lOMoARcPSD|30192311

Excel CPA Notes

Masters of Business Administration (Uganda Martyrs University)

Scan to open on Studocu

Studocu is not sponsored or endorsed by any college or university

Downloaded by Okot David (okotdavid770@gmail.com)
 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

EXCEL PROFESSIONAL
TRAINERS

MENTORING THE FUTURE

CPA (U) LECTURE NOTES

PAPER CODE: P12

PAPER NAME: Auditing and Professional Ethics and Values

We are located at Bat Valley Primary School Block B

CPA Page i
Downloaded by Okot David (okotdavid770@gmail.com)
 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

TABLE OF CONTENT
PART 1 AUDIT THEORY ........................................................................................................................ 1
SECTION 1.A: INTRODUCTI ON .......................................................................................................... 1
1.A.1 E CONCEPT OF EXTERNAL AUDITING ...................................................................................... 1
1.A.2 CHANGING ROLE OF AUDITING AND DEVELOPMENTS ....................................................... 1
1.A.3 INFORMATION GAP, ACCOUNTABILITY, STEWARDSHIP & AGENCY ............................... 2
1.A.4 POSTULATES - AUDITING & ACCOUNTING ............................................................................. 5
1.A.5 KEY CONCEPTS IN AUDITING ..................................................................................................... 5
1.A.6 QUALITIES OF AN AUDITOR ........................................................................................................ 7
1.A.7 TYPES OF AUDITS-MAJOR ............................................................................................................ 7
1.A.8 OTHER ASSURANCE/AUDIT ASSIGNMENTS ............................................................................ 8
SECTION l.B; LEGAL, REGULATORY, & ETHICAL ENVIRONMENT ....................................... 9
1.B.1 REGULATION AND AUTHORIZATION OF AUDITORS ............................................................ 9
1.B.2 APPOINTMENT, RIGHTS AND DUTIES OF COMPANY AUDITORS ..................................... 11
1.B.3 RESIGNATION & DISMISSAL OF AUDITORS ........................................................................... 13
1.B.4 AUDITING STANDARDS AND GUIDELINES ............................................................................ 14
1.B.5 ETHICAL REQUIREMENTS - FUNDAMENTAL PRINCIPLES & THREATS .......................... 14
1.B.6 AUDITOR'S LIABILITY ................................................................................................................. 15
1.B.7 REQUIREMENTS OF SPECIFIC ACTS ......................................................................................... 16
SECTION I.C AUDIT PLANNING & RISK ASSESSMENT.............................................................. 16
1.C.1 OBTAINING WORK & ACCEPTANCE OF NEW AUDIT ENGAGEMENTS -
INTRODUCTION ...................................................................................................................................... 16
1.C.2 ETHICAL, LEGAL, PRACTICAL & RISK RELATED ISSUES TO CONSIDER BEFORE
ACCEPTANCE .......................................................................................................................................... 16
1.C.3 ENGAGEMENT LETTER VS. MANAGEMENT LETTER OF REPRESENTATION VS.
MANAGEMENT LETTER ........................................................................................................................ 17
1.C.4 AUDIT OBJECTIVES & AUDIT APPROACHES/STRATEGIES................................................. 18
1.C.5 AUDIT PLANNING - INTRODUCTION ........................................................................................ 19
1.C.6 OVERALL AUDIT STRATEGY VS. OVERALL AUDIT PLAN VS. AUDIT PROGRAMME .. 20
1.C.7 AUDIT PROCESS - STAGES/STEPS/PHASES OF AN AUDIT ................................................... 21
IC.8 PROFESSIONAL SKEPTIGSM, JUDGMENT & MATERIALITY ................................................ 23
1.C.9 RISK ASSESSMENT - AUDIT RISK, COMPONENTS, BUSINESS RISK & FRAUD RISK
RESPONSES .............................................................................................................................................. 24

CPA Page ii
Downloaded by Okot David (okotdavid770@gmail.com)
 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

1.C.10 UNDERSTANDING THE ENTITY & ITS ENVIRONMENT ..................................................... 26

1.C.11 AUDIT DOCUMENTATION (WORKING PAPERS) .................................................................. 27
SECTION 1.D: INTERNAL CONTROLS ............................................................................................. 29
1.D.1 INTERNAL CONTROL SYSTEMS ................................................................................................ 29
1.D.2 COMPONENTS OR ELEMENTS OF INTERNAL CONTROL SYSTEMS, AS per COSO ......... 29
l.D.3 TESTS OF CONTROLS (INTERNAL CONTROL PROCEDURES OR TECHNIQUES) ............. 30
1.D.4 INTERNAL CONTROLS, CONTROL OBJECTIVES & TESTS OF CONTROLS -AUDIT OF
INTERNAL CONTROLS .......................................................................................................................... 32
1.D.5 COMPLIANCE TESTS - TOC VS. SUBSTANTIVE PROCEDURES & INTERNAL CONTROL
LIMITATIONS ........................................................................................................................................... 39
1.D.6 EFFECTS OF RISK ASSESSMENT - PROCESS & FINANCIAL REPORTING CONTROL
EVALUATION........................................................................................................................................... 40
SECTION l.E; AUDITING IN INFORMATION TECHNOLOGY (IT) EWT .................................. 41
1.E.1 RISKS AND CHALLENGES OF AUDITING IN AN IT ENVIRONMENT ................................. 41
1.E.2 CONTROLS IN IT ENV'T - APPLICATION CONTROLS & GENERAL IT CONTROLS .......... 42
1.E.3 COMPUTER-ASSISTED AUDIT TECHNIQUES (CAATS) - MEANING ................................... 44
1.E.4 TECHNIQUES APPLIED IN CAATS - AUDIT PROGRAMS VS. TEST DATA & TYPES OF
CAATS ....................................................................................................................................................... 44
1.E.5 BENEFITS (ADVANTAGES) AND CHALLENGES (DISADVANTAGES) ASSOCIATED
WITH USING CAATS ............................................................................................................................... 45
Advantages of CAATs (CPAJun20ll Qn2c; ............................................................................................... 45
SECTION l.F: AUDIT EVIDENCE & SAMPLING ............................................................................. 45
1.F.1 AUDIT SAMPLING - MEANING & JUSTIFICATION ................................................................. 45
1.F.2 KEY AUDIT SAMPLING & RELATED CONCEPTS (TERMINOLOGIES) ................................ 46
1.F.3 SAMPLE SIZE CONSIDERATION FACTORS .............................................................................. 47
Key factors influencing the sample size (Considerations) (CPANnv20ll0n3c) .......................................... 47
1.F.4 SAMPLE DESIGNING PROCESS & SAMPLING PROCEDURES/METHODS .......................... 47
1.F.5 APPROACH TO SAMPLE SELECTION - JUDGMENTAL & STATISTICAL ............................ 48
1.F.6 CIRCUMSTANCES WHEN AUDIT SAMPLING IS NOT APPROPRIATE................................. 50
1.F.7 SAMPLING RISK VS. NON-SAMPLING RISK ............................................................................ 50
1.F.8 AUDIT EVIDENCE - MEANING, SUFFICIENCY & APPROPRIATENESS .............................. 50
1.F.9 AUDIT EVIDENCE - TYPES, SOURCES, & METHODS/PROCEDURES OF GATHERING
AUDIT EVIDENCE ................................................................................................................................... 52
1.F.10 ANALYTICAL PROCEDURES - MEANING, TYPES & EVALUATION OF ANALYTICS .... 54

CPA Page iii

Downloaded by Okot David (okotdavid770@gmail.com)
 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

1.F.11 EXTERNAL CONFIRMATIONS (ISA 505) - CIRCULARIZATION .......................................... 55

SECTION 1.G; SUBSTANTIVE AUDIT PROCEDURES ................................................................... 57
1.6.1 MEANING OF SUBSTANTIVE AUDIT PROCEDURES .............................................................. 57
1.G.2 TYPES OF SUBSTANTIVE AUDIT PROCEDURES .................................................................... 57
1.G.3 SUBSTANTIVE PROCEDURES FOR STATEMENT OF COMPREHENSIVE INCOME (SOCI)
.................................................................................................................................................................... 58
1.G.4 SUBSTANTIVE PROCEDURES FOR STATEMENT OF FINANCIAL POSITION (SOFP) ...... 59
1.G.6 AUDIT OPINION ON FINANCIAL STATEMENTS - AUDITOR'S INDEPENDENT REPORT 66
SECTION 1.H: INTERNAL AUDIT ...................................................................................................... 69
1.H1 INTERNAL AUDITING MEANING, SCOPE, LIMITATIONS, & ROLE ..................................... 69
1.H.2 USE 0F INTERNATIONAL PROFESSIONAL PRACTISE FRAMEWORK IN INTERNAL
AUDITING ................................................................................................................................................. 70
1.H.3 EXTERNAL VS. INTERNAL AUDITING – DIFFERENCES & SIMILARITIES........................ 71
1.H.4 PERFORMING AN INTERNAL AUDIT ASSIGNMENT ............................................................. 72
1.H.5 DEVELOPMENTS IN INTERNAL AUDITING - NATURE & OUTSOURCING OF INTERNAL
AUDIT ........................................................................................................................................................ 73
PART 2 PROFESSIONAL ETHICS AND VALUES ............................................................................ 76
SECTION 2.A; INTRODUCTION ......................................................................................................... 76
2.A.4 PHILOSOPHICAL VS. PROFESSIONAL APPROACHES TO ETHICS ...................................... 78
2.A.5 ETHICAL THEORIES MORAL ABSOLUTISM VS. RELATIVISM ........................................... 78
2.A.6 ETHICAL THEORIES - CATEGORICAL IMPERATIVE (CI) ..................................................... 81
2.A.7 CONSEQUENTIALISTS VS. NON-CONSEQUENTIALISTS ETHICAL THEORIES L ............ 81
2.A.8 ETHICAL THEORIES - ROMBERG MORAL REASONING (CRITERIA IN ETHICAL
REASONING) ............................................................................................................................................ 82
2.A.9 ETHICAL OBJECTIVES OF AN ORGANISATION & ACCOUNTANCY PROFESSION ......... 84
SECTION 2.B; WORKPLACE ETHICS ............................................................................................... 84
2.B.1 MEANING OF WORKPLACE ETHICS ......................................................................................... 84
2.B.2 FACTORS DETERMINING ETHICAL BEHAVIOUR AT WORK .............................................. 85
2.B.3 IMPORTANCE OF ETHICAL BEHAVIOUR AT THE WORKPLACE ....................................... 90
SECTION 2.C; ETHICS ITS1 BUSINESS............................................................................................. 91
2.C.1 MEANING OF BUSINESS ETHICS & ETHICAL PRINCIPLES IN BUSINESSES .................... 91
2.C.2 NATURE, PURPOSE OF ETHICS & MORALS FOR ORGANISATIONAL INTERESTS ......... 91
2.C.3 SOURCES OF ETHICAL STANDARDS ........................................................................................ 93

CPA Page iv
Downloaded by Okot David (okotdavid770@gmail.com)
 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

2.C.4 TYPES OF BUSINESS ETHICAL ISSUES - FACE TO FACE, FUNCTIONAL & CORPORATE
ETHICAL ISSUES ..................................................................................................................................... 94
2.C.5 CORPORATE POLICY & FUNCTIONAL AREA ETHICS - UNETHICAL BUSINESS
PRACTICES ............................................................................................................................................... 94
2.C.6 GENERAL AREAS COVERED BY CORPORATE CODES OF ETHICS .................................... 96
2.C.7 UNETHICAL OR ILLEGAL PRACTICES - DELINEATION OF KEY UNETHICAL
PRACTICES ............................................................................................................................................... 96
2.C.8 ETHICAL DILEMMA IN BUSINESSES - EXAMPLES & GUIDING STRATEGIC CONCEPTS
OF DILEMMAS ......................................................................................................................................... 99
2.C.9 BENEFITS OF ADHERING TO BUSINESS ETHICS ................................................................. 100
2.C.10 MYTHS ABOUT BUSINESS ETHICS ....................................................................................... 100
SECTION 2.D. 1); BUSINESS & ENVIRONMENTAL ETHICS ..................................................... 101
2.D.1 SUSTAINABILITY (ACCOUNTING & REPORTING), TRIPPLE BOTTOM LINE &
INTEGRATED REPORTING .................................................................................................................. 101
2.D.2 CHALLENGES (EFFECTS) OF POLLUTION & RESOURCE DEPLETION ............................ 104
2.D.3 INTERRELATIONSHIPS AND INTERDEPENDENCE OF ECOLOGICAL SYSTEMS .......... 105
2.D.4 ECO-FRIENDLY BUSINESS PRACTICES ................................................................................. 105
SECTION 2.E: PUBLIC INTEREST & CSR ...................................................................................... 106
2.E.1 MEANING & IMPORTANCE OF PUBLIC INTEREST .............................................................. 106
2.E.2 COMPOSITION OF THE PUBLIC INTEREST - PUBLIC & INTEREST................................... 106
2.E.3 NEGATIVE & POSITIVE OUTCOMES (COSTS & BENEFITS) OF PUBLIC INTEREST ...... 107
2.E.4 DECISIONS/ ACTIONS TAKEN IN THE PUBLIC INTEREST AS A DEMOCRATIC PROCESS
.................................................................................................................................................................. 107
2.E.5 CORPORATE SOCIAL RESPONSIBILITY (CSR) IN ORGANISATIONS - CONCEPT &
IMPORTANCE......................................................................................................................................... 108
2.E.6 KEY DEVELOPMENTS IN CSR, MECHANISMS & CSR AUDIT ............................................ 109
2.E.7 CSR FRAMEWORK VIEWS - GRAY, OWEN & ADAMS, AND CARROLL'S PYRAMID .... 110
2.E.8 BENEFITS & IMITATIONS ASSOCIATED WITH CSR ............................................................ 114
SECTION 2.F; ACCOUNTANTS IN PUBLIC PRACTICE .............................................................. 115
2.F.1 PROFESSIONAL IMAGE OF AN ACCOUNTANT - ACCOUNTANT'S PUBLIC IMAGE ...... 115
2.F.2 HOW ACCOUNTANTS IN PUBLIC PRACTICE OBTAIN WORK ........................................... 115
2.F.4 ETHICAL FRAMEWORK - CONCEPTUAL & ETHICAL CONFLICT RESOLUTION Ethical
.................................................................................................................................................................. 117
2.F.5 SAFEGUARDS - GENERAL P0SSD3LE ETHICAL SAFEGUARDS ......................................... 119
General firm-wide ..................................................................................................................................... 119

CPA Page v
Downloaded by Okot David (okotdavid770@gmail.com)
 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

