) Assess the effect of estimation uncertainty
g) Extent to which management has considered contradictory evidence in arriving
at the estimate.
h) Use of an expert in making estimate
II. Results of retrospective review
III. Bias indicators and how we plan to address them

5.2 I. How management makes the estimates?

During risk assessment phase understand how management makes the estimate. This
understanding involves the following steps (as indicated in the eAudit screen 2.6.11):
a) Requirements of the applicable financial reporting framework – Applicable financial
reporting frameworks (e.g. IFRS or U.S. GAAP) prescribe specific methods of
measurement and disclosures required to be made in the financial statements in respect of
accounting estimates. Example documentation in eAudit screen is provided below.

Document Classification - KPMG Confidential 32

© 2018 KPMG, a Cayman Islands partnership and a member firm of the KPMG network of
independent member firms affiliated with KPMG International Cooperative (“KPMG International”),
a Swiss entity. All rights reserved.
b) Understand management’s method, including where applicable the model used for
developing the estimate – At the risk assessment stage audit teams need to gain an
understanding of how management develops accounting estimates. This understanding is
gained primarily through inquiry and inspection of books and records (such as accounting
policies, process narratives, etc.). Matters that we may consider in obtaining an
understanding of how management makes the accounting estimates include, for example:
- Types of accounts or transactions to which the accounting estimates relate (for example,
whether the accounting estimates arise from the recording of routine and recurring
transactions or whether they arise from non-recurring or unusual transactions).
- Whether fair value measurements are determined based on quoted prices from active or
inactive markets, prices for similar securities, financial models or a combination of
methods
- Whether the accounting estimates were made based on data available at an interim date
and, if so, whether and how management has taken into account the effect of events,
transactions and changes in circumstances occurring between that date and the period
end.
Example documentation in eAudit screen is provided below.

Document Classification - KPMG Confidential 33

© 2018 KPMG, a Cayman Islands partnership and a member firm of the KPMG network of
independent member firms affiliated with KPMG International Cooperative (“KPMG International”),
a Swiss entity. All rights reserved.
c) Data used to prepare the accounting estimate – In considering how management selected
the data and assumptions used to calculate estimates, you’ll need to assess whether
assumptions were developed using relevant and reliable data. When evaluating the
relevance and reliability of data used by management to make the estimate, consider its
nature and source (internal, external, historical, prospective etc.) as it impacts the degree
of estimation uncertainty involved in making the estimate.

IPE/IBA – Data used to make estimates is not information produced by the entity
a reminder that provides audit evidence (IPE), but rather part of the estimate that
we subject to substantive procedures – i.e. information being audited
(IBA). See the addendum on estimates and new FAQ on procedures to
perform in relation to the reliability of audit evidence from external
sources in the IPE Guide.

Example documentation in eAudit screen is provided below.

Document Classification - KPMG Confidential 34

© 2018 KPMG, a Cayman Islands partnership and a member firm of the KPMG network of
independent member firms affiliated with KPMG International Cooperative (“KPMG International”),
a Swiss entity. All rights reserved.
d) Identify the significant assumptions underlying the estimate – Assumptions are predictions
of future conditions or events or in some cases inputs (for example in case where a model
is used to make an estimate) used in making an estimate. An assumption maybe deemed
to be significant if a reasonable variation in the assumption would materially affect the
measurement of the accounting estimate. The presence of one or more significant
assumptions may indicate that the estimate has high estimation uncertainty, which may
then give rise to a significant risk. Some examples of significant assumptions in case of fair
valuing a private equity investment (like a hotel, privately owned life sciences company,
unlisted companies, etc.) could be future cash flows (compounded annual growth rate
(CAGR%)), discount/interest rates (weighted average cost of capital), exit multiples, etc.

Example documentation in eAudit screen is provided below.

e) Changes in circumstances that require a revision of the estimate or a change in the

method of making estimate from prior year – A change in circumstances or a change in
from prior period that requires a revision in the estimate or a change in the method for
making the estimate could occur due to changes in the requirements of the applicable
financial reporting framework, terms of transactions that gave rise to accounting estimates,
regulatory changes, method to which management has changed provides a more
appropriate basis of measurement, etc.
f) Assess the effect of estimation uncertainty –
Matters that we may consider in obtaining an understanding of whether management has
assessed the effect of estimation uncertainty include:
- Whether an assumption or input is observable/unobservable (observable – lower uncertainty &
unobservable – higher uncertainty)
- Nature and source of data (internal, external, historical, prospective etc.) (external & historical –
lower uncertainty & internal & prospective – higher uncertainty)
- Whether alternative assumptions or outcomes have been considered, for example management
performing sensitivity analysis to determine the effect of changes in assumptions
- How management determines accounting estimates when analysis indicates a number of
outcome scenarios, for example estimates for unrecognized tax benefits.
Degree of estimation uncertainty influences our assessment of the risks of material misstatement
(higher the uncertainty greater the chance of a significant risk being associated to the estimate).

Document Classification - KPMG Confidential 35

g) Extent to which management has considered contradictory evidence in arriving at the

estimate – Audit team shall also include in the audit documentation management’s
consideration of contradictory or inconsistent evidence in arriving at the estimate.
Identification of contradictory evidence doesn’t necessarily mean that there is a
misstatement. For Example when estimating the value of an investment in an Airport future
cash flows are based on passenger traffic and number of airlines primarily. It is assumed
that future passenger traffic will grow at a rate of 15% per year however in the past
passenger traffic has never grown by more than 7%. Management believes that 15% is
appropriate as 4 new airlines will be starting new flights from that airport to major cities in
North America. The 7% growth rate is inconsistent with the 15% used in the valuation of
the Airport.