2.F.6 ETHICAL ISSUES - POSSIBLE ETHICAL ISSUES & SPECIFIC SAFEGUARDS ................... 120
2.F.7 ETHICAL DILEMMAS VS ETHICAL ISSUES............................................................................ 134
SECTION 2.G: CORPORATE GOVERNANCE ................................................................................ 135
2.G.1 HISTORY & ROLE OF CORPORATE GOVERNANCE IN UGANDA ..................................... 135
2.G.2 CONCEPT & SCOPE OF CORPORATE GOVERNANCE .......................................................... 135
2.G.3 PRINCIPLES OF CORPORATE GOVERNANCE ....................................................................... 136
2.G.4 GENERAL BEST PRACTICES & RECOMMENDATIONS ....................................................... 136
2.G.5 CODE OF CORPORATE GOVERNANCE IN THE UGANDAN COMPANIES ACT .............. 137
2.G.6 GUIDELINES OF THE INSTITUTE OF CORPORATE GOVERNANCE IN UGANDA (ICGU)
.................................................................................................................................................................. 138
2.G.7 THE CADBURY CODE OF BEST PRACTICES ......................................................................... 139
2.G.8 KING HI'S CODE OF GOVERNANCE PRINCIPLES ................................................................. 139
2.G.9 KING IV REPORT ON CORPORATE GOVERNANCE ............................................................. 147
2.G.11 THE SARBANES-OXLEY ACT ................................................................................................. 155
2.G.12 ROLE OF BOARD OF DIRECTORS IN CORPORATE GOVERNANCE - EXECUTIVES &
NON-EXECUTIVES ................................................................................................................................ 156
2.G.14 ROLE OF COMPANY SECRETARY, ACCOUNTANT & AUDIT COMMITTEE IN
CORPORATE GOVERNANCE .............................................................................................................. 159
2.G.15 OTHER KEY BOARD COMMITTEES - SUMMARY .............................................................. 161
2.G.16 CHAIRMAN BOARD VS. CHIEF EXECUTIVE OFFICER ...................................................... 161
SECTION 2.H: FRAUD & MONEY LAUNDERING ........................................................................ 162
2.H.1 FRAUD - MEANING, FRAUD TRIANGLE & TYPES OF FRAUD ........................................... 162
2.B.2 FRAUD VS. ERROR ...................................................................................................................... 164
2.B.3 IMPLEMENTATION OF FRAUD PREVENTION PROGRAMS - FRAUD PREVENTION
MEASURES ............................................................................................................................................. 167
2.H.4 MONEY LAUNDERING - MEANING & WAYS IT IS CARRIED OUT ................................... 168
2.H.5 PROCESS OF MONEY LAUNDERING ...................................................................................... 168
2.H.6 CONSEQUENCES OR EFFECTS OF MONEY LAUNDERING AS UNETHICAL BEHAVIOUR
.................................................................................................................................................................. 169
2.H.7 PHISHING - MONEY LAUNDERING FORM ............................................................................. 170
SECTION 2.I: WHISTLE-BLOWING................................................................................................. 171
2.1.1 MEANING OF WHISTLEBLOWING ........................................................................................... 171
2.l.2 PROCEDURES FOR DISCLOSURE OF UNETHICAL BEHAVIOUR IN PUBLIC INTEREST 171
2.1.3 KEY CONCEPTS - IMPROPRIETY & DISCLOSURE OF IMPROPRIETY ............................... 172

CPA Page vi
Downloaded by Okot David (okotdavid770@gmail.com)
 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

2.1.4 MORAL ETHICAL ISSUES & FORMS OF WHISTLEBLOWING ............................................. 172

2.1.5 INVESTIGATION PROCESS, MECHANISMS OF PROTECTION, OFFENSES & PENALTY 174
PART III - ENTREPRENEURSHIP .................................................................................................... 176
SECTION 3.A: MAKING THE BUSINESS GROW .......................................................................... 176
3.A.1 MEANING, CHARACTERISTICS & MYTHS ............................................................................ 176
3.A.2 MANAGING GROWTH IN A CHANGING ENVIRONMENT - STEPS, CHALLENGES &
GROWTH MEASURES........................................................................................................................... 178
3.A.3 SWOT ANALYSIS FOR BUSINESS GROWTH.......................................................................... 179
3.A.4 BUSINESS PROTECTION - SHOPLIFTING, INTELLECTUAL PROPERTY, SAFETY &
INSURANCE ............................................................................................................................................ 179
3.A.5 REASONS FOR BUSINESS FAILURE ........................................................................................ 182
3.A.6 SOCIAL & ETHICAL RESPONSIBILITY - BUSINESS ETHICAL RESPONSIBILITIES ....... 182
3.A.7 MARKET RESEARCH - MEANING, BENEFITS, PROCESS & MARKETING PLAN
CONTENTS.............................................................................................................................................. 183
SECTION 3.B; CREATING OWN BUSINESS/SELF-EMPLOYMENT ......................................... 184
3.B.1 MEANING & DEMERITS OF SELF-EMPLOYMENT................................................................ 184
3.B.2 FACTORS TO CONSIDER FOR ACHIEVING BUSINESS GROWTH & SUCCESS ............... 185
3.B.3 GENERATING BUSINESS IDEAS & SPOTTING OPPORTUNITIES ...................................... 186
3.B.4 SELECTING TYPE OF ORGANISATION & OPPORTUNITY ASSESSMENT PLAN ............ 188
3.B.5 PROBLEMS (PITFALLS) IN SELECTING NEW VENTURES .................................................. 188
3.B.6 THE VENTURE LIFE CYCLE - STAGES OF BUSINESSES GROWTH................................... 189
3.B.7 FINANCING SOURCES, RISK ANALYSIS & EVALUATION OF NEW VENTURES ........... 190
3.B.8 ACCOUNTING & FINANCIAL MANAGEMENT OF ENTREPRENEURIAL VENTURES.... 192

CPA Page vii

Downloaded by Okot David (okotdavid770@gmail.com)
 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

PART 1 AUDIT THEORY

SECTION 1.A: INTRODUCTION
1.A.1 E CONCEPT OF EXTERNAL AUDITING
Meaning: External audit is the independent examination of the financial statements of an entity to express
an independent opinion, by a duly appointed auditor in pursuit of that appointment.
Purpose: The primary purpose of an audit (external auditing) is to express an independent opinion on the
financial statements as to whether the reviewed books of accounts (financial statements) give a true and fair
view of the entity's financial affairs. The overall objective of the audit of the financial statements of an
entity is to add credibility to the financial statements by the expression of an independent audit opinion
thereon.
Auditing Vs Accounting: Auditing (external) is the independent review of entity's books of accounts
(equally referred to as financial statements) which are prepared as a result of accounting. Accounting is
therefore a process of recording, classifying, summarizing financial transactions and communicating
financial information through production of financial statements and/or reports, and interpretation of the
operating results portrayed in the financial statements, to facilitate decision making.
Accounting Auditing
It's a continuous process carried out It's a one-time activity after the closure of
throughout the year accounting year
It can be done by unprofessional accountant It has to be done by a professional
accountant - mandatory.
Accountant is a company's employee An auditor is an independent professional
Accountant gets regular salary for his work He gets remuneration for his professional work.
Audit fees
Accounting is concerned with recording of Its concerned with verification of accounts
business transactions systematically prepared by the accountant
Accounting precedes, auditing Auditing succeeds accounting
1.A.2 CHANGING ROLE OF AUDITING AND DEVELOPMENTS
The changing role of auditing emanated from the passing the management of organisations from owners to
professional managers, in the period of around 1850 to 1905. This increased the demand for auditors who
were seen as independent of management and who were engaged to detect not only clerical errors but also
management fraud.
Ways in Which Audit Objectives have Changed over the Years
From 1905-1930, there was an independent progression of British and American audit objectives. In the
USA and later worldwide, the audit objective gradually changed from the detection of fraud to reporting on
the actual financial condition of an entity.
From 1940 onwards, it became increasingly accepted by the auditing profession, although not necessarily
by general public, that, the primary objective of an audit was provision of an opinion on financial
statements & that, detection of fraud and error was very much a secondary objective.
Reasons for Changes in Audit Objectives over the Years
Nowadays, changes and developments in auditing relate to; emphasis on improving audit quality, audit
opinion, audit report with minimum information to be included, and audit methodology.

CPA Page 1

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

The main attributing factors in addition to passing of entity's management from owners to professionals
include but not limited to the following;
Changing business environment: The way businesses are structured continues to evolve & increase in
complexity. Audit firms' business models and methodologies have to change.
Technological advancements: Advances in technology are resulting in increased business integration.
Entities are using shared service centers, big data & this greatly affects auditing.
The changing regulatory environment: This has equally affected how audits are carried out especially
audits of multi-national entities (group audits). Regulations change day by day includes accounting,
auditing, non-accounting and non-auditing statutory requirements like Companies Act, government
policies, among others.
Increased need from various stakeholders: For instance, there have been increased concerns expressed
by small & medium businesses that need to be assisted too by auditors, small audit firms that need
support in complying with statutory requirements e.g. ISAs & ISQC 1, and general public that need
auditors to go beyond their primary objective.
Increased service delivery costs and fees: Increased fee pressures as a result of significant increases in
wages and salaries emphasized the need for audits to be both effective and efficient. This forms a
basis for adoption of risk-based approach by audit firms.

1.A.3 INFORMATION GAP, ACCOUNTABILITY, STEWARDSHIP & AGENCY

The concept in respect of information gap is the Expectation Gap, which is created because of the different
beliefs between auditors and public, about the duties and responsibilities of the auditor. Many members of
the general public expect that;
auditors should accept prime responsibility for the financial statements,
auditors certify financial statements,
a clean audit opinion (unqualified opinion) guarantees the accuracy of financial statements,
auditors perform 100%-cheek,
auditors should give early warning about the possibility of business failure, and
auditors are supposed to detect fraud
Such public expectations of auditors which go beyond auditor's duties & responsibilities result from
information gap and have led to the term "expectation gap". According to the auditing profession, the
reality is that;
Management as preparers of financial statements, is primarily responsible for their content
An audit is no guarantee of financial stability of the business entity
An audit only provides reasonable assurance that financial statements are free from material
misstatements - not absolute assurance
Auditors are only required to test selected transactions - it does not make economic sense in today's
world to check all transactions
Although auditors plan and conduct an engagement with care recognizing that circumstances such
as fraud may exist, that will cause the financial statements to be materially misstated, an audit does
not guarantee that fraud will be detected

CPA Page 2

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

Accountability is the responsibility of either an individual/department to perform specific function in

accounting. An auditor reviewing company's financial statement is "virtually" responsible and legally liable
for any misstatements or instances of fraud. Accountability forces an accountant to be careful and
knowledgeable in their professional practices, as even negligence can cause them to be legally responsible.
An accountant is accountable for the integrity and accuracy of the financial statements even if errors were
not made by them. Managers of a company may try to manipulate their company's financial statements
without the accountant knowing. There are clear incentives for managers to do this, as their pay is usually
tied to performance. This is why independent outside accountants (auditors) must review financial
statements, and accountability forces them to be careful and knowledgeable in their review.
Different Types of Accountability; (CPANov20I3 Qn7a)
Accountability as used in corporate governance.
(i) Corporate governance accountability: is whereby an organization (and its directors) are answerable
for the consequences of their actions. Managers' accountability to shareholders & corporations'
responsibility to society are two important objectives of corporate governance. Some scholars argue that
managers who are accountable to shareholders must neglect society's interest. But loosening this
accountability leaves managers free to serve themselves, thereby increasing agency costs.
(ii) Moral/ethical accountability -goes beyond legal & regulatory requirements. It takes into account what
is right or wrong, based on values & standards, and assumes that there is behavior which is acceptable or
not acceptable based upon values & culture of company or on societal values & expectations. Examples of
tools used in moral/ethical accountability include management's well documented and communicated codes
of conduct, involvement in corporate social responsibility.
(iii) Professional accountability - affects all individuals who belong to professional organizations, e.g.
accountants, lawyers, engineers, doctors, architects, & bankers. Each profession has requirements which
members must fulfill. Non-compliance has serious consequences e.g. termination of membership, denial of
license to practice etc.
Stewardship concept is based on stewardship theory which assumes that managers if left on their own,
will indeed act as responsible stewards of the assets they control. Stewardship theory is an alternative view
of agency theory, in which managers are assumed to act in their own self-interests at the expense of
shareholders. With stewardship concept, certain mechanisms are adopted aimed at reducing agency loss &
such mechanisms include; tie executive compensation, levels of benefits & managers' incentive schemes by
rewarding them financially or offering shares that aligns financial interest of executives to motivate them
for better performance. Stewardship has fiduciary responsibility.
Note: Fiduciary duty (CPANov2013Qn7a, iv)
A fiduciary duty is an often onerous duty of care and trust that one party owes to another, mainly defined in
terms of a financial duty of care in a business context. It can be either a legal duty or a moral duty (or both).
In the case of a legal duty, it is legally required, for example, for a solicitor to act in the best interests of a
client, or a nurse to act in the best interests of a patient. In other situations, the legal responsibilities are
more blurred but an ethical duty may remain.

Agency (CPA Jun2012 Qn6a; Aug20I5 Qn6a) concept is based on the agency theory which is a supposition
that explains the relationship between principals and agents in business. Agency theory is concerned with
resolving problems that can exist in agency relationships; that is, between principals (such as shareholders)

CPA Page 3

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

and agents of the principals (for example, company executives normally termed as management). Agents
should act in the best interests of their principals by being stewards and accountable for the shareholders.
Directors should act for the shareholders but often acted for themselves, and this is termed as, "the agency
problem".

It therefore important to note that shareholders appoint the independent auditors, they also appoint the
directors. The problem that was found out is that once directors are appointed, shareholders often don't take
much further interest in what the directors are doing. This was justified by the revealed annual gaps
between financial statements being issued. This hands-off approach has recently been found entirely
inadequate and additional safeguards (appointing independent auditors) have been instituted to try to
ensure that directors act in the best interests of the members of the company.
Responsibility over financial statements: As earlier noted, the responsibility over financial statements of
the entity lies in the hands of management. That is, management (directors) is responsible of the
preparation and fair presentation of financial statements in accordance with the relevant reporting
framework e.g. IFRLS and in the manner required by other statutory requirements e.g. Companies Act,
Insurance regulations, etc.
Specific Auditor's Responsibilities over Financial Statements (CPAMay20l2 Qn 1d),
Obtain an understanding of internal control relevant to the audit aimed at designing appropriate audit
procedures, but not for the purpose of expressing an opinion on entity's internal control's effectiveness.
Identify & assess risks of material misstatement of the financial statements, whether due to fraud/error,
aimed at designing/performing responsive audit procedures to those risks
Conclude on appropriateness of management's use of going concern basis of accounting &, whether a
material uncertainty exists related to events or conditions that may cast significant doubt on the entity's
ability to continue as a going concern
Evaluate appropriateness of accounting policies used and the reasonableness of accounting estimates
and related disclosures made by management.
Evaluate overall presentation, structure, content of the financial statements, and disclosures, in a
manner that achieves fair presentation and disclosure.
Obtain reasonable assurance about whether the financial statements as a whole are free from material
misstatement, whether due to fraud or error, in order to issue an auditor's opinion based on obtained
appropriate and sufficient audit evidence
Communicate with those charged with governance e.g., planned scope & timing of the audit and
significant audit findings, including any identified significant deficiencies in internal control
Specific Management's Responsibilities over Financial Statements (CPAMay2012 Qn1d),
Preparing the financial statements in accordance with entity's applicable reporting framework e.g.
IFRS, Companies Act, Insurance Act, Financial Institutions Act, Donor agreement, etc.
Determining the internal control that is necessary to enable the preparation of financial statements
that are free from material misstatement, whether due to fraud or error.
Assessing entity's ability to continue as a going concern.
evaluating whether the use of the going concern basis of accounting is appropriate.
Disclosing, if applicable, matters relating to going concern.

CPA Page 4

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

1.A.4 POSTULATES - AUDITING & ACCOUNTING

Accounting postulates are underlying axioms which form the basis of the all further accounting work.
These include; statements that economic activity conducted by certain identifiable entities will be
continuous (accrual concept), that transactions occur at identifiable times and that the entity will continue
as a going concern.
Five general characteristics of postulates which are helpful to our understanding of them and their function.
Postulates are:
(i) Essential to development of any intellectual discipline.
(ii) Assumptions that do not lend themselves to direct verification.
(iii)A basis for inference.
(iv)A foundation for erection of any theoretical structure.
(v) Susceptible to challenge in the light of later advancement of knowledge.
Auditing postulates are the cornerstone position in the theory of auditing, and thus, provide the framework
for developing and testing audit theory. Postulates, by definition, cannot be proven to be true if they could,
they would not be assumptions. Basic postulates of auditing which were identified by Mautz & Sharaf in
the "Philosophy of Auditing" are summarized as: (CPANov2018 Qn3c)
Truth & fairness - The auditor is concerned that the financial statements under examination conform to
law and best practice.
Independence – The auditor is independent through status and is truly objective in expression of opinion.
Evidence – An auditor arrives at his opinion through the systematic collection of evidential data on which
his judgment is based.
Responsibility – Auditor doesn't prepare financial statements or guarantee accuracy nor does he value
business. He is not responsible for prevention or detection of immaterial fraud,
Data – Financial statements and financial data are verifiable.
Management support – There is no necessary conflict of interest between the auditors and the
management of the enterprise under audit.
Fraud – The financial statements and other information submitted for verification are free from collusive
and other unusual irregularities.
Internal Controls – The existence of a satisfactory system of internal control eliminates the probability of
irregularities.
Fair representation – Consistent application of generally accepted accounting principles (GAAP) results
in the fair presentation of financial position and the results of operations.
Operational consistency - In the absence of clear evidence to the contrary, what has held true in the past for
the enterprise under examination will hold true in the future.
Professional behavior – When examining financial data for the purpose of expressing an independent
opinion thereon, the auditors act exclusively in the capacity of auditor.
Audit support – The professional status of the independent auditor imposes commensurate professional
obligations.
1.A.5 KEY CONCEPTS IN AUDITING
Auditor's Independence
The auditor is independent through status and is truly objective in expression of opinion. An auditor should
be independent to work without the fear of management. He must report to the entity owner fairly with all

CPA Page 5

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

material facts. He is liable to prove the truth of statements so he must not work under the direction of
client's staff or third party. Thus, the auditor has to be "independent in mind and in appearance" which is
necessary to enable the professional accountant in public practice to express a conclusion, and be seen to
express a conclusion, without bias, conflict of interest, or undue influence of others".
Audit Evidence (CPAJune20l5Hn4)
This is the information obtained by the auditor in arriving at the conclusion on which he bases his opinion.
An auditor arrives at his opinion through the systematic collection of evidential data on which his judgment
is based.
Materiality
Information is material if its omission or misstatement could influence the economic decisions of users
taken on the basis of financial statements. This is affected by the size and nature of the misstatement. The
guiding standard on materiality is ISA 320. The standard requires the auditor to consider materiality when;
determining the audit procedures to obtain audit evidence, and evaluating the effects of misstatements. An
audit of financial statements does not deal with immaterial items but material issues that can cause material
misstatements in the financial statements. Materiality is normally considered at 3 stages; (i) at the planning
stage of an audit, (ii) as the audit progresses, and (iii) at the conclusion of an audit.
True and Fair (CPAJun2011 Qn5a)
When the auditor states in his report that in his opinion, the financial statements give a true & fair view, he
is effect means that;
The financial statements contain factual information (free from bias & discrimination) that
conforms with reality
The information in the financial statements conforms with required standards and laws
The account balances in the financial statements have been extracted correctly from the books &
records
The account .balances in the financial statements reflect the commercial substance of the company's
underlying transactions
Thus, the auditor gives an opinion on the truth & fairness of the financial statements but not an opinion on
the absolute correctness of financial statements. This is because there are inherent limitations of audit such as;
Auditor uses judgment in deciding audit procedures to use & what conclusions to draw
Not all items in the financial statements are tested
There are limitations in accounting and control systems
Audit evidence sometimes indicates what is probable but not certain
Audit report is issued a long time after the year end
Disclosure of Accounting Policies
Since financial statements are prepared based on specific accounting policies and in accordance with
specific reporting frameworks e.g. IFRS, then, these have to be disclosed under the notes to the financial
statements (Explanatory Notes and Accounting Policies). Basis of accounting records and related
information in respect of accounting policies, estimates, reporting framework, assumptions, risks,
breakdown of summarized elements for financial statements, among others are presented/disclosed under
this section of notes to financial statements (disclosures).

CPA Page 6

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

1.A.6 QUALITIES OF AN AUDITOR

Qualities of an auditor are automatically hinged on fundamental principles expected to be complied with by
every auditor (professional accountant). These include;
 integrity – Being honest and straight forward in all personal & business relationships
 Objectivity – Not allow compromise due to bias or conflict of interest in business judgments.
 Professional competence & due care – Auditors have a continuing duty to maintain professional
knowledge and skill at a level required for competent service and diligently based on current
developments in practice, legislation and techniques.
 Professional behavior - Auditors should comply with relevant laws and regulations and should
avoid any action that discredits the profession. (CPA Nov2012 Qn2a,ii)
 Confidentiality - Auditors should not disclose information on clients without specific and proper
authority (professional or legal right/duty), and not use it for personal gain (CPANov20l8 Qnlc)
Note: Circumstances allowing auditor to disclose client's information; (CPANov20l3 Qn2c; Nov2018Qnlc)
* Consent has been gotten from the audit client
* It is in the interests of the general public
* There is a legal or professional duty to disclose
* Illegal acts for example treason, drug trafficking or terrorist offences
* When demanded by the courts of law ,
Good auditors also possess the following additional characteristics. Personal attributes that will
enable auditors to act in accordance with principles of auditing & such qualities include amongst;
Vision and business acumen (understanding) Analytical and strategic (observant)
Ethical (People skills)
Decision-making ability (decisive)
Leadership (diplomatic)
Superior communication skills.
Self-reliant (independent)
Determined (unwavering & strong-minded)
Open-minded (unbiased)
Adaptable (flexible)
1.A.7 TYPES OF AUDITS-MAJOR
Statutory audits. These are audits conducted as per the legal requirements of various statutes. These are
"mainly" external audits and often referred to as financial statement audits conducted by an independent
appointed auditor. These audits are normally intended to give users of financial statements reasonable
assurance about the accuracy of financial statements. These audits are mandatory and are conducted in
accordance with specific statutory requirements e.g. IFRS, insurance Act & insurance regulations, etc.
External audits may also involve other audits intended to give limited assurance to users about the subject
matter of the audit such as; review of specific elements of financial statements, review of specified systems
of internal controls, review of interim financial statements, etc.
Government audits. These are audits of state and local government organizations, programs, activities,
and functions. Government audits focus on finding out the use of public funds and improving how
governments provide programs and services.
CPA Page 7

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

Internal audits These are audits instituted by management and they form part of the internal control
systems. Internal auditing is an appraisal activity established within the entity as a service to the entity.
Internal auditing involves; examining, evaluating, and monitoring the adequacy (design) and effectiveness
of internal controls.
Private audits. These are audits conducted according to the agreement between the auditor and his/her
clients, as they are not governed by any law i.e. not governed by Companies Act, or any other statute. They
are conducted for such businesses like partnerships, clubs, NGOs, and non-regulated private companies.
Note: Private audit is mainly voluntary for non-regulated private firms, done at the desire of owners for
various purposes like tax audit conducted in accordance with the agreement Scope is usually restricted to
areas of interest. This is unlike statutory/external audits which are compulsory audits conducted in
accordance with the provisions of statutory requirements like insurance & banking, audit is done once a
year, purpose of the audit being to comply with the requirements of the respective laws, and the audit scope
is open and not restricted as per the relevant laws.
1.A.8 OTHER ASSURANCE/AUDIT ASSIGNMENTS
Forensic Audits. These relate to audits whose results can be used as evidence in court.
Therefore, forensic auditing is the process of gathering, analysing, and reporting on data, in a predefined
context, for the purpose of finding facts and/ or evidence in the context of financial or legal disputes and/ or
irregularities and giving preventive advice in this area.
Value for Money Audits (VFA). These are independent evidence-based investigations which examine and
report on whether economy, effectiveness & efficiency has been achieved in the use of funds. These audits
are mainly by entities & non-profit making organisations, and rarely conducted by private business entities.
Such va1ue for money (VFM) audits are systematic, purposeful, organized and objective examinations of
government activities, which provide an assessment on the performance of these activities i.e. designed to
check proper arrangements and implementation which have been made to secure economy, efficiency and
effectiveness in the use of resources for desired quality.
Environmental audits These are audits that seek how well the organisation performs in (safeguarding the
environment in which it operates, and whether the company complies with environmental policies. Simple
steps that may be followed may include; obtain a copy of company's environmental policy, assess whether
the policy is likely to achieve objectives (e.g. meet legal requirements, & satisfy key customers/suppliers'
criteria), and then test implementation and adherence to the policy (e.g. through discussions, observation,
walk-through tests, etc.).
Social audits These involve establishing whether the firm has a rationale for engaging in socially
responsible activity, identifying that all current environment programs are congruent with the mission of
the company, assessing objectives and priorities related to these programs, and evaluating company
involvement in such programs past, present, and future.
Advantages of Audit (CPAJun2014Qn5c)
 Satisfaction of business owners. It's because of the independent audit that the owner will be satisfied
about the business operations and working of its various departments.
 Detection and prevention of errors. Errors whether committed innocently or deliberately are discovered
by the process of audit and its presence prevents their occurrence in the future.
 Verification of books. This helps in maintaining the records up to date at all times

CPA Page 8

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

 Independent opinion. Audit is very useful in obtaining an independent opinion about the business
condition - whether financial statements give a true & fair view, or not.
 Detection and prevention of fraud. Just like errors, frauds are discovered by the audit (though not
obliged) and the presence of audit minimizes future possibility if not eliminated totally.
 Moral check. The process of audit will establish a check on the minds of staff working in business &
they will not be able to commit any irregularity, as they will have fear & be aware that the books of
accounts will be examined and actions taken against them if found guilty.
 Reliance by outsiders (credibility). Outsiders like creditors, debenture holders, banks, etc. will rely on
the business accounts if they are audited by an independent authority (external) s Loan facility. Money
can be borrowed easily on the basis of audited balance sheet from financial institutions, like as earlier
noted, outsiders like banks rely on audited accounts.
 Easy valuation. It becomes easier to evaluate property, etc. if the accounts are audited especially when
the business is to be disposed off.
 Reliance by shareholders and protection of their rights. In public limited companies, the shareholders
are assured in the presence of the process for audit, that the directors have not taken any undue
advantage of their status and position.
Disadvantages and Limitations of an Audit (CP4dun2014Qn5c)
 Costly. Cost of an audit may be prohibitive to an organisation especially small entities
 Undetected errors. Audits may not discover errors and frauds or material misstatements in the financial
statements because of sampling and other inherent limitations
 Reliance on experts with inaccurate conclusions. In some cases, audit use experts (e.g. engineers,
valuers, lawyers) and rely on their work conclusions, which may not be accurate
 Accounting system limitation. The accounting systems on which assurance providers may place a
degree of reliance also have inherent limitations.
 Collusion. The client's staff members may collude in fraud that can then be deliberately hidden from
the auditor or misrepresent matters to them for the same purpose.
 Subjectivity and judgment. Assurance provision can be subjective and professional judgments have to
be made e.g., about what aspects of the subject matter are the most important, how much evidence to
obtain etc.
SECTION l.B; LEGAL, REGULATORY, & ETHICAL ENVIRONMENT
1.B.1 REGULATION AND AUTHORIZATION OF AUDITORS
The Roles and Responsibilities of ICPAU
The Institute of Certified Public Accountants of Uganda (ICPAU) was established in 1992 by an Act of
Parliament, now The Accountants Act, 2013. ICPAU is governed by a Council, which is assisted by Public
Accountants Examinations Board (PAEB), and other council committees.
The functions of the Institute, as prescribed by the Accountants Act, 2013 are:
(i) To regulate and maintain the Standard of Accountancy in Uganda;
(ii) To prescribe & regulate the conduct of accountants and practicing accountants in Uganda.
Functions of the Council are;
(a) admit members to the Institute;
(b) approve courses of study;

CPA Page 9

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

(c) provide for the registration of students of the Institute and the qualifications for registration; (d)
supervise and regulate the practical training and education carried out by the Institute;
(e) maintain and publish the roll of the members of the institute;
(f) supervise the registration of accountants who wish to practise accountancy and maintain and publish the
register of practising accountants;
(g) issue certificates of practice in accordance with Accountants Act;
(h) ensure the maintenance of professional standards by members of the Institute & take steps to acquaint
the members with methods and practices necessary to maintain those standards;
(i) issue and adopt internationally accepted accounting and auditing standards and promote their
usage in Uganda and make suitable adaptation where necessary;
(j) prescribe the societies and institutions with a status equivalent to that of the Institute;
(k) secure and promote international recognition of the Institute;
(I) maintain a library of books and periodicals relating to the practice of accountancy and allied subjects
and encourage the publication of similar books and periodicals in Uganda;
(m) promote the publication of a journal of the Institute;
(n) encourage research in accountancy and allied subjects in Uganda, for the advancement of the
accountancy profession in Uganda;
(o) regulate the conduct of the members of the Institute and promote good ethical standards and the
discipline of the members of the Institute;
(p) prescribe the fees payable by the members and students of the Institute;
(q) advise regulators of educational institutions on curricula of study in accountancy courses;
(r) advise Government on matters of financial accountability and management in all sectors of the
economy; and
(s) do anything incidental to the functions of the Institute. Functions of examinations board (PAEB) are;
(a) determine the, syllabi and curricula in respect of examination in the subjects of study;
(b) conduct the examinations of the Institute;
(c) appoint examiners and moderators of examinations;
(d) make rules to govern the examinations of the Institute; and
(e) do any other thing connected with the management of the examinations of the Institute.
Rules Governing Registered and Practicing Auditors
Remember, only members registered as Certified Public Accountants with valid Practicing Certificates can
describe and hold themselves out as public practitioners and are able to set up firms providing public
practice services. Members in public practice may carry out public practice services e.g. accounting, audit,
insolvency, taxation, consultancy & other related services. Therefore, there are rules governing registered
and practicing auditors issued by ICPAU. The guidelines give an insight in to what a practice firm should
have as a minimum, in order to ensure quality within the firm and the professional at large. The said Audit
Practice Guidelines are applicable to all practitioners (with their audit firms) seeking registration or
registered by ICPAU.
► Key guidelines relate to if one wishes to be registered as a practitioner (CPANov2012 Qn3a)
Attain the professional accounting qualification, for full ICPAU membership status
► Complete an application form from ICPAU