Example documentation in eAudit screen is provided below.

h) Use of an expert in making estimate – In some cases, management may need to engage
an expert to make, or assist in making, accounting estimates. This need may arise
because of:
- Accounting estimates are complex and management lacks the requisite skills
- specialized nature of the matter requiring estimation, for example, the measurement of
mineral or hydrocarbon reserves in extractive industries
- the technical nature of the models required to meet the relevant requirements of the
applicable financial reporting framework, as may be the case in certain measurements at
fair value

Document Classification - KPMG Confidential 36

© 2018 KPMG, a Cayman Islands partnership and a member firm of the KPMG network of
independent member firms affiliated with KPMG International Cooperative (“KPMG International”),
a Swiss entity. All rights reserved.
If management will use an expert to derive an estimate, consider how this will impact your
audit procedures. For example, you need to evaluate and challenge the work performed by
management’s expert and may need to involve a KPMG specialist to assist.

Example documentation in eAudit screen is provided below.

5.3 II. Results of retrospective review

Audit teams should review the outcomes of accounting estimates included in the prior period
financial statements in the current period. The nature and extent of the review of the outcome of
accounting estimates included in the prior period financial statements is a matter of professional
judgment. The outcome of an accounting estimate will often differ from the accounting estimate
recognized in the prior period financial statements. The most common method of retrospective
review is comparing actuals in the current period with the estimates made in the prior period.
However, the review is not intended to call into question the judgments made in the prior periods
that were based on information available at the time.
By performing retrospective review procedures audit team are able to identify and understand
the reasons for such differences and obtain information regarding the effectiveness
management’s estimation process.

Example documentation in EAudit screen is provided below.

5.4 III. Bias indicators and how we plan to address them

Accounting estimates are imprecise and can be influenced by management judgment. Such
judgment may involve unintentional or intentional management bias (for example, as a result of
motivation to achieve a desired result). The susceptibility of an accounting estimate to
management bias increases with the subjectivity involved in making it.
Audit teams should design and perform audit procedures to review accounting estimates for
biases and evaluate whether the circumstances producing the bias, if any, represent a fraud
risk. In performing this review, we shall perform a retrospective review of management
judgments and assumptions related to accounting estimates reflected in the financial statements
of the prior year.

Document Classification - KPMG Confidential 37

© 2018 KPMG, a Cayman Islands partnership and a member firm of the KPMG network of
independent member firms affiliated with KPMG International Cooperative (“KPMG International”),
a Swiss entity. All rights reserved.
Examples of indicators of possible management bias with respect to accounting estimates
include:
- changes in an accounting estimate, or the method for making it, where management has
made a subjective assessment that there has been a change in circumstances
- use of an entity's own assumptions for fair value accounting estimates when they are
inconsistent with observable marketplace assumptions
- selection of a point estimate that may indicate a pattern of optimism or pessimism

Example documentation in eAudit screen is provided below.

Once all the above eAudit screens are populated an estimates summary screen will be
populated automatically. See below an example eAudit Estimates Summary screen.

5.4.1 Estimates Summary

Document Classification - KPMG Confidential 38

© 2018 KPMG, a Cayman Islands partnership and a member firm of the KPMG network of
independent member firms affiliated with KPMG International Cooperative (“KPMG International”),
a Swiss entity. All rights reserved.
Document Classification - KPMG Confidential 39
© 2018 KPMG, a Cayman Islands partnership and a member firm of the KPMG network of
independent member firms affiliated with KPMG International Cooperative (“KPMG International”),
a Swiss entity. All rights reserved.
5.4.2 Where can you find out more?
― Estimates, including fair value estimates (KAM 20.0000)
― Auditing Accounting Estimates, Including Fair Value Accounting Estimates, and Related
Disclosures (ISA 540)
― Practice Aid - Guidance relating to audit documentation when auditing estimates
― ALex Topic Overview – Estimates
― Management's experts (KAM 62.0000)
― Estimates Team Talk Toolbox
― IPE Guide and addendum (December 2017)
― KPMG's Professional Judgement Process
― Technical Topic Audit Approach Guides (TTAAGs)

Document Classification - KPMG Confidential 40

© 2018 KPMG, a Cayman Islands partnership and a member firm of the KPMG network of
independent member firms affiliated with KPMG International Cooperative (“KPMG International”),
a Swiss entity. All rights reserved.
Understanding of IT
6.1 eAudit activity 1.2.2, 2.6.10, 2.11 and 2.13
Engagement teams should gain an understanding of entity’s Information & Technology (IT) or
Information System environment used in the financial reporting process and how the entity has
responded to risks arising from IT. IT environment includes IT applications, as well as the IT
policies and procedures of the entity, including service providers (like administrators). Audit
teams while gaining an understanding of the process activities also need to consider the role of
IT applications at the process level. This step of gaining understanding of the IT environment
and IT applications at a process level has to be carried out by all audit teams irrespective of the
audit approach followed by them (i.e. controls or a fully substantive approach).

When audit teams evaluate the design and implementation of controls in a process, they identify
"What Could Go Wrongs" (WCGWs) and select the relevant controls, including IT application
controls that address those "what could go wrongs".

Questions to consider at screens (1.2.2, 2.6.10, 2.11 & 2.13)

1.19 Did engagement team appropriately involve IRM specialists in the audit?
1.20 Did the engagement team obtain an understanding of the entity's IT environment?
a) Key elements of understanding the entity’s IT environment and how the entity
responds to risks arising from the use of IT.
b) Document the procedures performed to gain an understanding of the IT
environment and how entity responded to risks arising from use of IT.
1.21 Did engagement team gain understanding of IT applications at a process level and
identify relevant IT application?
1.22 Has the audit team identified general IT controls (GITCs) that are linked to the
identified IT application?

6.2 Did engagement team appropriately involve IRM specialists in

the audit?
Audit teams may consider involving IRM specialists to assist them in performing a variety of
audit procedures such as obtaining an understanding of IT and addressing the risks related to
application controls, including testing relevant application controls and general IT controls.
Engagement partner shall involve an IRM specialist for audit engagements that meet at least
one of the following criteria:

Document Classification - KPMG Confidential 41

© 2018 KPMG, a Cayman Islands partnership and a member firm of the KPMG network of
independent member firms affiliated with KPMG International Cooperative (“KPMG International”),
a Swiss entity. All rights reserved.
― Entity's business is so highly dependent on IT processes to maintain its financial reporting
and accounting books and records including IT processes performed by service
organizations, such that we are unable to obtain sufficient appropriate audit evidence
without reliance on application controls; and

― We intend to rely on the operating effectiveness of application controls to respond to a

significant risk.

Example documentation in eAudit screen is provided below.

6.3 Did the engagement team obtain an understanding of the

entity's IT environment?

a) Key elements of understanding the entity’s IT environment and how the entity responds to
risks arising from the use of IT – IT benefits an entity’s financial reporting process by
processing large amounts of data in a short time, carry out complex calculations, provide
analysis of information, etc. On the other hand use of IT also brings risks like unauthorized
access to data, inappropriate manual intervention, loss of data due to inadequate data
backup policies, etc.
Auditors need to gain understanding of the IT systems that are related to the financial
reporting process like
- IT applications, database, operating system, network
- IT systems initiating, recording and processing transactions
- Systems transferring data to the general ledger, Trial balance and then the financial
statements
- Systems carrying out calculations like depreciation, aging of receivables, gains/losses,
etc.
- General IT controls environment (could be automated, manual or manual with an
automated component)

Document Classification - KPMG Confidential 42

© 2018 KPMG, a Cayman Islands partnership and a member firm of the KPMG network of
independent member firms affiliated with KPMG International Cooperative (“KPMG International”),
a Swiss entity. All rights reserved.
An entity responds to the risks arising from the use of IT by establishing effective controls
that maintain integrity of information and security of data.

Example documentation in eAudit screen is provided below.

b) Document the procedures performed to gain an understanding of the IT environment and

how entity responded to risks arising from use of IT – Audit teams can gain understanding
of an entity’s IT environment and how it has responded to risks arising from the use of IT
through inquiries of management and inspection of IT policies, process & control narratives
and or flow charts. In instances where financial reporting process is outsourced to a
service provider auditor can gain an understanding by inspecting service auditor’s report
(SOC 1 or ISAE 3402).

Document Classification - KPMG Confidential 43

6.4 Did engagement team gain understanding of IT applications at a

process level and identify relevant IT application?
Application controls operate at a business process level. These controls help ensure that
transactions occurred, are authorized, and are completely and accurately recorded and
processed. Application controls may be automated controls or manual controls with an
automated component.

Audit team’s objective is to identify the controls that address the "what could go wrongs" and not
to identify application controls of various types. An example of application control could be
restricting system access to selected business functions, such as the ability to approve purchase
orders up to an established limit. When a relevant application control resides in a database or a
system component, we identify that database or system component as a relevant IT application
control OR A relevant IT application is an application that contains a relevant application control
(i.e. an application control for which we will evaluate the design and implementation).
Example documentation in eAudit screen is provided below.

Document Classification - KPMG Confidential 44

© 2018 KPMG, a Cayman Islands partnership and a member firm of the KPMG network of
independent member firms affiliated with KPMG International Cooperative (“KPMG International”),
a Swiss entity. All rights reserved.
6.5 Has the audit team identified General IT Controls (GITCs) that
are linked to the identified IT application?

GITCs are policies and procedures that relate to one or more IT applications. GITCs apply to
mainframes, client server systems, file servers, end-user computing environments, or
combination thereof. GITCs maintain integrity of information and security of data by maintaining
control over elements like access to programs & data, program changes, program development
and computer operations.

Where audit team has identified a relevant IT application it will then identify at least one (or
more) GITC environment that supports the consistent operation of the application control during
the period. A GITC control environment is a particular "processing environment" that shares a
common set of general IT policies or procedures to support the effective functioning of relevant
application controls.

Audit team should test (design, implementation & operating effectiveness) only the relevant
GITCs that support the effective operation of application controls that they plan to rely on. But in
instances where the financial reporting process is outsourced the engagement team may not
need to test GITCs (or most GITCs) as they can leverage the service auditor’s report (SOC 1 or
ISAE 3402). Where audit team does not intend to rely on the operating effectiveness of
application controls it is not necessary to obtain audit evidence as to the operating effectiveness
of GITCs.

In some circumstances, it may not be possible to rely on application controls if related GITCs are
not effective.
Example documentation in eAudit screen is provided below.

Document Classification - KPMG Confidential 45

© 2018 KPMG, a Cayman Islands partnership and a member firm of the KPMG network of
independent member firms affiliated with KPMG International Cooperative (“KPMG International”),
a Swiss entity. All rights reserved.
Note: Instances where the financial reporting process is outsourced and the audit teams are
leveraging the service auditor’s report documentation on GITCs is captured in eAudit at 2.9.8.2.x

6.5.1 Where can you find out more?

― IT Environments and IT Controls (KAM 32.0000)
― ISA 315 (Revised) - Identifying and Assessing the Risks of Material Misstatement
through Understanding the Entity and Its Environment

6.6 Planning approach on IT (Overview)

Engagement teams need to document understanding of the IT environment and the

2.6.10

Pour identifier
resulting risksles ITAC, realizer
(including un walkthrough
significant risks if any) en binôme équipe
irrespective d’audit / followed
of the approach spécialiste
(i.e. IT
ou référent IT a controls or a fully substantive approach)