CPA Page 10

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

► Ensure that he/she meets the eligibility criteria (show proof of relevant experience)
► Determine the legal form of his/her practice
► Obtain adequate professional indemnity insurance (PII)
► Ensure that the firm's employees have sufficient competence to enable them do the work
► Ensure that firm's practitioners & qualified firm employees comply with CPD Guidelines
► Apply or register and be admitted by ICPAU
Eligibility Criteria: Guidelines re-emphasize that, to be eligible for registration, on shall;
► Be enrolled and registered as a member of ICPAU.
► Possess three (3) years of relevant and sufficient experience.
► Have obtained 40 CPD hours, in accordance with ICPAU's CPD Guidelines, in the year prior to the
application for a Practicing Certificate.
► Obtain professional indemnity insurance.
► Foreign nationals should possess valid work permits.
► In case of a partnership, there shall be a valid partnership deed.
Other general guidelines stipulated in the ICPAU's issued Audit Practice Guidelines relate to;
1. Name of the firm - features, not generic, letterhead, & cessation of registration
2. Audit practice - competence requirements, continuing obligations, CPDs, & part-time
3. Setting up office premises - office space, signpost, equipment, etc.
4. Staffing - competence, remuneration, employment contract, personnel files, etc.
5. Literature - pronouncements, IFRS, codes of ethics, manuals, laws of Uganda, etc.
6. Quality control procedures - well documented quality control procedures as per ISQC
7. Compliance with statutory requirements - trading license & return filings e.g. PAYE, etc.
8. Professional indemnity insurance - recommended minimum insurance cover is Ushs 50m
9. Conduct of audit work - compliance with appropriate professional standards e.g. ISAs
10. Practice continuity agreement - a requirement
11. Practice management course - mandatory for all new applicants for practicing certificate
Reasons and mechanisms for the regulation of auditors
In order to maintain and develop audit practice in the country, the Institute of Certified Public Accountants
of Uganda (ICPAU) issued Audit Practice Guidelines. The objectives of ICPAU in issuing practicing
guidelines were to ensure that:
 Auditors maintain a high standard of professionalism while handling audit work.
 The reputation of auditors within the public is increased.
 There is consistent and fair application of the Guidelines
1.B.2 APPOINTMENT, RIGHTS AND DUTIES OF COMPANY AUDITORS Qualification for
Appointment as Company Auditors
For one to practice as an auditor in Uganda, one must possess a practicing certificate (license) issued by the
council of Institute of Certified Public Accountants of Uganda (ICPAU). According to Section 35 of the
Accountants Act 2013, a person, shall not practice accountancy in Uganda without a certificate of practise
issued under section 28 (issue) or 29 (renew).

CPA Page 11

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

According to Section 27 of the Accountants Act 2013, a person who is enrolled as a full member of the
Institute under Section 25, and wishes to practise accountancy, has to apply to the Council to be registered
as a practising accountant. Where the Council is satisfied with such a member regarding fulfilling
conditions for registration (to have obtained the relevant practical experience as prescribed by the Council
and pays the registration fee), the Council then directs the secretary to register the member and to issue
him/her with a certificate of practice for the year.
According to Sec 28(2) of Accountants Act 2013, a person who was registered as certified public
accountant under Accountant Act, Cap 266 who wishes to practice accountancy, shall apply to Council for
certificate of practice. Also for accounting firm to be recognized to offer accountancy services, all its
partners or practitioners must have valid practicing certificates (subsection 3).
A Practicing accountant shall cease to, be registered if:
♦ He or she has been suspended from ICPAU membership;
♦ His or her ICPAU membership has been cancelled;
♦ He or she applies for cancellation of his or her Practicing Certificate; or
♦ He/she fails to renew his or her Practicing Certificate as required by the Accountants Act.
Registration & membership; An accountant qualifies to be a registered member of the institute (ICPAU)
under any of the following membership categories (Section 5 of the Act); Full member, Associate member,
Retired member, and Any other category
(i) Full members: A person shall be eligible for full CPA membership of the Institute if he or she; (a)
passes the qualifying examinations conducted by the examinations board and completes the practical
training prescribed by Council -Practical Experience Training (PET) Program; or
(b) a member of a society or an institute of accountants approved by the Council as being a society or
institute with a status equivalent to that of the Institute.
(c) A person who enrolled and registered as a full member of the Institute under the Accountant Act, Cap.
266, and equally qualifies for membership under the Accountants Act 2013, shall be a full member under
this Act
(ii) Associate members: Criteria for being an associate CPA member is as follows;
(a) A person is eligible for membership as an associate member of Institute if he or she passes a qualifying
examination conducted by the examinations Board but does not have practical training prescribed by the
Council -as per Sec 5.6 of the Accountants Act.
(b) A person who was an associate member under Accountant Act 266 will remain an associate member
under the Accountants Act 2013, unless he now fulfills full membership requirements
(Hi) Retired members: Criteria for being a retired CPA member is as follows;
A person shall be eligible for membership as a retired member of Institute if he or she meets the
criteria prescribed by regulations made under this Act and applies to the Council for retirement.
(iv) Any other category of members as may be determined by the ICPAU Council
Ways in which Auditors may be Appointed;
The first auditor of a company is appointed by Board of Directors (BoD) prior to the first annual general
meeting of the company. The appointee by the directors will hold office until the end of the first annual
general meeting. The directors can also fill casual vacancies.

CPA Page 12

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

According to Sec 167(1) of the Companies Act 2012, every company shall at each annual general meeting
appoint an auditor to hold office from the conclusion of that annual general meeting, until the conclusion of
the next, annual general meeting.' Directors approve terms of the contract for the first auditor. In
subsequent years, approval of members is necessary at annual general meeting.

Notwithstanding subsection Sec 167(1), according to subsection 2, at any annual general meeting a retiring
auditor, however appointed, shall be taken to be reappointed without any resolution being passed unless;
(a) he or she is not qualified for reappointment;
(b) a resolution has been passed at that meeting appointing somebody instead of him or her or providing
expressly that he or she shall not be re-appointed; or
(c) he/she has given company notice in writing of his or her unwillingness to be reappointed.
According to Section 168(1) Companies Act 2012, special notice shall be required for a resolution at
company's annual general meeting -appointing a person as auditor other than a retiring auditor or providing
expressly that a retiring auditor shall not be re-appointed.
Rights and Duties of an Auditor (CPAAug20l50n5c, Jun2017 Qn4b)
Rights - Right to;
 exercise lien over the clients' books of accounts in case of failure to pay
 attend any annual general meeting y
 seek audience or be heard in the annual general meeting y
 convene an extra ordinary meeting
 access all the books, reports, documents, and branches of a company at any time
 receive all the explanations which are necessary for his work
 receive a copy of all resolutions made in the annual general meetings
Duties - Duty to;
 report to the shareholders or directors on the annual company's accounts
 certify (when required) that the company's accounts give a true & fair view of the company's
financial affairs or indeed that they do not
 issue/leave a statement of circumstances when he ceases to hold office or any reason report on any
company’s violation of laws.
 Read and consider whether other information in the annual report is consistent with the financial
statements and do not contain material misstatements -as per ISA 720 (Revised)
1.B.3 RESIGNATION & DISMISSAL OF AUDITORS
Disqualifications for Appointment as Auditor;
According to Section 169(1) Companies Act 2012, a person or firm shall not be qualified for appointment
as an auditor of a company unless he or she or in the case of a firm, every partner in the firm is a member
of;
(a) one or more of the professional bodies specified in the Accountants Act; or
(b) the ICPAU established under the Accountants Act, or is a person registered as an associate accountant
under the Accountants Act.
According to Section 169(2) of Companies Act 2012, none of the following persons shall be qualified for
appointment as auditor of a company,
(a) an officer or servant of the company;
(b) a person who is a partner of or in the employment of an officer or servant of the company, except for
the case of private company;

CPA Page 13

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

(c) a body corporate

(d) a person who is disqualified for appointment as auditor of any other body corporate which is that
company's subsidiary or holding company or would be so disqualified if the body corporate were a
company (sub section 5).
Summarized Process for Resignation of Auditors; (CPAJun20l7 Qn4a)
 Auditors have to deposit written notice together with statement of circumstances to members or a
statement that no circumstances exist. This is a must for quoted companies.
 Notice of resignation has to be sent by the company to the regulators
 A statement of circumstances is sent by the company to the members and by the auditor to the
registrar of companies
 Convening of general meeting if necessary - the auditor can require the directors to call for extra-
ordinary general meeting to discuss circumstances of resignation
Summarized Process for Removal of Auditors; (CPAJun20l7 Qn4a)
 Notice of removal is required - either by a special resolution with a copy sent to the auditor, or with
an ordinary resolution during the AGM
 Representation by the auditors on why they should stay in office
 Resolution of auditor's removal to be deposited to the registrar of companies
Circumstances under which auditor should resign from audit assignment, (CPANov20l3 3n3c)
 Independence issues. If an auditor feels he is not independent he can resign from an audit
engagement because the opinion he will give is likely to be biased. If he is involved in preparation
of financial statements i.e. self-review threat.
 For rotation purposes. It's required for some organizations to rotate auditors for example insurance
companies in Uganda the auditor is supposed to audit for four years and he should not accept
reappointment until after four years.
 Unpaid audit fees. This creates self-interest threat & may equally result into intimidation threat.
Thus, it's much better to resign than compromising with ethical principles.
1.B.4 AUDITING STANDARDS AND GUIDELINES
There are a number of standards and guidelines governing practicing auditors & these include among the
following;
 A IFRSs issued by IASB
 ICPAU Code of Ethics
 IFRIs developed by IFRIC of the IASB
 A ISAs as issued by IAASB of IFAC
 lESs issued by IAESB of IFAC
 The Professional Code of Ethics issued by the IESBA of IFAC
 The Companies Act (specific provisions)
 Provisions of other relevant Acts, Statutes, Regulations, Notices legal Instruments, etc. a
Notifications, Advisories & technical guidance issued by ICPAU
1.B.5 ETHICAL REQUIREMENTS - FUNDAMENTAL PRINCIPLES & THREATS
Fundamental Principles of Professional Ethics (CPAJun20l3 Qn4c:NOv20l3Q4a;Jun20l4 Qnlb;Jun20I8Qn1b)
1. Integrity,
2. Objectivity,
CPA Page 14

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

3. Professional competence and due care,

4. Confidentiality,
5. Professional behaviour
Threats to threats of Fundamental Principles (CPA Jun 2011Qn4a; Nov 2013 Qn4b; dun2014 Qn3a)
Self-interest threat j 4 Self-review threat I 4 Advocacy threat i- Familiarity threat 4- Intimidation threat
1.B.6 AUDITOR'S LIABILITY
This elaborates the circumstances in which the auditors may have legal liability. The auditor has a statutory
duty to report to the members on whether:
 The Financial Statements are free from material misstatements
 The financial statements have been prepared in accordance with relevant laws & standards;
 The director's report is consistent with the financial statements
Such duties impose liabilities if things go wrong. Auditors' liability can be categorized as;
 Civil or criminal liability arising under legislation
 Liability under common law arising from negligence
Civil Liability - The auditors may be liable in the following circumstances (CPAMay2019 Qnlc)
(i)To third parties, suffering loss as a result of relying on negligently prepared audit report
(ii) Under insolvency legislation to creditors - auditors must be careful not to be implicated in
causing losses to creditors alongside directors.
(iii) Under tax legislation - particularly whether the auditor is aware of client' tax frauds
(iv) Under financial services legislation to investors etc. probable penalty for civil offence being payment
of damages; (a) if the claimant suffered a quantifiable & reasonable foreseeable loss due to auditor's
negligence(b)if auditor negligently performed/issued report/opinion (CPA May20l9 Qnlc(ii)
Criminal Liability - it can arise in the following circumstances.
(i) Accepting appointment as auditor when ineligible or remain in office after ineligibility
(ii) Instances of fraud such as;
 Misappropriation of assets
 Obtaining financial advantage by deception
 Falsifying accounting records or document
(iii) Publishing misleading statements intended to deceive members or creditors
(iv)Insider dealings under securities legislation e.g. misuse of unpublished price sensitive for personal gain.
Note:
Remedies. The remedies for criminal offence can be the payment of a fine, imprisonment, or both.
Professional bodies and regulators such as ICPAU can enforce sanctions to an auditor & these include;
warnings, fines, reprimands, and exclusion from membership for misconduct.
Burden of proof Regarding third party, the burden is normally on the third party to prove that the duty of
care is owed to them in the first place. If no duty is owed, it cannot be breached. A duty of care exist where
auditor knew, or ought to have known that, the audited accounts would be made available to, and would be
relied upon by, a particular person or class of persons.
Liability to the Client (under Negligence) An auditor can be liable to the client under contract & this
arises if auditor negligently prepares his audit report or fails to deliver. If it can be proved that the auditor
failed to exercise professional competence & care then he can be sued for negligence. Therefore, auditor
can be liable for negligence under the below 2 circumstances (CPA Jun2018 Qn3c),

CPA Page 15

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

(i) if the auditor negligently prepares his audit report as per the contract with the client
(ii) if the auditor negligently fails to deliver to the client as per the contract (engagement letter)
Liability to Third-parties A third party who has relationship with the auditor may sue the auditor for
damages. However, 3rd party must prove that [proof of burden); (CPANov20ll Qn4b)
 The auditor owes a duty of care to him / her
 The auditor breached the appropriate standard of care,
 The third party suffered loss as a direct result of the auditor's breach
Minimization/Safeguards to auditors' liability. Measures that can be undertaken by audit firms to
minimize exposure to negligence claims include the following (CPAdun2PI8On3c, Nov20I8 Qn3a)
 Screening potential audit clients to accept only clients where risk can be managed
 Carrying out high quality audit work Taking professional indemnity insurance
 Obtaining specialist legal advice where appropriate.
 Use of letter of engagements to clearly spell out respective responsibility and duties of directors and
auditors
1.B.7 REQUIREMENTS OF SPECIFIC ACTS
 Accountants Act - Key Acts requirements/sections relating with accountant's (auditor) work?
 The Companies Act - Key requirements/sections relating with accountant's (auditor) work?
 Insurance Act - Key Act's requirements/sections relating with accountant's (auditor) work?
 Financial Institutions Act - Key requirements/sections relating with accountant's (auditor) work?
SECTION I.C AUDIT PLANNING & RISK ASSESSMENT
1.C.1 OBTAINING WORK & ACCEPTANCE OF NEW AUDIT ENGAGEMENTS -
INTRODUCTION
ISQC1 requires that the firm obtain information considered necessary in the circumstances before
accepting an engagement with a new client, when deciding to continue an existing engagement and when
considering acceptance of a new engagement with an existing client.
1.C.2 ETHICAL, LEGAL, PRACTICAL & RISK RELATED ISSUES TO CONSIDER BEFORE
ACCEPTANCE
The engagement partner should consider (CPANov2012 Qn4c; Dec2016 Qn5a).
i. The integrity of principal owners, key management and those charged with governance
ii. Whether the engagement team is competent to perform the audit engagement and has the necessary
capabilities including time and resources.
iii. Whether the firm and the engagement team can comply with the ethical requirements which include
integrity, objectivity, competence, confidentiality and professional behaviour.
iv. Significant matters that have arisen during the current and previous audit engagement, and their
implications for continuing the relationship.
v. Conclusion on compliance with independence requirements.
ISQC requires the partner/firm should make sure that prior to accepting the appointment,
vi. It has confirmed that the provisions of the Companies Act relating to appointment of auditors have
been complied with by inspecting the appropriate minutes or resolutions.
vii. Where there is a change of auditors, then in accordance with the Code of Ethics - if the entity has
communicated with the outgoing auditor giving him the permission to communicate with the incoming

CPA Page 16

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

auditor, and the audit firm considering writing to the outgoing auditor for professional clearance and
requests appropriate information required to enable it to conclude whether to accept the engagement or not.
Note: A member should not solicit clients or professional work either directly or indirectly, by circular,
advertisement, personal communication or interview or by any other means.
1.C.3 ENGAGEMENT LETTER VS. MANAGEMENT LETTER OF REPRESENTATION VS.
MANAGEMENT LETTER
Engagement Letter (EL) (CPMug2015Qn5a)
Engagement letter is an agreement defining the legal relationship (or engagement) between a
Professional firm (auditor) and his client, with terms & conditions of engagement. ISA 210 requires that
the auditor & entity agree on the terms of engagement, preferably prior to commencement of the
engagement, in an audit engagement letter or other suitable form of contract.
The purpose of the engagement letter is to: (CPAAug20I5 Qn5b)
 Help avoid any potential misunderstandings in respect to the engagement.
 Document & confirm auditor's acceptance of the engagement, the objective and scope of the audit,
the extent of the auditor responsibilities to the entity and the form of any reports
 Defines the scope of work to be carried out and the respective responsibilities of the auditor
 and the client under the engagement which helps in clarifying responsibilities of each party
Explains the forms of any reports to be issued under the engagement
 Educates the client on his duty to maintain proper books of account, prevent errors and fraud, and
provide the necessary information
 Minimizes auditor's liability to third parties s Commits client to his obligation in the audit
 Specifies the audit fee and payment terms
The form and the contents of the audit engagement letter may vary for each engagement, but would
generally include the following - Primary/must items/elements,
(i) The objective and scope of the audit of the financial statements
(ii) The responsibilities of the auditor
(iii)The responsibilities of management
(iv) Identification of applicable financial reporting framework for the preparation of the financial
statements
(v) The fact that because of inherent limitations of an audit, together with the inherent limitations of
internal control, there is an unavoidable risk that some material misstatements may not be detected,
even though the audit is properly planned & performed in accordance with ISAs
(vi) Unrestricted access to whatever records, documentation and other information requested in
connection with the audit
Secondary items (elements) - may be included;
 Reference to the expected form and content of any reports to be issued by the auditor and a
statement that there may be circumstances in which a report may differ from its expected
 Elaboration of the scope of audit, including reference to applicable legislation, regulations, ISAs,
and ethical & other applicable pronouncements of professional bodies
 The form of any other communication of results of the audit engagement.
 Arrangements regarding the planning,' performance of audit, & composition of audit team
 The expectation that management will provide written representations

CPA Page 17

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

 The agreement of management to make available to the auditor draft financial statements and any
accompanying other information in time to allow the auditor to complete the audit in accordance
with the proposed timetable
 The agreement of management to inform the auditor of facts that may affect the financial
statements, of which management may become aware during the period from the date of the
auditor's report to the date the financial statements are issued
 The basis on which fees are computed and any billing arrangements
 A request for management to acknowledge receipt of the audit engagement letter and to agree to the
terms of the engagement outlined therein
 Arrangements concerning*the involvement of other auditors & experts in some audit aspects
 Arrangements concerning the involvement of internal auditors and other staff of the entity.
 Arrangements to be made with the predecessor auditor, if any, in the case of an initial audit
 Any restriction of the auditor's liability when such possibility exists
 A reference to any further agreements between the auditor and the entity
 Any obligations to provide audit working papers to other parties
Management Letter of Representation (LoR); (CPA Aug2015 Qn5a)
A management representation letter is a form letter written by a company's external auditors signed by
company's management (normally directors), attesting to the accuracy of company's financial statements
submitted to the auditors for their review. Directors sign the LoR because they ultimately responsible for
preparation of financial statements (referred to as, 'management').
Therefore, management LoR is a formal written record representations made by organization’s
management to the auditors. The letter is prepared by the auditor and signed by management either on a
date as near-as possible to the date of the auditors' report (before or as on the same date management
approves/signs the financial statements) but after all audit work has been completed, including the review
of events occurring after the balance sheet date, for example. The information referred to in the letter is
material to the financial statements for which the auditor is unable to obtain independent corroborative
evidence. These matters might include any future legal claims, fraud, related party disclosures, and
adjusting events.
Management Letter (ML)
This is a document prepared by the auditor addressed to company's management in charge of governance,
highlighting a deficiency or combination of deficiencies in the company's internal controls or operational
areas requiring improvement, and with recommendations. Therefore, a management letter identifies issues
not required to be disclosed by the auditor in the Annual Financial Report but represent the auditors
concerns and suggestions noted during the audit, relating with ineffectiveness of internal controls.
1.C.4 AUDIT OBJECTIVES & AUDIT APPROACHES/STRATEGIES
Overall Objectives of the Audit(or)
Under the principles of ISA 200, "...the overall objectives of the auditor are:
(a) To obtain reasonable assurance about whether the financial statements as a whole are free from material
misstatement, whether due to fraud or error, thereby enabling the auditor to express an opinion on whether
the financial statements are prepared, in all material respects, in accordance with an applicable financial
reporting framework; and

CPA Page 18

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

(b) To report on the financial statements, and communicate as required by the ISAs, in accordance with the
auditor’s findings.‖
Audit Approaches or Audit Strategies (CPADec2016 Qn3a)
1. Risk-Based Approach. A risk-based audit approach is designed to be used throughout the audit to
efficiently and effectively focus the nature, timing and extent of audit procedures to those areas that have
the most potential for causing material misstatement(s) in the financial report. The risk-based approach
requires the auditor to first understand the entity and its environment in order to identify risks that may
result in material misstatement of the financial report. Next, the auditor performs an assessment of those
risks at both the financial report and assertion levels. The assessment involves considering a number of
factors such as the nature of the risks, relevant internal controls and the required level of audit evidence.
Thus, simple steps in risk-based approach include; understanding and identification of risks, assessment of
risks, responding to risks appropriately, and finally concluding on the risks.
2. System-Based Audit or Control Reliance Approach. This approach is applied by the auditor by first
understanding/testing that there is a strong internal control system being used. Therefore, auditors will
perform an understanding of internal control, and then perform testing/validating of those internal controls
This is to ensure that internal controls are strong enough (effective) to produce the correct financial
reporting. If auditors concluded that the internal controls over financial reporting are strong, they also need
to perform substantive testing but the volume of transactions are not that large unlike under substantive
approach.
3. Substantive Audit Approach. This approach is generally used where the financial reporting system or
internal controls over financial reporting are not reliable i.e. when an a auditor has not relied on internal
controls. With substantive approach, auditors will not perform their testing on the entity's internal control
on financial reporting. They will directly perform substantive testing by focusing on the large or material
transactions.
4. Balance Sheet Audit Approach. This approach is applied when the auditor believes that once the
account balance in the balance sheet are correct, then the accounting transactions in the income statements
will also be corrected. With this approach, the auditor will focus on testing high valued balance sheet items
and then transaction in the income statements will be given less focus - esp for start-up company with large
balance sheet items & less income statement transactions.
1.C.5 AUDIT PLANNING - INTRODUCTION
Planning involves establishing and documenting the overall audit strategy for the engagement and
developing and documenting an audit plan, in order to reduce audit risk to an acceptably low level. ISA
300 requires auditor to plan the audit for engagement to be performed effectively.
Need for (importance of) effective audit planning. It ensures; (CPA Nov20I3 Qn2a; Nov20I7 Qn4a)
 That appropriate attention is devoted to key audit areas and significant risks.
 That potential problems are identified and resolved on a timely basis.
 That the engagement is properly organised and managed in order to be performed in an effective
and efficient manner.
 The selection of engagement team members with appropriate levels of capabilities and competence
to respond to anticipated risks, and the proper assignment of work to them.
 Proper direction and supervision of the engagement team and review of their work.
 Appropriate coordination of work done by the auditors of components & experts.

CPA Page 19

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

1.C.6 OVERALL AUDIT STRATEGY VS. OVERALL AUDIT PLAN VS. AUDIT PROGRAMME
"Overall audit strategy" sets the scope, timing & direction of audit, and guides the development of the
more detailed audit plan. It helps to ascertain the nature, timing and extent of resources necessary to
perform the engagement.
"Overall Audit Plan" documents the assessment of risk and the response to assessed risk by setting out
the nature, timing and extent of the overall audit procedures to be performed by the engagement team in
order to obtain sufficient appropriate audit evidence to reduce the audit risk to an acceptably low level. The
plan also reflects the auditor's decision on whether to test the operating effectiveness of controls and the
extent of planned substantive procedures.
"Audit Programme" documents the nature, timing, and extent of audit procedures to be performed at the
assertion level for each material class of transactions, account balance, and disclosures. The program sets
out the nature, timing & extent of audit procedures required to implement the overall audit plan and serves
as a set of instructions to the engagement team and as a means to control and record the proper execution of
audit. In preparing the audit program, considerations should be given to specific assessment of risk and the
level of assurance to be provided by substantive procedures.
Components of Audit Strategy, (CPA Nov2018 Qn3b)
 Review and updating the client background information.
 Expected audit coverage including the number and locations of the components of the entity.
 Financial reporting framework used and industry specific reporting requirements.
 The timing of the audit and reporting deadlines.
 Key dates for communicating with the management and those charges with governance.
 Materiality.
 Identification of areas where there may be higher risk of material misstatement.
 Preliminary identification of material components and account balances.
 Preliminary indication of whether the auditor may plan to obtain evidence regarding the
effectiveness of internal controls.
 Identification of recent significant entity-specific, industry, financial reporting/other dev'ts.
 Initial assessment of overall resource requirements including use of experts on complex matters
 Initial assessment of resource allocation to specific audit areas e.g. allocation of team members to
observe inventory count at material locations, extent of review of the component team's work
Contents of the Overall Audit Plan;
 Preliminary analytical review - ratios, trends, & other financial information
 Preliminary risk assessment - overall risk & key individual risks
 Sources of reliance, for audit evidence
 Materiality - levels of materiality & reasons
 Auditor's responses to assessed risks - including use of audit tools like CAATs
 Sampling techniques to be adopted
 Audit time table (time & cost budget) and requirements, including independence/ethical...

CPA Page 20

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

1.C.7 AUDIT PROCESS - STAGES/STEPS/PHASES OF AN AUDIT

General Audit Process/Phases/Steps

Phase 1: Client Acceptance Procedures (CPADec20I6 Qn5b);
Objective: Determine both  Evaluate the client's background & reasons for the audit.
acceptance of a client and  Determine whether the auditor is able to meet the ethical
acceptance by a client. requirements regarding the client.
Decide on acquiring a new  Determine need for other professionals.
client or continuation of  Communicate with predecessor auditor.
relationships with an existing  Prepare client proposal
one, the type and amount of  Select staff to perform the audit
staff required.  Obtain an engagement letter

i Phase 2: Planning the Audit Procedures;

"IAudit Strategy & plan)  O b t a i n industry, company, legal, related party and financial,
-Objective: Determine the ' background information.
amount & type of evidence, s  Perform procedures to obtain an understanding of internal control
and review required to give the  Assess the risks of material misstatements of the financial

CPA Page 21

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

auditor assurance that there is statements

no material misstatement of  Determine materiality
financial statements.  Prepare the planning memorandum & audit program (audit plan),
which contains the auditor's response to identified risk
Phase 3: Implementation Procedures;
(Testing & obtaining Evidence  Tests of controls
Objective: Tests for evidence,  Substantive tests of transactions
supporting internal controls and  Analytical procedures
the fairness of the financial  Tests of details of balances
statements.  Search for un recordable liabilities, etc.
Phase 4: Evaluation, Procedures;
Conclusion & Reporting  Evaluate governance evidence
Objective: Complete the Audit-  Perform procedures to identify subsequent events
procedures and issue an opinion  Review financial statement & other material report
- issuing an audit report  Perform wrap-up procedures
 Prepare management letter - weaknesses & recommendations
 Prepare Audit Report, etc.

Matters to Consider in Preparation of Audit Plan (CPA Nov20l7 Qn4b)

 Changes in the organisation and organisational structure, change in management, changes in the clients
activities, all of which are essential as they will affect the entire internal control system in so far as they
weaken it in the short run.
 Current government legislation affecting client, e.g. changes in taxation rates, policies, changes in the
statutes affecting the company all of which must be accommodated in the audit plan.
 Changes in technology. This may have the effect of changing the internal control system, accounting
systems, number and nature of transactions.
 Nature & timing of reports or other communication with client, expected under the engagement.
 Degree of reliance, auditor expects to be able to place on accounting system & internal control.
 Conditions requiring special attention e.g. existence of related parties. These have to be checked
because they will affect the company's internal control system. In most cases they will weaken the
system or may be weak due to laxity/indifference of related parties in supervision.
 Terms of engagement and any statutory responsibilities, to ensure that the scope is covered.
 The accounting policies adopted by the client and changes in those policies.
 The effect of new accounting or auditing pronouncements on the audit.
 Conditions requiring special attention, such as the possibility of material error or fraud or involvement
of related parties.
 The nature and extent of audit evidence to be obtained.
 The work of internal auditors and the extent of their involvement, if any, in the audit.
 The involvement of other auditors in the audit of subsidiaries or branches of the client.
 The auditor should check the automation of accounting systems so that he assesses their impact on the
company's overall performance and also on the internal control system.

CPA Page 22

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

IC.8 PROFESSIONAL SKEPTIGSM, JUDGMENT & MATERIALITY

Professional Skepticism & importance (CPANov20l7Qn4c; Jun2018 Qn3a.i)
Professional scepticism is an attitude that includes a questioning mind, being alert to conditions which may
indicate possible misstatement due to error or fraud, & a critical assessment of audit evidence.
As per ISA" 200, the auditor should plan and perform an audit with professional skepticism recognizing
that circumstances may exist that cause the financial statements to be materially misstated. The engagement
team is required to make a critical assessment of the validity of the audit evidence obtained and should be
alert to evidence that contradicts or brings into question the reliability of documents and responses to
inquiries and other information obtained from management and those charged with governance. The audit
team needs to be alert to conditions that may indicate possible fraud and circumstances that suggest the
need for audit procedures in addition to those required by the ISAs. The attitude of professional scepticism
is necessary throughout the audit to reduce the risk of overlooking unusual circumstances, of over-
generalizing conclusions drawn from audit observation, and of using incorrect assumptions in determining
the nature, timing and the extent of the audit procedures and evaluating the results.
Professional Judgments importance (CPA Nov20l2ii,’ Jun2018; Qn3a,ii,)
Professional judgment is the application of relevant training, knowledge & experience in making informed
decision about the courses of action that are appropriate in circumstances of the audit engagement.