Understand process activities including IT application controls irrespective of the approach

followed (i.e. a controls or a fully substantive approach)
2.11

Identify What Could Go Wrong (WCGW) and relevant controls that address the WCGW

Relevant Manual Controls Relevant Application Controls

Manual Component Automated Component

2.13

Identify relevant GITCs that support relevant

application controls

Document Classification - KPMG Confidential 46

© 2018 KPMG, a Cayman Islands partnership and a member firm of the KPMG network of
independent member firms affiliated with KPMG International Cooperative (“KPMG International”),
a Swiss entity. All rights reserved.
Information produced by the entity that
we use as audit evidence
7.1 Relevant eAudit screens:
1.2.2 Scaling
2.10.1.x HLC Description and D&I
2.10.1.1 Relevant higher level controls
2.11.x.2.x PLC Description and D&I
2.11.IPE.0 A&C of Information Produced by the Entity
2.11.IPE.1 IPE in Controls – Controls Testing,
2.11.IPE.1.x.2.1 IPE Relevant Controls
3.1.IPE.1 IPE in Controls – Control Testing Summary
3.1.IPE.1.x.2.1 IPE Perform TOE

7.2 Have you identified all information produced by the entity that
you plan to use as audit evidence (IPE)?
7.2.1 What’s the issue?
We use IPE when designing and performing audit procedures, including when we perform risk
assessment or tests of controls. However, we may fail to realize this – and therefore fail to evaluate
or test whether the information is relevant and sufficiently reliable.
Confusion relating to IPE and IBA results in the IBA being tested as IPE:

• instead of being tested by the substantive procedure, resulting in the wrong work being
performed; or
• as well as being tested by the substantive procedure, resulting in duplication of effort.

7.2.2 What’s the impact?

If an audit procedure uses information as audit evidence that isn’t relevant and sufficiently reliable,
then the procedure may not provide sufficient appropriate audit evidence.

7.2.3 What do you need to do?

To avoid surprises later in the audit, make sure you identify during planning:
― what IPE you plan to use; and
― how you will evaluate or test it.

Document Classification - KPMG Confidential 47

© 2018 KPMG, a Cayman Islands partnership and a member firm of the KPMG network of
independent member firms affiliated with KPMG International Cooperative (“KPMG International”),
a Swiss entity. All rights reserved.
7.2.4 What is the difference between IBA and IPE?
Auditing standards do not define IPE, but refer to it in the context of the reliability of audit evidence.
The information being audited ("IBA") by an audit procedure is an account balance or disclosure,
or a more detailed representation of that account balance or disclosure that we use as the basis
of our audit procedure to gain evidence over that account balance or disclosure.
Our intent in using the label 'IPE' in our methodology is to identify instances where we are relying on
information that is outside of the primary audit procedure, but may be used when performing the
primary audit procedure.
IPE is a subset of information produced by the entity.
As shown in the graphic, we split information produced by the entity into two:
- the information that we are going to audit, and
- the information that provides audit evidence.

• Information used in audit can be IPE or IBA: We may use the same information in multiple
procedures – sometimes we’ll audit it and sometimes we’ll rely on it as audit evidence. So the
data in a single report can be IPE in one procedure and information being audited (IBA) in
another. It depends how we use the information! Use the flow chart to decide whether
information is IPE or IBA.

Document Classification - KPMG Confidential 48

© 2018 KPMG, a Cayman Islands partnership and a member firm of the KPMG network of
independent member firms affiliated with KPMG International Cooperative (“KPMG International”),
a Swiss entity. All rights reserved.
Example: Investments Purchases and Sales report
— When performing an Investment Roll, the objective of the procedure is to test CEA of
cost of investments – the Purchases and Sales report becomes the IPE.
— When performing testing of potential tax exposure, the objective of the procedure is to
test CEA of Income tax exposure – the RGL report becomes the IPE.
— When testing for CEA of purchases and sales of investments for purpose of RGL testing
– the Purchases and Sales report is IBA because purchases and sales are key inputs to
the RGL formula.

• The same report may contain both of the IBA and the IPE: Thinking of a ‘report’ as IPE
is an over-simplification that may result in inappropriate testing of IPE. Focus on the
relevant data elements within the report that a control uses or that you use as part of a
procedure. Then identify which of those specific data elements are IPE or IBA.

• In a substantive procedure, there is IBA but not necessarily IPE. IPE is more common in
the context of a SAP than in test of details.

• When conducting TOE, information used to carry out testing is not IBA but it may be
IPE.

• External information is not IPE, but we must consider the nature and reliability of the source
and consider its relevance.
Example: Using purchases and sales report to test the CEA of purchases and sales as reported in the
statement of cash flows:

DEAL_NUMBER TRADE_DATE SETTLEMENT_DATE TRADE_TYPE SNAME TSNUMBER PRICE CURRENCY_CODE GROSS_AMOUNT COMMISSION COST REALISED_PROFIT
79415 21 March 2017 24 March 2017 BO Lena Lighting SA 40,000.00 4.31 PLN 172,449.78 152.22 -
126889 16 November 2017 20 November 2017 SH EREGLI DEMIR VE CELIK FABRIK - 125,290.00 8.91 TRY - 1,115,946.75 568.15 524,837.89 591,677.01

Report Field Description IPE/IBA Reasons

TRADE_DATE Trade date IBA Test to ensure appropriate cut-off of purchases
and sales.
TRADE_TYPE Trade Type IBA We test this information to distinguish between a
(purchase or purchase and a sale.
sale)
SNAME Security name IBA We test this amount to correctly calculate the gross
TSNUMBER Quantity traded IBA amounts.
PRICE Trade price IBA
CURRENCY_CODE Currency of IBA We test this information to correctly recalculate the
security amounts in reporting currency.
GROSS_AMOUNT Gross amount IBA We test this item as the item reported in the
statement of cash flows.
COMMISSION Commission N/A Commission is not considered in when testing
amount purchases and sales for cash flow statement.
COST Cost of security N/A Cost is not considered in when testing purchases
traded and sales for cash flow statement.
REALISED_PROFIT Realized NA We don't audit this information as this is not directly
gain/loss on related to the objective of the procedure.
sales

Document Classification - KPMG Confidential 49

© 2018 KPMG, a Cayman Islands partnership and a member firm of the KPMG network of
independent member firms affiliated with KPMG International Cooperative (“KPMG International”),
a Swiss entity. All rights reserved.
7.2.5 What do we need to test for?
If you intend to use IPE as audit evidence, then you need to determine whether it is relevant and sufficiently
reliable.