As per ISA 200, the auditor should exercise professional judgment in planning and performing an audit of
financial statements. Professional judgment is essential to the proper-conduct of an audit. This is because
interpretation of relevant ethical requirements and the ISAs and the informed decisions required throughout
the audit, cannot be made without the application of relevant knowledge and experience to the facts and
circumstances.
Materiality - determination guidance & importance
To emphasize, an audit gives only a reasonable assurance that the financial statements are free from
material misstatements. A matter is material if it omission or misstatement would reasonably influence the
economic decisions by a user of the audit report. Materiality is affected by the size and nature of the
misstatement.
Importance — assessment/setting of materiality thresholds assists;
As an aid, together with risk assessment, to establishing the nature, timing and extent of audit
procedures to reduce the audit risk to an acceptably low level!
To decide what items to examine and whether to use sampling and substantive analytical
procedures in relation to classes of transactions, account balances, and disclosures.
In deciding which transactions are to be tested.
In evaluating potential and actual quantitative misstatements.
Determination - Setting of materiality level/thresholds may be regarded as a 2-stage process:
Overall materiality level - Setting the materiality level for the financial statements as a whole. This
is set at planning stage and used at opinion stage to determine whether the aggregate of all
misstatements do not exceed the materiality level set for the engagement,
Individual materiality level - Setting a materiality level for individual audit areas, where considered
necessary. Particular items may be of such significance that the user of the financial statements may
apply a different materiality level to them.

CPA Page 23

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

Thresholds/Ranges - Range of values approach is normally considered. Similarly, below are 6 possible
measures of audit materiality suggested by ICPAU for the financial statements as a whole i.e. overall
materiality thresholds/levels;
 0.5% of turnover or revenues, or
 1 % of turnover or revenues, or
 5% of pre-tax profit, before significant directors' profit-related bonuses, significant directors'
remuneration (if substantial) and perhaps exceptional items (depending on their nature), or
 10% of pre-tax profit, before significant directors' profit-related bonuses, significant directors'
remuneration (if substantial amounts of profit are voted as remuneration) and perhaps exceptional items
(depending on their nature), or
 1 % of total assets (before deducting liabilities); or
 2% of total assets (before deducting liabilities).
1.C.9 RISK ASSESSMENT - AUDIT RISK, COMPONENTS, BUSINESS RISK & FRAUD RISK
RESPONSES
Audit Risk - meaning (CPANov20I2 Qn3a; Jun20I4Qn4a, Jun2018 Qn4a)
This is "the risk that the auditor expresses an inappropriate audit opinion when the financial statements are
materially misstated". Audit risk is a function of the risks of material misstatement and detection risk. The
assessment of risks is based on audit procedures to obtain information necessary for that purpose and
evidence obtained throughout the audit. The assessment of risks is a matter of professional judgment, rather
than a matter capable of precise measurement. The engagement team reduces risk by designing &
performing audit procedures to obtain sufficient appropriate audit evidence to draw reasonable conclusion
on which to base the audit opinion. Reasonable assurance is obtained when audit risk is reduced to an
acceptably low level.
Components of Audit Risk (CPAJun20l4 Qn4a)
(i) Inherent risk - Is the susceptibility of an assertion about a class of transactions, account balances or
disclosure to a misstatement that could be material either individually or when aggregated with other
misstatements, before consideration of any related controls. Inherent risk is the risk that an
omission/misstatement will exist in the financial statements (based on assertion) and will not be identified
during the audit, due to uncontrollable factors existing in the entity's environment or arising out of
circumstances other than a failure of internal control i.e. existing before internal controls or mitigating
factors are implemented. Simply, risk that the auditor will express an inappropriate audit opinion (i.e. will
not detect material misstatement) due to other factors other than due to ineffective internal controls (control
risk) or auditor's inappropriate procedures (detection risk). Such factors/circumstances normally include;
complex transactions, client's unique environment e.g. insurance or banking or oil & gas; transactions or
account balances requiring a high degree of judgment e.g. estimates, among others.
(ii) Control risk - Is the risk that a material misstatement that could occur about a class of transactions,
account balances or disclosure that could be material either individually or when aggregated with other
misstatements, will not be prevented or detected and corrected, on a timely basis by the entity's internal
control. Simply, control risk is the probability that a material misstatement exists in the financial statements
(based on assertion) because it was not either prevented or detected or corrected by the entity's internal
control system. Thus, the risk that the auditor will express an inappropriate audit opinion (i.e. will not
detect material misstatement) due ineffective internal controls.

CPA Page 24

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

(in) Detection risk - Is the risk that the procedures performed by the auditor to reduce audit risk to an
acceptable low level will not detect a misstatement that exists and that could be material, either individually
or when aggregated with other misstatements. Simply, detection risk is the possibility that an auditor fails
to identify material misstatements in the financial statements due to his applied inappropriate audit
procedures and, determines that there are no material omissions/errors even though they're present.
Risk Assessment Process
An entity's risk assessment process is its process for identifying and responding to business risks and the
results thereof. For financial reporting purposes, the entity's risk assessment process includes how
management;
=> identifying risks relevant to the preparation of financial statements (identification)
=> estimating their significance (rating as per its impact),
=> assessing the likelihood of their occurrence (ranking as per its probability of occurring),
=> deciding upon actions to manage them (responses to identified & assessed risks).
Note: Assessment of Risks of Material Misstatement may exist at 2 levels
 The overall financial statement level. This refers to risks of material misstatement that relate
pervasively to financial statements & potentially affect many assertions (planning materiality).
 The assertion level for classes of transactions, account balances, & disclosures. This is assessed in
order to determine the nature, timing, and extent of further audit procedures necessary to obtain
sufficient appropriate audit evidence. This evidence enables the auditor to express an opinion on the
financial statements at an acceptably low level of audit risk. The risks of material misstatement at
the assertion level consist of two components: inherent risk and control risk. Inherent risk and
control risk are the entity's risks; they exist independently of the audit of the financial statements
(Tolerable Error).
Business Risks (CPA Nov2012 Qn5a, iii, Aug2018 Qn1a&b)
This is a risk resulting from significant conditions, events, circumstance, actions or inactions that could
adversely affect an entity's ability to achieve its objectives and execute its strategies, or from the setting of
inappropriate objectives and strategies. Business risk can't be eliminated but must be managed by the
company by; identification of likely business risk, determining relevant company policy with responsive
strategies (including designing internal control systems, and implementation of established strategies.
Financial Statement (Audit) Risks
It is important that you do not confuse the concepts of audit risks and business risks. Audit risk is "focused
on the financial statements of a company" unlike business risk which is "related to the company as a
whole". For exam purposes, identification of audit risks must be made & explained in relation with
financial statements.
Examples of business risks include; loss of key customers, high labour turnover, over expansion or
increased customers which may result into failure to meet customers' needs, deteriorating public image,
completion risk arising from new rivals, etc.
Examples of financial statement risks (audit risks) (CPA Jun20I4 Qn2a; Aug20I3 Qn.la) include; improper
revenue recognition due to cutoff issues, overstatement of expenditures, under-declaration of tax liabilities,
foreign exchange risk, credit risk, compliance risk, systems risk, interest rate risk, fraud risk e.g.
misappropriation of company's cash. Misuse of company’s assets, theft, etc.

CPA Page 25

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

Note: Please remember business risk is outside the scope of CPA"P12 but rather under the scope of CPA
P17. However, the examiner sometimes crosses boundaries for topics like audit planning and risk
assessment which alternates in many papers under CPA syllabus.
Fraud Risk - Assessment of risks due to fraud, and effect on strategy & work done
Specific audit procedures have to be designed and performed in response to risks of material misstatements
due to fraud. The audit procedures at the assertion level may include changing the nature, timing and the
extent of audit procedures to obtain audit evidence that is more corroborative. These may include;
♦ Physical observation or inspection of certain assets
♦ Testing the integrity of computer-produced records and transactions
♦ Use of CAATs to gather more evidence about significant accounts or electronic files
♦ Obtaining additional corroborative evidence
♦ Extended use of external confirmation to also confirm the terms of trade
♦ Modifying the timing of substantive procedures e.g. with cut-off tests
♦ Increasing the sample size or performing detailed analytical procedures
♦ Visiting certain locations, or performing certain tests on a surprise basis
♦ Altering audit approach in the current year e.g. contacting customers in writing & orally
♦ Conducting interviews of personnel involved in areas identified with fraud risk
1.C.10 UNDERSTANDING THE ENTITY & ITS ENVIRONMENT
What? The engagement team should obtain an understanding of the following (regarding entity and its
environment, including its internal control): (CPAJun20l3 Qn3b)
♦ Relevant industry & regulatory, including applicable financial reporting framework
♦ Nature of the entity, including its operations, ownership and governance structures
♦ Entity's selection and application of accounting policies including the changes thereto - if its
accounting policies are appropriate & consistent with applicable reporting framework
♦ Objectives & strategies, and related business risks that may result in material misstatement of the
financial statements
♦ Measurement and review of the entity's financial performance - if financial performance pressures
can increase the chance of material misstatements.
♦ Entity's internal control - to identify types of potential misstatements, consider the design, nature,
timing and extent of further audit procedures.
How? The engagement team usually obtains an understanding of the entity & its environment, including
internal control through:
► Information obtained while performing the client acceptance and continuation procedures
► Inquiries of management and others within the entity including employees, internal audit and those
charged with governance
► Analytical procedures
► Observation of entity's activities & operations including visits to premises & plant facilities
► Inspection of documents such as business plans, internal control manuals, management & board and
management minutes, management reports and interim financial statements
► Tracing transactions through the information systems relevant to financial reporting

CPA Page 26

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

► External sources e.g. bank or rating agency reports, legal counsel, valuation experts, trade journals
and regulatory and financial publications.
1.C.11 AUDIT DOCUMENTATION (WORKING PAPERS)
Nature, extent, & purpose
In accordance with ISA 230, the working papers should be sufficiently complete and detailed to provide an
overall understanding of the audit. The auditor should prepare audit documentation that is sufficient to
enable an experienced auditor, having no previous connection with the audit, to understand:
a. The nature, timing & extent of the audit procedures performed to comply with the ISAs and applicable
legal and regulatory requirements
b.The results of the audit procedures performed, and the audit evidence obtained
c. Significant matters arising during the audit, the conclusions reached thereon, & significant professional
judgments made in reaching those conclusions.
Standardized Working Papers & Importance (CPAJun20ll Qn4b; Dec2016 Qn3b.i)
Standard working papers are pre-set guiding documents with procedures/guidelines on what to be done and
how to obtain sufficient appropriate audit evidence e.g. checklists & specimen letters.
 Use of standardized working papers can improve the efficiency with which working papers are
 prepared and reviewed via saving time.
 They assist in performing detailed procedures and thus, adequate work-done
 They facilitate the delegation of work while providing a means to control quality
 They help in saving costs, in terms of fewer hours taken and involving less experienced staff
Purpose of documentation (why working papers?) (EPANov20I3 Qn2d Nov20I7 Qn3a)
 Provide evidence of the auditor's basis for a conclusion about the achievement of the overall
objectives of the auditor; and
 Provide evidence that the audit was planned and performed in accordance with ISAs and v
applicable legal and regulatory requirements.
 Assist the engagement team to plan and perform the audit.
 Assist members of the engagement team responsible for supervision to direct and supervise the
audit work, and to discharge their review responsibilities.
 Enable the engagement team to be accountable for its work.
 Retain a record of matters of continuing significance to future audits.
 Enabling the conduct of quality control reviews and inspections.
 Enable the conduct of external inspections in accordance with applicable legal, regulatory or other
requirements.
Basis for the form & content of documentation
ISA 230 states that the form and contents of the working papers is affected by the:
 The size and complexity of the entity.
 The nature of the audit procedures to be performed.
 The identified risks of material misstatement.
 The significance of the audit evidence obtained.
 The nature and extent of exceptions identified.
 The need to document a conclusion or the basis for a conclusion not readily determinable from the
documentation of the work performed or audit evidence obtained.
 The audit methodology and tools used.

CPA Page 27

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

Contents of working papers and supporting documents (CPAdun20II Qn4a; Dec2016 Qn3b)
► Information obtained in understanding the entity and the environment in which it operates.
Evidence of auditor's understanding of the accounting and internal control and assessment of v/ the
control environment.
► Evidence of the planning process including audit programs and changes thereto.
► Evidence of the auditor's consideration of the work of the internal audit function and the
conclusions there from.
► Analysis of significant trends and ratios.
► Analysis of transactions and balances, including the nature, extent and timing of the tests.
► Identified & assessed risks of material misstatement at both F/S & assertion levels.
► Record of the nature, timing and extent of the audit procedures performed in response to risk at the
assertion level and the results of such procedures.
► An indication as to who performed the audit procedures and when they were performed.
► Evidence that the work performed by assistants was supervised and reviewed.
► Correspondence and notes of discussions including engagement letters and material weaknesses in
internal controls.
► Letters of representation.
► Conclusions reached by engagement team on significant aspects of the audit, including how
exceptional & unusual matters, if any, disclosed by audit procedures were resolved
► Evidence that consultations have been documented & contentious issues fully resolved :
► Copies of the financial statements and the auditor's report.
Form of documentation (qualities of well-prepared working papers) (CPANov20l7 Qn3b)
All working papers, except electronic evidence, should be clean, neat, legible and prepared in ink.
 To ensure that working papers are easily identifiable, they should clearly contain the:
 Should contain client's name
 Should stipulate the subject matter
 Should indicate the accounting period
 Preparer's initials with the date prepared, should be included
 Reviewers initials with the date reviewed, should be included
 All symbols used should be clearly explained ^
 Permanent files should be timely and periodically updated, with information from current file
 Personal judgment, where this has been made should be clearly explained
 Should be kept in hard cover files & retained for sufficiently long period of time, at least 6yrs for
current & 15yrs for permanent file
 Should be properly indexed to facilitate cross reference (within a sequential indexing system,
following the main schedule references listed on a master index).
Current & Permanent Files
Depending on the size of the assignment, it is recommended that at least two types of files be maintained,
one a (current audit file ("CAF") and the other a permanent audit file ("PAF").
CAF - contains information & audit evidence relating to the accounting period currently under review,
purpose of which is to support the opinions and statements made in the audit report.

CPA Page 28

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

PAF - contains information of continuing importance which may be updated at each audit. Such
information could be useful background; other information would include terms of engagement, internal
control and accounting systems notes and other documents of historical record which are unlikely to be
directly relevant to the current year audit e.g. signed copies of leases and signed copies of financial
statements for prior years.
Contents of CAF- likely information; (CPANov2O1l Qn5b)
 Client background - overall statement of the audit area's business and control objectives, "together
with the internal control structures relied upon.
 Internal control of descriptions - details of preventive, corrective, detective & directive controls that
management believe it has in place & relies on for each of the control objectives,
 Audit program - contains the tailored and updated audit program. It is a schedule of the detailed
tests to be carried out.
 Results of the audit test - record of the actual audit work performed and the detailed results from the
procedures performed,
 Audit comment worksheets - detailed comments are written for each exception, finding or control
weakness encountered during the audit.
 Report planning worksheets - contains the final audit report issued to the business being audited and
reported on.
 Follow up program - this is a schedule of the detailed testing to be carried out that will examine the
results of any changes carried out as a result of the original audit,
 Ongoing concerns - this section is used to record items of ongoing concern for future audits,
Administration / correspondents - this section contains all minutes of meetings, together with
administrative correspondences especially; engagement memo, & closing meeting minutes.
Contents of PAF-likely information; (CPANov20I3 Qn2b; Nov20I7 Qn3c)
►Agreements and key contracts ► Organizational Chart
►Key ratios ► Risk assessments
►Deviations ► An audit program
► Other correspondence and
► Legal and Regulatory issues affecting the business.
► Descriptions of business activities, systems, procedures and business plan.

SECTION 1.D: INTERNAL CONTROLS

1.D.1 INTERNAL CONTROL SYSTEMS
Internal control is the process designed and affected by those charged with governance, management and
other reasonable assurance about the achievement of the entity's objectives with regard to reliability, of
financial reporting, effectiveness and efficiency of operations and compliance with applicable laws &
regulations. Components/elements of internal control system^ are delineated below; (CPAJun20ll Qn5b;
Nov2018 Qn4Aii)

1.D.2 COMPONENTS OR ELEMENTS OF INTERNAL CONTROL SYSTEMS, AS per COSO

The Committee of Sponsoring Organisations (COSO) internal control framework consists of five
interrelated components derived from the way management runs a business. According to COSO, these

CPA Page 29

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

components provide an effective framework for describing and analyzing the internal control system
implemented in an organization as required by financial regulations;
The control environment (CPA Jun2014 Qn4c). Components of control environment are; Communication
and enforcement of integrity and ethical values, Commitment to competence, Participation by those
charged with governance, Management's philosophy and operating style, Organisational structure,
Assignment authority and responsibility, and Human resource policies & practices.
The entity's risk assessment process. The entity's risk assessment process for financial reporting includes
how management identifies risks relevant to the preparation of financial statements that give a true and fair
view in accordance with the entity's applicable financial reporting framework, estimates their significance,
assesses the likelihood of their occurrence, and decides upon actions to manage them. For example, the
entity's risk assessment process may address how the entity considers the possibility of unrecorded
transactions or identifies and analyses significant estimates recorded in the financial statements. Risks can
arise or change due to circumstances such as the following; Changing operating environment, new
personnel, new or revamped information systems, rapid growth, new technology, new business
models/products/activities, corporate restructuring, expanded foreign operations & new accounting
pronouncements, etc.
The information systems, including the related business processes, relevant to financial reporting,
and communication. An information system consists of infrastructure (physical and hardware
components), software, people, procedures, and data. The information system relevant to financial
reporting objectives, which includes the financial reporting system, consists of the procedures and records
established to initiate, record, process, and report entity transactions (as well as events and conditions) and
to maintain accountability for the related assets, liabilities, and equity. Communication involves providing
an understanding of individual roles and responsibilities pertaining to internal control over financial
reporting - through policy manuals, accounting and financial reporting manuals, and memoranda. It
includes the extent to which personnel understand how their activities in the financial reporting information
system relate to the work of others and the means of reporting exceptions to an appropriate higher level
within the entity.
Control activities. Control activities are policies & procedures that help ensure that management directives
are carried out, for example, that necessary actions are taken to address risks that threaten the achievement
of entity's objectives. They can be classified as follows; (i) performance reviews, (ii) Information
processing (application controls & general IT controls), (iii) Physical
controls, and (iv) Segregation of duties. (CPANov20l8 Qn4a,i)
Monitoring of controls. Monitoring of controls is a process to assess the quality of internal control
performance over time. It's done through ongoing monitoring activities, separate evaluations or both. It
involves assessing the design and operation of controls on a timely basis and taking necessary corrective
actions. For example, if the timeliness and accuracy of bank reconciliations are not monitored, personnel
are likely to stop preparing them.
l.D.3 TESTS OF CONTROLS (INTERNAL CONTROL PROCEDURES OR TECHNIQUES)
► Observation as a test of control or technique/procedure of gathering audit evidence: This relates with
direct observation of performance of the control. Observation consists of looking at a process or
procedure being performed by others, e.g. observation of the performance of internal control
procedures that leave no audit trail. Observing the performance of a control procedure or monitoring
CPA Page 30

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

activity provides substantial evidence of its effectiveness, e.g., one might be assured about the
effectiveness of inventory counting control procedures by seeing that those performing the count follow
management's written instructions.
► Inquiry (of client personnel) as a test of control or procedure/technique of gathering audit evidence:
This involves interviews, which can be either in-person or through the use of questionnaires. Inquiry
consists of seeking information of knowledgeable persons inside or outside the entity. Inquiry evidence
is based on interviews concerning the effectiveness of controls. Inquiry may be either in a direct or an
indirect form. Direct inquiry involves asking questions of the persons who perform control procedures
or monitoring activities. Indirect inquiry involves asking questions of other persons who are in a
position to know whether the control procedures are operating effectively even though they do not
perform the procedures themselves, e.g., auditor may determine that unauthorized personnel are not
allowed access to the computer files by asking the computer librarian or a user of the computer system.
► Inspection as a test of control or procedure/technique of gathering audit evidence: This relates with
physical examination or inspection of support documents evidencing internal controls. Inspection
consists of examining records, documents, or tangible assets. Many control activities leave a clear trail
of documentary evidence in the form of either written or computer records. If performance of a control
or monitoring activity is documented, we may obtain evidence of its performance by examining the
trail of documents (audit trail). Some documentary evidence may be stronger than others.
► Re-performance as a test of control or procedure/technique of gathering audit evidence: This involves
transaction testing and re-performance of the control (the latter being most commonly used when
testing automated controls in computer environment). Re-performance is to perform the task done by
an employee to verify the result of the transaction. If content of documents and records is insufficient to
assess whether controls are operating effectively, the auditor re-performs the control activity to see if
proper results were obtained e.g. an auditor may trace sales prices on a sales invoice to the authorized
price list in effect at the date of operation. Additionally, a computer audit specialist may use client's
computer & attempt to enter transactions into the accounting systems that have characteristics that
should cause them to be rejected.
The following key factors are considering when executing tests of controls;
 Nature of tests of controls
 Timing of tests of controls
 Extent of tests of controls
ISA 330 requires the engagement team to perform tests of controls when the engagement team's risk
assessment includes an expectation of the operating effectiveness of controls or when substantive
procedures alone do not provide sufficient appropriate audit evidence at the assertion-level. The
engagement team is required to obtain sufficient and reliable audit evidence that the controls were
operating effectively at all relevant times during the audit. Testing the operating effectiveness of controls is
performed only on those controls that the engagement team has determined are suitably designed to
prevent, or detect and correct, a material misstatement in an assertion. Testing the operating effectiveness
of controls is different from obtaining audit evidence that controls have been implemented. The following
factors are considered;
o Key controls.

CPA Page 31

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

o The degree of reliance required.

o Which controls address similar assertions to substantive procedures,
o How easily controls can be tested.
o The evidence gained from previous years and the impact of any changes,
o The IT environment, Cost effectiveness and staff requirements,
o Any specific legal or regulatory requirements.
Note: A control is considered effective only if no exceptions are noted from the sample selected. As per
ICPAU guidance, if 1 to 3 exceptions are noted, a new sample is selected & tested. If one exception is
noted in second sample, the control is concluded not to be operating satisfactorily. If more than four
exceptions are noted in the initial sample selected, the control is also concluded not to be operating
satisfactorily.

1.D.4 INTERNAL CONTROLS, CONTROL OBJECTIVES & TESTS OF CONTROLS -AUDIT

OF INTERNAL CONTROLS
Sales Revenue & Accounts Receivables
Control Objectives: To ensure that; (CPAJun20l4 Qn2b)
 sales are made to valid customers
 all sales are recorded accurately
 cash is collected wtfhin a reasonable period
 control procedures over sales and receivables are effective
Internal Controls over sales revenue & receivables (CPA May2019 Qnla)
a) Orders
 Orders should be checked against customer's account, evidenced by approved order
 New & existing customers should be allocated a credit limit, with clear exceptions if any
 All orders received should be recorded on pre-numbered sales order documents
 All orders should be authorized before any goods are dispatched
 No goods sold may be dispatched without a dispatch note and a sales order
b) Dispatch
 Dispatch notes should be pre-numbered & register kept to relate sales invoices & orders
 Goods dispatch notes should be authorized as goods leave and checked periodically
c) Invoicing & credit notes
 Sales invoices should be authorized by responsible officer & referenced to original authorized order
and dispatch note
 All invoices & credit notes should be entered in sales day book records, the accounts receivable
ledger, and accounts receivable ledger control account.
 Sales invoices and credit notes should be checked for prices, casts and calculations by a person
other than the one preparing the invoice.
 All invoices and credit notes should be serially pre-numbered and regular sequence checks should
be carried out.
 Credit notes should be authorized by someone unconnected with dispatch or accounts receivable
ledge functions

CPA Page 32

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

 Copies of canceled invoices should be retained.

 Any invoices cancelled should lead to a cancellation of the appropriate dispatch note.
 Cancelled and free of charge invoices should be signed by a responsible official.
 Each invoice should distinguish between different types of sales and any sales taxes. Any coding of
invoices should be periodically checked independently.
d) Returns
 Any goods returned by the customers should be checked for obvious damaged and, when accepted a
document should be raised.
 All goods returned should be used to prepare appropriate credit notes.
e) Receivables
 Receivables ledger control a/c should be prepared regularly & checked receipt functions
 Receivables ledger personnel should be independent of dispatch & cash receipts roles
 Statements should be sent regularly to customers
 Formal procedures should exist for following up overdue debts either by the preparation of an aged
list of balances or in the preparation of statements to customers
 Letters should be sent to customers for collection of overdue debts
 Reconciliation of the control account and the sales ledger
f) Bad debts
The authority to write of a bad debt should be given in writing and adjustments made to the accounts
receivables ledger.
The use of court action or writing-off of a bad debt should be authorized by an official independent of the
cash receipt function.
Purchases & Accounts Payables (CPAdun20l5 Qn2a; Aug2017 Qn lb)
Control objectives. To ensure that; (CPAJun2012 Qn2a; Aug20I7 Qnla)
 Purchased goods are ordered under proper authority and using proper procedures
 Requisitions are raised and approved by stores manager
 Purchased goods/services are only ordered as necessary i.e. when there's genuine need
 Quotations are obtained from suitable & pre-approved list of suppliers
 Goods delivery notes are signed by stores keeper
 Goods/services received are inspected for quality, quantity and description
 Purchase invoices and related documentation are properly checked and approved as being valid
before being entered as trade creditors
 Only valid transactions relating to payables, should be accurately recorded in the entity's accounting
records and paid
 The payment vouchers are approved by the finance director or any responsible officer
a) Orders
Requisition notes for purchases should be authorized.
All orders should be authorized by responsible officer with pre-defined authority limits.
Major items e.g. capital expenditure, should be authorized at an appropriate level, possibly by the Board of
Directors
All orders should be recorded official documents showing suppliers' names, quantities ordered price.

CPA Page 33

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

Copies of orders should be retained as a way of following up late deliveries by suppliers.

Re-order levels and quantities should be pre-set and preferably recorded in advance on the Requisition
note.
b) Receipt of goods
Goods inwards areas should be identified to deal with the receipt of all goods.
All goods should be checked for quantity, quality & description. Goods received notes (GRN) should be
raised for all goods accepted, and signed by a responsible official.
A?
GRNs should be checked against purchase orders and procedures should exist to notify the supplier of
under or over-deliveries.
GRNs should be sequentially numbered and checked periodically for completeness.
c) Invoicing and returns
 Purchase invoices received should be stamped received & given a unique serial number.
 Purchase invoices should only be recorded after matching with GRNs & LPOs.
 The purchase invoices should be signed as approved for payment by a responsible officer independent
of the ordering and receipt of goods functions.
 Invoice sequential numbers should be checked against purchase day book details.
 Input VAT should be recorded separately from the expense element of the invoice total.
 Invoices should be properly allocated to the nominal ledger accounts, perhaps by allocating
expenditure codes. A portion of such coding should be checked independently.
 A record of goods returned should be kept & checked to credit notes received from suppliers
d) Purchase ledger and suppliers
 A payables ledger control account should be maintained and regularly checked against nces in the
purchase ledger by an independent official.
 Payables ledger records should be kept by persons independent of the receiving of goods, invoice
authorization and payment routines.
 Statements from suppliers should be checked against the ledger account
Inventory (Stock)
There (3) types of Inventory; (CPAAug20l5 Qn4c)
i) Raw materials
(ii) Work in progress
(iii) Finished goods and goods purchased for resale.
Control objectives
 Authorization and purchase procedures
 Control over goods inwards
 Inventory records supported by physical inventory counts
 Control over dispatches and goods outwards
 Adequate steps should be taken to identify all inventory for which provisions may be required on
the grounds that their net realizable value is below cost
 Inventory levels should be controlled so that materials are available when required but that
inventory is not unnecessarily large

CPA Page 34

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

a) Approval & Control of Documents

 Issues from inventories should be made only on properly authorized requisitions.
 Reviews of damaged, obsolete and slow moving inventor/ should be carried out. Any write¬offs
should be authorized.
b) Arithmetical Accuracy
 All receipts & issues should be recorded on inventory cards, cross-referenced to appropriate GRN
or requisition document
 The costing department should allocate direct and overhead costs to the value of work-in-progress
according to the stage of completion reached
 When standard costing is used, such standards must be regularly reviewed to ensure that they relate
to actual costs being incurred
 If the value of work-in-progress is directly comparable with the number of units produced, checks
should periodically be made of actual units against work-in-progress records
c) Control Accounts
 Total inventory records may be maintained & integrated with the main accounting system. If so
they should be reconciled to detailed inventory records & discrepancies investigated
d) Comparison of Assets to Records
 Inventory levels should be periodically checked against the records by a person independent of the
stores personnel, and material differences investigated.
 Where perpetual inventory records are not kept adequately a full inventory count should be held at
least once a year.
 Maximum and minimum inventory levels should be pre-determined and regularly reviewed for
adequacy.
 Re-order quantities should be pre-determined and regularly reviewed for adequacy.
e) Access to Assets & Records
 Separate centers should be identified at which goods are held.
 Deliveries of goods from suppliers should pass via a goods inwards section to stores, for being
checked as received & recorded.
 Inventories should be held in their locations so that they are safe from damage or theft.
 All inventory lines should be identified and held together e.g. in bins which are marked with all
relevant information as to size, grade, origin, title for identification.
 Access to stores should be restricted. A registration book should equally be put at entrance
Tests of Controls - some of the tests that can be performed; (CPAJun20l2 Mb)
 Visit store & physically observe physical security/env't of inventories in which they're held
 Review inventory records & confirm recording of inventory movements in/out of inventory.
 Inspect relevant documents (issuance vouchers, GRNs, etc.) for authorization over inventory
 Request for authorization & approval letter for write-off or scrapping of inventories, if any
 Request or send confirmation from third parties, if inventory is held by them
 Inspect reconciliations of inventory counts to inventory records (this gives overall comfort on the
adequacy of controls over the recording of inventory).
 Check sequences of dispatch and goods received notes for completeness.
 Attend inventory count to ensure they are carried out
 Request for inventory count procedures or management policies, and assess their adequacy
CPA Page 35

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

Expenditure - Operating (revenue) & Capital Expenditures

 All expenditures esp. capital expenditure, should be appropriately authorized & approved
 Pre-numbered expenditure or purchase orders and payment vouchers
 Authorised personnel to initiate all purchases or expense payments
 Deliveries are accepted on verification of purchase order, esp. for capital expenditures
 Invoices, purchase orders and receiving reports matched to verify invoice for processing and
payment of capital & operating expenditures
 Expected refunds (relating to expenditures) are followed up
 Paid invoices are cancelled with a stamp - 'paid' or punch
 Cheque signatories have limits, for all payments - capital & operating expenditures
 Authorised person responsible for petty cash fund - including petty cash expenses
 Accounts payable is reconciled on a regular basis
 Inventory is protected and accounted for both physically and in terms of dollar value
 Proper authorization procedures apply for release of goods from stores from recognised as cost of
sales (expenses)
Payroll (Salaries & Wages) (CPA Aug2016 Qnla)
a) Wages (control procedures)
 There should be written authorization to employ/dismiss any employee, as per policies/laws
 Changes in wage rates should be authorized in writing by officer outside wages department
 Overtime worked should be authorized by supervisors outside payroll & as per policy
 An independent official should check the payroll and sign it.
 Wages' cheque should be signed by two signatories evidenced against signed payroll.
 Where pay relates to hours at work, some form of time recording should be used e.g. time sheets,
automatic entry swipe card systems or other clock cards should be used.
 When employees have-been absent for a significant period, their entitlement to salary should be
checked against personnel details.
 Direct bank transfers should also be signed & checked regularly against personnel files.
 Personnel records should be kept for each employee e.g. employment contract, retirement,
dismissal, rates of pay, holidays etc. Key filed documents should be signed by employee
b) Salaries (control procedures)
 Personnel records should be kept similar to those for hourly paid employees
 Written authority should be required to employ/dismiss employees or change salary rate
 Overtime should be authorized by someone outside the payroll department
 The usual checks on deductions are required
 When employees have been absent for a significant period, their entitlement to salary should be
checked against personnel details
 Cheques should have 2 signatories & should be checked against approved payroll entry
 Direct bank transfers should also be signed & checked regularly against personnel files
 Use timesheets or registration book to ensure employees are paid only for work done.
 Payrolls should be independently reviewed to ensure employees are paid at the correct rate.