Reliability of IPE refers to the Accuracy and Completeness of the IPE rather than the accuracy and
completeness of the account balance or disclosure being tested (i.e. IBA).

These are not the C and A assertions from the CEAVOP model.

When it comes to IPE these terms retain their normal English meaning. It’s important to note that when IPE
is referred to as being ‘accurate and complete’ this means that the IPE:

— contains all the data it should;

— contains only the data it should; and
— contains data that is correct.
So when we test the accuracy and completeness of IPE, we need to test that all the relevant data is included
in the IPE and that it represents a valid item that should be included in the data. Testing both of these will
also test that the data is correct.

Accuracy also relates to the way the data is manipulated and presented in a report – e.g. groupings,
calculations based on the data, and totals in the report.

We need evidence that the IPE is accurate and complete each time we use it.

So if IPE is used in a control, it needs to be accurate and complete each time the control operates. And if it
is used in a substantive procedure, we need to consider whether we use more than one instance of the IPE
(it needs to be accurate and complete each time we use it).

7.2.6 Nature and extent of testing

We generally need less evidence over IPE when it’s used in a risk assessment procedure than if it is used
in controls or substantive testing. This is because risk assessment procedures do not provide sufficient
appropriate audit evidence on which to base the audit opinion.

We may not need to test the IPE at all, if we can rely on evidence from audit procedures that we’ve
already performed.

Understanding this before you do the work can help you take an approach that’s as effective and
efficient as possible.

Document Classification - KPMG Confidential 50

① ②

7.2.8 ① Testing controls over the ② Direct testing of the relevant data
flow of information into IPE elements
WCGWs can occur at several points as The risks relating to data input, data integrity, and
information flows through the IT system. We data extraction and manipulation as noted in
need to understand how information flows Option 1 are still relevant when direct testing –
through the entity’s systems. but they are all addressed together, in the one
procedure, when we directly test between the
This diagram shows the key risks within the IT IPE and the source data.
system that we need to understand and address
through control testing. As we don’t need to identify specific WCGW and
controls, we need a less detailed understanding
of how information flows through the entity’s IT
system than when we test controls.

Accuracy: check the consistency of the relevant

data elements of IPE with the source information.
Test each data element on which the team relies
on.
Test the controls (automated or manual) over the flow of
information
Population Minimum
If we plan to test controls over IPE, we need to Size Sample
do so for controls over the flow of information ≤ 50
from input to extraction – not just the
configuration of the report generated by the 51 – 250 15
system.
> 250 25

Completeness: Test the completeness by, for

example, reconciling the IPE with the trial
balance or any other reciprocal population.

Document Classification - KPMG Confidential 51

© 2018 KPMG, a Cayman Islands partnership and a member firm of the KPMG network of
independent member firms affiliated with KPMG International Cooperative (“KPMG International”),
a Swiss entity. All rights reserved.
7.2.9 How do I document IPE and IPE Testing in eAudit?
7.2.9.1 Scaling eAudIT for IPE testing
In Activity 1.2.2 Scaling, selecting ‘Yes’ to the question Do you plan to test the operating effectiveness of controls
for significant account(s)/ disclosure(s)? Activates IPE functionality in Activities 2.11.x.2.x PLC Description and
D&I and 2.10.1.x HLC Description and D&I.

7.2.9.2 Identifying IPE in a control

Linking IPE to process level controls (Activity 2.11.x.2.x)

For each process level control, identify whether IPE is relied on in the performance of the control and, if so,
create and/or link the IPE to the control:
• Navigate to the PLC Description and D&I Sub-Activity 2.11.x.2.x.
1

1. Select ‘Yes’ to the question ‘Is information produced by the entity relied on in the performance of this
control, where we plan to perform test of operating effectiveness for this control?’
The grid Information produced by the entity relevant to the control then appears.
2. Click ‘Manage/Select Information produced by the entity’; a pop-up window opens so you can create
and/or select the relevant IPE.

3. Add new entry if needed and/or check the box of the relevant IPE.
4. Click Save and close the window. The selected IPE will be displayed in Activity 2.11.x.2.x PLC
Description and D&I.

 Upon selection of an IPE in Activity 2.11.x.2.x, the response to the IPE question cannot be modified.

Document Classification - KPMG Confidential 52

© 2018 KPMG, a Cayman Islands partnership and a member firm of the KPMG network of
independent member firms affiliated with KPMG International Cooperative (“KPMG International”),
a Swiss entity. All rights reserved.
Linking IPE to higher level controls (Activity 2.10.1.x)
For each higher level control, identify whether IPE is relied on in the performance of the control and, if so,
create and/or link the IPE to the control:
• Navigate to the Activity 2.10.1.1 Relevant higher level controls and link the HLC to a financial process.
• Navigate to the HLC Description and D&I Sub-Activity 2.10.1.x.
1

1. Select Yes to the question Is Information produced by the entity relied on in the performance of this
control, where we plan to perform test of operating effectiveness for this control?
The grid Information produced by the entity relevant to the control then appears.
2. Click Manage/Select Information produced by the entity; a pop-up window opens so you can create
and/or select the relevant IPE.

3. Add new entry if needed and/or check the box of the relevant IPE.
4. Click Save and close the window. The selected IPE will be displayed in Activity 2.10.1.x HLC Description
and D&I.

 Upon selection of an IPE in Activity 2.10.1.x, the response to the IPE question cannot be modified.

Document Classification - KPMG Confidential 53

 Direct testing of the data is only available for selection in International FSA and International FSA &
JPN ICOFR Audit workflows.

When IPE is linked to a process level control or higher level control, Activity 2.11.IPE.0 A&C of Information
Produced by the Entity is activated under Activity 2.11 Processes.

1
2

When a testing approach is selected for an IPE, a new Activity group is created specifically for documenting
work performed on that IPE.
5. If Control Testing is selected, Activity group 2.11.IPE.1 IPE in Controls – Controls Testing, Activity
2.11.IPE.1.x.2.1 IPE Relevant Controls, Activity group 3.1.IPE.1 IPE in Controls – Control Testing
Summary and Activity 3.1.IPE.1.x.2.1 IPE Perform TOE are activated.
6. If Direct Testing of the data is selected, Activity group 2.11.IPE.2 IPE in Controls – Direct Testing of the
data, Activity 2.11.IPE.2.1 Direct Testing of the data Summary and Activity 2.11.IPE.2.x IPE Direct
Testing Workscreen are activated.

 Clicking on the button View by Process/Audit program opens a pop-up window that displays a list of
IPE that are associated with each relevant financial process and/or audit program (via being linked to
controls / procedures within each of these processes / audit programs, respectively).

Document Classification - KPMG Confidential 54

 The documentation of control testing for IPE has similar features to control testing for process level
controls. Refer to the quick reference card Understanding and testing process level controls on ALex
for guidance on how to complete Activity Groups 2.11 Processes and 3.1 Test of operating
effectiveness.

• Document our understanding of the flow of information from data input through to generation of the IPE
in Activity 2.11.IPE.1.x.2.1 IPE Relevant Controls including relevant IT applications.
• Identify (A) the relevant data elements (RDEs) and (B) link them to relevant process WCGWs or
additional WCGWs not already documented in other processes.

 Process level controls and higher level controls linked to a process WCGW will repurpose into the grid
Control from other processes addressing WCGWs linked to RDEs in Activity 2.11.IPE.1.x.2.1 IPE
Relevant Controls when a RDE is linked with a process WCGW.

• Identify controls over the A&C of RDEs.

• Document IPE control description, link to WCGWs and evaluate design and implementation of the IPE
control in Activity 2.11.IPE.1.x.2.x IPE Control Description and D&I.
• Test of operating effectiveness (TOE) for each identified IPE control is documented in Activity
3.1.IPE.1.x.2.x IPE TOE Workscreen.
• Document the conclusion for A&C of the IPE in Activity 3.1.IPE.1 IPE in Controls – Control Testing
Summary.

• Conclusions will repurpose to the PLC description and D&I Sub-Activity 2.11.x.2.x and the HLC
description and D&I Sub-Activity 2.10.1.x (and the respective TOE Sub-Activities, 3.1.x.1.x and 2.10.3.x)
to be considered by the engagement team while evaluating D&I and the TOE of controls.

Document Classification - KPMG Confidential 55

© 2018 KPMG, a Cayman Islands partnership and a member firm of the KPMG network of
independent member firms affiliated with KPMG International Cooperative (“KPMG International”),
a Swiss entity. All rights reserved.
Taking a direct testing of the data approach (IPE in Controls)
• Document our understanding of the flow of information from data input through to generation of the IPE
in Sub-Activity 2.11.IPE.2.x

• Identify (A) the RDEs and (B) the procedures performed to directly test each RDE.
• Conclude on the A&C of the IPE.
• Conclusions will repurpose to the PLC description and D&I Sub-Activity 2.11.x.2.x and the HLC
description and D&I Sub-Activity 2.10.1.x (and the respective TOE Sub-Activities, 3.1.x.1.x and 2.10.3.x)
to be considered by the engagement team while evaluating D&I and the TOE of controls.
7.2.9.3 Identifying IPE in a substantive procedure

For each substantive procedure, identify whether IPE is used to provide audit evidence and, if so, create
the IPE or link the IPE documented elsewhere to the procedure:

• Select Yes to the question Do we plan to use information produced by the entity as audit evidence in
the substantive procedure?
The grid Items of information produced by the entity providing audit evidence in the substantive
procedure then appears.

1
2
3

• For each item of IPE created in the grid, select the testing approach:
1. For Procedures performed in 2.11.IPE, click on the ellipsis button and select the relevant IPE already
documented in 2.11.IPE – relevant data and conclusions for the selected IPE are redisplayed back into
Activity 3.2.x.4.x Substantive Procedures (below).

2. For Control testing, Activity group 2.11.IPE.3 IPE in Substantive Procedures – Control Testing,
Activity 2.11.IPE.3.x.2.1 IPE Relevant Controls for each IPE, Activity group 3.1.IPE.3 IPE in
Substantive Procedures – Control Testing Summary and 3.1.IPE.3.x.2.1 IPE Perform TOE for each
IPE are activated, with the relevant data and conclusions for the IPE redisplayed back into Activity
3.2.x.4.x Substantive Procedures.

Document Classification - KPMG Confidential 56

© 2018 KPMG, a Cayman Islands partnership and a member firm of the KPMG network of
independent member firms affiliated with KPMG International Cooperative (“KPMG International”),
a Swiss entity. All rights reserved.
 The Activity groups and Activities noted above operate in exactly the same way as noted in the earlier
section “Taking a control testing approach (IPE in Controls)”

3. For Direct Testing of the data, a textbox is activated to document our understanding of the flow of
information from data input through to generation of the IPE, the procedures performed to assess
the A&C of the IPE and the results of those procedures with the conclusion on the A&C of the IPE
recorded via drop-down option in the grid.

7.2.10 What else should you consider?

Estimates Inputs to estimates are not IPE, but rather part of the estimate that we
subject to substantive procedures – i.e. information being audited (IBA).
See the addendum on estimates and new FAQ on procedures to perform
in relation to the reliability of external evidence in the IPE Guide.

Remember: eAudIT 2018 enables you to:

― link relevant data elements to WCGWs and substantive testing procedures; and
― repurpose key IPE testing information from eAudIT section 2.11.IPE into related control /
substantive procedure workscreens.

7.2.11 Where can you find out more?

― Information produced by the entity that we use as audit evidence (KAM 9.1455)
― A Guide to identifying and evaluating IPE including (December 2017) [International Version]
― Information used in the audit: Understanding IPE (October 2016) [US Version]

Document Classification - KPMG Confidential 57

Edward Gwekwete
Director, AQPP
T +1 345 914 4461
E egwekwete@kpmg.ky

Rajesh Pinjani
Senior Manager, AQPP
T +1 345 815 2604
E rpinjani@kpmg.ky

Varun Sharma
Senior Manager, AQPP
T +1 345 914 4153
E varunsharma@kpmg.ky

Devendra Pathak
Manager, AQPP
T +1 345 914 4324
E devendrapathak@kpmg.ky

kpmg.ky

© 2018 KPMG, a Cayman Islands partnership and a member firm of the KPMG network of
independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a
Swiss entity. All rights reserved.
The information contained herein is of a general nature and is not intended to address the
circumstances of any particular individual or entity. Although we endeavor to provide accurate and
timely information, there can be no guarantee that such information is accurate as of the date it is
received or that it will continue to be accurate in the future. No one should act on such information
without appropriate professional advice after a thorough examination of the particular situation.
The KPMG name and logo are registered trademarks or trademarks of KPMG International.

Document Classification - KPMG Confidential

Estimates - Specialists
No ratings yet
Estimates - Specialists
25 pages
ISA 315 slides-ICAEW
No ratings yet
ISA 315 slides-ICAEW
39 pages
ISA 315 Revisions for Auditors
No ratings yet
ISA 315 Revisions for Auditors
10 pages
5 Purchase - Process Notes Template
No ratings yet
5 Purchase - Process Notes Template
10 pages
Final Analytics
No ratings yet
Final Analytics
10 pages
Participant Material 8.2.4.2A: Cash Receipts Controls Form SE CR Control 4
No ratings yet
Participant Material 8.2.4.2A: Cash Receipts Controls Form SE CR Control 4
8 pages
Module 10: Investments, Long-Term Debt, Shareholders' Equity Balances, and Completion of The Audit
No ratings yet
Module 10: Investments, Long-Term Debt, Shareholders' Equity Balances, and Completion of The Audit
48 pages
C. Cash PSP
No ratings yet
C. Cash PSP
23 pages
H (If Applicable) - Summary of Component Identified Deficiencies and Misstatements - Dong-Yu - 2022
No ratings yet
H (If Applicable) - Summary of Component Identified Deficiencies and Misstatements - Dong-Yu - 2022
14 pages
Module 05
100% (2)
Module 05
70 pages
SUBSTANTIVE DESIGN - Design Substantive Procedures
No ratings yet
SUBSTANTIVE DESIGN - Design Substantive Procedures
51 pages
Annual Audit Report 2021: Trade Payables
No ratings yet
Annual Audit Report 2021: Trade Payables
54 pages
Determination of Materiality
No ratings yet
Determination of Materiality
4 pages
Group Audit Components Guide
No ratings yet
Group Audit Components Guide
14 pages
Laws and Regulations: Procedure Ref / Comments
No ratings yet
Laws and Regulations: Procedure Ref / Comments
3 pages
Audit Memorandum
No ratings yet
Audit Memorandum
7 pages
Work Program - Income Taxes
No ratings yet
Work Program - Income Taxes
5 pages
Planning Activity ISA Audit Manual Reference Preliminary Engagement Activities
No ratings yet
Planning Activity ISA Audit Manual Reference Preliminary Engagement Activities
11 pages
Perform Preliminary Analytical Procedures - JayFil
No ratings yet
Perform Preliminary Analytical Procedures - JayFil
19 pages
Understanding The Entity: and Its Environment
No ratings yet
Understanding The Entity: and Its Environment
53 pages
EY EAGLe Understand Entity Level Controls
No ratings yet
EY EAGLe Understand Entity Level Controls
4 pages
Eaq Audit Risk Assessment Tool
No ratings yet
Eaq Audit Risk Assessment Tool
25 pages
Work Program - Cost of Sales
No ratings yet
Work Program - Cost of Sales
3 pages
Debt Workpaper
No ratings yet
Debt Workpaper
33 pages
Audit Skills: IFRS 16 Lease Workshop
No ratings yet
Audit Skills: IFRS 16 Lease Workshop
91 pages
Audit Working Papers - Cost of Mat. Consumed Purchases of Stock in Trade Change in Stock
No ratings yet
Audit Working Papers - Cost of Mat. Consumed Purchases of Stock in Trade Change in Stock
52 pages
SBR Revision Notes
No ratings yet
SBR Revision Notes
294 pages
Audit Program for Liabilities
No ratings yet
Audit Program for Liabilities
7 pages
Fraud Risk Assessment Procedures PKF
100% (1)
Fraud Risk Assessment Procedures PKF
3 pages
109GL (R) Audit Engmt Team Inquiry
No ratings yet
109GL (R) Audit Engmt Team Inquiry
7 pages
Management Representation Letter State Agencies
No ratings yet
Management Representation Letter State Agencies
6 pages
Kick Off Discussion 2
No ratings yet
Kick Off Discussion 2
3 pages
SAP Procedure Guide for Auditors
No ratings yet
SAP Procedure Guide for Auditors
2 pages
Test Plan Template Evaluation of Test Results Template
No ratings yet
Test Plan Template Evaluation of Test Results Template
22 pages
1.17 Ac15 Sample Size Table
100% (1)
1.17 Ac15 Sample Size Table
15 pages
Auditors' Guide to Risk Assessment
No ratings yet
Auditors' Guide to Risk Assessment
6 pages
HHH-111 Risk Assessment 03
No ratings yet
HHH-111 Risk Assessment 03
4 pages
11.20 Inherent Risk Assessment
No ratings yet
11.20 Inherent Risk Assessment
8 pages
Lecture Slides - Audit Sampling
No ratings yet
Lecture Slides - Audit Sampling
15 pages
pl888227 Tod Receivable Confirmations
No ratings yet
pl888227 Tod Receivable Confirmations
21 pages
Work Program - Equity
No ratings yet
Work Program - Equity
1 page
Audit Summary for Trade Debtors
No ratings yet
Audit Summary for Trade Debtors
20 pages
Tax Audit Essentials for CAs
No ratings yet
Tax Audit Essentials for CAs
66 pages
Audit Checklist
No ratings yet
Audit Checklist
5 pages
13100.01 Materiality
No ratings yet
13100.01 Materiality
11 pages
HHH-111 Risk Assessment 05
No ratings yet
HHH-111 Risk Assessment 05
6 pages
Nce Understand Estimates Scotand Perform Walkthrough
No ratings yet
Nce Understand Estimates Scotand Perform Walkthrough
7 pages
Related Party Audit Guidelines
No ratings yet
Related Party Audit Guidelines
11 pages
Auditing of Cost of Sales 1
No ratings yet
Auditing of Cost of Sales 1
8 pages
Trade and Other Payables
No ratings yet
Trade and Other Payables
13 pages
IAS and IFRS Materials
100% (1)
IAS and IFRS Materials
39 pages
WP Asset B - Trade Receivables
100% (2)
WP Asset B - Trade Receivables
15 pages
AU Standards PCAOB
100% (1)
AU Standards PCAOB
49 pages
Audit Evidence Essentials
100% (1)
Audit Evidence Essentials
43 pages
Bank Reconciliation Template
100% (1)
Bank Reconciliation Template
2 pages
Benefits - Aura v6 - CpMs - February 2015
No ratings yet
Benefits - Aura v6 - CpMs - February 2015
6 pages
Audit - Understand SCOTs - Disclosure Processes and Perform Walkthrough - Sales Edited
No ratings yet
Audit - Understand SCOTs - Disclosure Processes and Perform Walkthrough - Sales Edited
5 pages
IT Internal Control System - ICS-Matrix
No ratings yet
IT Internal Control System - ICS-Matrix
1 page
Auditing
No ratings yet
Auditing
5 pages
EXTAUD
No ratings yet
EXTAUD
19 pages
MY2425 XY5 447 V Class Spec 20241001
No ratings yet
MY2425 XY5 447 V Class Spec 20241001
25 pages
O&k Fault Codes
No ratings yet
O&k Fault Codes
2 pages
NAVMED P117 C6 Dental Corps
No ratings yet
NAVMED P117 C6 Dental Corps
30 pages
Psbr01 Art g1 DR STXXX 11 ST Mark Up
No ratings yet
Psbr01 Art g1 DR STXXX 11 ST Mark Up
15 pages
File Handling in Python
No ratings yet
File Handling in Python
6 pages
Clothing Manufacturer Business Plan 2
89% (9)
Clothing Manufacturer Business Plan 2
46 pages
Betting Summary: April 14, 2022
No ratings yet
Betting Summary: April 14, 2022
1 page
Vienna Convention On Diplomatic Relations 1961: Presented By: Limuel Angelo Marinay
No ratings yet
Vienna Convention On Diplomatic Relations 1961: Presented By: Limuel Angelo Marinay
13 pages
Digital Citizenship Quiz
No ratings yet
Digital Citizenship Quiz
3 pages
TL - Videographer Affidavit
No ratings yet
TL - Videographer Affidavit
2 pages
Soalan Single Subject Experimental Research
No ratings yet
Soalan Single Subject Experimental Research
21 pages
Omni Tech 17 Morris Deep Diveinto RPGFree Form
No ratings yet
Omni Tech 17 Morris Deep Diveinto RPGFree Form
68 pages
Tabel Guide Fee
No ratings yet
Tabel Guide Fee
1 page
Wireless Channel Access Methods
No ratings yet
Wireless Channel Access Methods
9 pages
Cambridge 15 Writing Test 4
No ratings yet
Cambridge 15 Writing Test 4
4 pages
MST-1 Instructions To Students
No ratings yet
MST-1 Instructions To Students
1 page
Training & Development Q&A
No ratings yet
Training & Development Q&A
18 pages
Hanger Method for Students
No ratings yet
Hanger Method for Students
4 pages
Political, Legal & Economic Systems in IB
No ratings yet
Political, Legal & Economic Systems in IB
31 pages
Partnership Interest Solutions
100% (5)
Partnership Interest Solutions
49 pages
As 2124 2125 2127-1986 (Reference Use Only) General Conditions of Contract
No ratings yet
As 2124 2125 2127-1986 (Reference Use Only) General Conditions of Contract
8 pages
Pged - FM: Post Graduate Executive Diploma in Financial Markets 2013
No ratings yet
Pged - FM: Post Graduate Executive Diploma in Financial Markets 2013
18 pages
Charles Thomas Corn v. Ralph Kemp, Warden, Jackson Diagnostic and Classification Center, 772 F.2d 681, 11th Cir. (1985)
No ratings yet
Charles Thomas Corn v. Ralph Kemp, Warden, Jackson Diagnostic and Classification Center, 772 F.2d 681, 11th Cir. (1985)
3 pages
Grade 11 Math: Simple Annuity Basics
No ratings yet
Grade 11 Math: Simple Annuity Basics
5 pages
Tracing The Culinary Timeline of Food Service in The Philippines
No ratings yet
Tracing The Culinary Timeline of Food Service in The Philippines
20 pages
Silver Screen Tele-Reality v. SundaySky
No ratings yet
Silver Screen Tele-Reality v. SundaySky
4 pages
Sediment Dynamics in Channels
No ratings yet
Sediment Dynamics in Channels
6 pages
Abdul Majid Tak (Caveat-19)
No ratings yet
Abdul Majid Tak (Caveat-19)
4 pages
Proprio Foot: Key Features
No ratings yet
Proprio Foot: Key Features
5 pages
Affidavit of Loss (Company ID) Template
79% (14)
Affidavit of Loss (Company ID) Template
1 page