CPA Page 36

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

 Adopt computer programs e.g. payroll master, to ensure no errors in deductions & net pay
Suggested Tests of Controls over salaries & wages (tests to be performed):
 Test sample of time sheets, clock cards or other records, for approval by responsible official. Pay
particular attention to the approval of overtime.
 Test authority for payment of casual labour, particularly if in cash.
 Observe wages distribution for adherence to procedures ensuring employees sign for wages, that
unclaimed wages are rebanked etc.
 Test authorization for payroll amendments by reference to personnel records
 Test control over payroll amendments
 Examine evidence of checking of payroll calculations e.g. financial controller's signature
 Examine evidence of approval of payrolls by a responsible official
 Examine evidence of independent checks of payrolls (e.g. by internal audit)
 Inspect payroll reconciliations.
 Examine explanations for payroll deductions
 Test controls over unclaimed wages
Cash & Bank
a) Controls over cash sales
 Cash sales should be recorded when the sale is made normally by means of a cash till or the use of
cash sale invoices.
 If cash sale invoices are used, they should be pre-numbered, register should be maintained of cash
sale invoice books and copies should be retained.
 Cash received should be reconciled daily with either till roll or invoice totals, by someone
independent of those receiving the cash and recording the sale.
 Daily banking should be checked against till roll or invoice total & difference investigated
 A responsible officer should sign cancelled cash sale invoices at same time of cancellation.
b) Controls over banking
 Receipts should be banked intact daily
 Each day's receipts should be recorded promptly in the cash book
 Sales ledger personnel should have no access to the cash or preparation of paying in slip
 Periodically, a comparison should be made between the split of cash & cheques;
 received (and recorded in rough cash book)
 banked (and recorded on paying-in slip)
c) Bank reconciliations (CPA Jun2011 Qn3c)
 Bank reconciliations should be prepared at least monthly.
 The person responsible for preparation should be independent of the receipts & payments function.
Alternatively, an independent person should check the reconciliation.
 If reconciliation is prepared independently, the bank statements should be obtained directly from
the bank and held until the reconciliation is completed.
 Preparation should preferably include a check of at least a sample of receipts & payments against
items on the bank statement.
d) Controls over petty cash
CPA Page 37

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

 The level and location of cash floats should be laid down formally.
 There should be restricted access to the floats.
 Cash should be securely held, in a lockable drawer, with restricted access to keys
 All expenditure should require a voucher signed by responsible official, not petty cashier
 The imprest system should be used to reimburse the float, i.e. at any time the total cash and value of
vouchers not reimbursed equals a set amount.
 Vouchers should be produced before the cheque is signed for reimbursement.
 Vouchers should be cancelled once reimbursement has taken place.
 Maximum amount should be placed on a petty cash payment to discourage normal purchase
procedures being by-passed.
 Periodically, the petty cash should be reconciled by an independent person.
 Rules should exist preferably preventing the issue of 'lOUs' or the cashing of cheques.
Tests of controls - cash receipts
 Test independent check of cash receipts to bank lodgments.
 Test for evidence of a sequence check on any pre-numbered receipts for cash.
 Test authorization of cash receipts.
 Test for evidence of arithmetical check on cash received records.
Tests of controls - cash payments
 Inspect current cheque book for;
o sequential use of cheques
o controlled custody of unused cheques
o any signature on blank cheques.
 Test (to avoid double payment) to ensure that paid invoices are marked 'paid'
 Test for evidence of arithmetical check on cash payment records, including cashbook
 Examine evidence of authority for current standing orders and direct debits.
Tests of controls (bank reconciliation) - general cash & bank balance
 Examine evidence of regular bank reconciliations (usually one per month).
 Examine evidence of independent check of bank reconciliations (e.g. a signature).
 Examine evidence of follow-up of outstanding items on bank reconciliations. Pay particular
attention to old outstanding reconciling items that should be written back such as old unpresented
cheques.
Applicable Matters to the Cash Count exercise; (CPAJun20I2 Qn2c)
 All cash/petty cash books should be written up to date in permanent/indelible ink (or other
permanent form) at the time of the count
 All cash balances must be counted at the same time
 All negotiable securities (e.g. IOU) must be available & counted at the same time other cash
balances are counted
 At no time should the auditors be left alone with the cash/ negotiable securities
 All cash & securities counted must be recorded on working papers & cash in hand certificate
 Reconciliations should be prepared as appropriate (e.g. impress petty cash float or cash-in-hand
from sale sources)

CPA Page 38

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

1.D.5 COMPLIANCE TESTS - TOC VS. SUBSTANTIVE PROCEDURES & INTERNAL

CONTROL LIMITATIONS
Tests of Control Vs. Substantive Procedures
► Test of controls (TOCs) - these are tests designed to obtain reasonable assurance that financial
information system controls are in place and effective. Tests of controls are audit procedures to test
the effectiveness of control policies and procedures in support of a reduced control risk. The extent
to which the tests of controls are applied depends on the assessed control risk. The lower the
assessed control risk, the more extensive the tests of controls should be in order to support the high
degree of reliance upon internal control. How much & what evidence is sufficient to support
specific assessed level of control risk is a matter of professional judgment depending on auditor's
decisions about the nature, timing, and the extent of tests of controls. Nature of tests of controls is
that the tests generally consist of one (or a combination) of four types of evidence-gathering
techniques; observation, inspection, inquiry and re-performance.
► Substantive procedures - these are tests (audit procedures) performed to obtain audit evidence to
detect material misstatements in the financial statements (at the assertion level). Substantive
procedures are of two types (For details, refer to Sec. G-Substantive procedures);
a. Tests of details of classes of transactions, account balances; and disclosures and
b. Substantive analytical procedures.
Types of Controls & Tests of Controls relevant to an Audit
The entity's controls relate to financial reporting, operations and compliance controls. However, not all the
controls are relevant to the engagement team's risk assessment. Usually the controls relevant to an audit are
those relating to the entity's objective of preparing financial statements for external purposes that give a
true and fair view in accordance with the applicable financial reporting framework and the management of
risk that may give rise to a material misstatement. The following are some of the control types for audit
team's evaluation; (CPA Jun2011 Qn5a)
Management controls - reviews by independent persons are designed to detect errors e.g. authorization &
approval by independent responsible officers
Safeguarding of assets - limiting access of assets to only authorised personnel, safeguarding assets against
theft, etc.
Segregation of duties - to ensure that no one person should be in a position to control all stages of the
processing of a transaction which include; Initiating transactions, recording transactions, handling cash
receipts and payments, and custody of assets.
Application controls - specific controls in automated or manual procedures that are preventive or detective
in nature and are designed to ensure the integrity of the accounting records that transactions are completely
and accurately recorded. Application controls can be grouped as; completeness controls (if all transactions
are recorded), accuracy controls (accurate data), and maintenance controls (if files can only be altered by
transactions processed through properly controlled procedures).
General IT controls - controls which relate to the environment within which computer based accounting
systems are developed, maintained and operated. These include controls over the; reliability of processing
information, integrity of data input & output, integrity of programs used, and computer system
development & implementation.

CPA Page 39

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

Importance & Limitations of an Internal Control Systems

Although auditors place reliance on internal controls, you must understand that there are certain inherent
limitations including;
 Cost vs. benefit. The cost of establishing a system of internal control may be greater than the
benefits. At some stage however the benefits may outweigh the costs.
 Human error. For example, one person makes out an invoice using the wrong selling price and
another one checks it and doesn't see the error.
 Collusion. Where two or more employees cooperate to get around the internal control system,
especially to carry out a fraud or to cover up some error that was made.
 Bypass of controls. Say someone has forgotten to order a vital piece of equipment and that to speed
matters up, instead of getting the proper authorization for the purchase, they issue the purchase
order without that authorization. They are bypassing the controls.
 Non-routine transactions. These rare transactions that no system of internal control has been
devised e.g. disposal of non-current assets, as many of these assets are scrapped when they are
disposed of.

1.D.6 EFFECTS OF RISK ASSESSMENT - PROCESS & FINANCIAL REPORTING CONTROL

EVALUATION
Risk assessment is iterative, and should be performed at regular intervals, or incorporated into existing
processes, such as recurring program or project reviews. Risks are assessed in a four-step process, which
include;
 Risk identification - identifying risks based on entity's key objectives or nature/types of risks
 Risk rating - based on likelihood of occurrence & impact (e.g. high, moderate, low)
 Risk ranking - in the order of risks of rating from; high to low or significant to insignificant
 Risk response - determining responses for the assessed risks (taking action)

After risks are assessed, management can then determine its risk response. Management should have a
clear concept of its level of risk tolerance when determining what actions it will take to manage those risks
that pose the greatest threat to achieving organizational objectives. For example, if management establishes
a performance objective of 100%, is it willing to accept a result of 90%? Once its level of risk tolerance is
set, management can choose its preferred risk response - to accept, avoid reduce, share, or transfer a risk.
Internal Control Evaluations, over Financial Reporting
There are five basic steps in performing the assessment of the effectiveness of internal controls over
financial reporting. They are;
Step 1: Planning
Step 2: Evaluating internal control at the entity level
Step 3: Evaluating internal control at the process level
Step 4: Testing control design and operating effectiveness at the transaction level Step 5:
Concluding, remediation & reporting.
Case Study: CPA P12Aug2016 Qn.1
Kulambiro Processors Ltd (KPL) is an agro-based company dealing in agricultural produce, with head
offices in Kampala and two branches in Mukono and Jinja respectively. The company employees are in
two categories, permanent employees mainly at head office and temporary employees at branches. Branch

CPA Page 40

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

supervisors are responsible for appointing and remunerating the temporary staff at appropriate hourly rates
whereas one of the directors is responsible for employing permanent staff.
There is no standard list of temporary workers who keep joining and leaving without notice.
The wage sheets submitted to head office from branches are never consistent in number of workers and rate
of pay for each worker.
There are no standard hourly rates and how much a temporary employee is paid is at the discretion of the
branch supervisor.
The company has no written down human resource manual to be followed by the branch supervisors.
A review of company's tax returns indicate a discrepancy between the payroll and the returns. The
temporary workers are not included on the tax returns.
The director at head office has included his wife and son on the payroll yet they are not employees of KPL.
Most of the staff at head office have no appointment letters; therefore, there is no reference point for the
terms of service.
You have been approached to audit the payroll system of KPL to come up with findings that will help your
firm form an appropriate audit opinion.
Required:
(a) Identify and explain the potential risks in the payroll system of KPL (12 mks)
(b) Explain the matters that should be considered while auditing the payroll of KPL (8 mks)
(c) Explain analytical procedures to be carried out during audit of KPL payroll system (10mks)
Case Study: CPA P12 Dec2916 Qn.4
Dede Trading Company Ltd (DTCL) deals in sugar. It only sells in bulk and on cash. The shop is managed
by one cashier with the help of two labourers. On making a sale, the cashier receives cash and issues a
receipt to the customer on request. The receipts are from a pre-printed general receipt book which indicates
cash sales. The receipts do not bear the company name and are not sequentially pre-numbered. The cashier
is also in charge of banking the cash from daily sales. He is not supervised; therefore no one checks to
ensure that all cash received is banked. He is also responsible for petty cash disbursements & payments are
made out of the daily cash sales. You are the auditor at BET & Co, and the audit manager has selected you
to be part of the audit team for the audit of DTCL for the year ended 30 June, 2016.
Required:
(a) Explain the control weaknesses in the sales system of DTCL (10 mks)
b) Describe the controls over sales that should be instituted at DTCL (10mks)
Others practice & revision questions;
CPA Jun2015 Qn.2a&b; etc.
SECTION l.E; AUDITING IN INFORMATION TECHNOLOGY (IT) EWT
1.E.1 RISKS AND CHALLENGES OF AUDITING IN AN IT ENVIRONMENT
In all data processing systems, there are genuine security dangers related to: (i) hardware functioning (ii)
software deficiencies, malfunctioning, manipulation (iii) data loss & reconstruction. The auditor has a
responsibility for testing the adequacy of the controls designed to overcome such dangers.
Limitations of using Electronic Data Processing Methods (CPAP Nov20I7 Qn5b)
 The computer operators may not be adequately trained in the use of software or be informed of the
organisational needs

CPA Page 41

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

 The company's top management may not be committed to setting up such system either due to
ignorance or apathy leading to failure
 The system designed may not be suitable for the organization & will have operational problems
leading to failure
 Poor planning, supervision and implementation of the project that leads to operational failures
 Both the hardware and software may not be suitable for the client's needs
 Lack of cooperation between user & processing departments will always frustrate the process
 Lack of proper understanding by data processing staff to management needs to benefit the entire
organisation
 The use of computers exposes a company to computer frauds ranging from physical unauthorized
use of computers to physical manipulation of the system
 Introduction of Computer Virus is a common problem especially with the use of pirated software
and use of networked systems
 Garbage in Garbage out. Computers will only process what has been input to give output without
telling the user any wrong entry
Control Threats that can be caused by IT Environment; (CPA Jun20I2 Qn4b)
Over reliance on systems which may inaccurately process data
Unauthorized access to data leading to data loss or destruction e.g. Fixed Asset register may
be tampered with by the personnel
Unauthorized changes to data in master file
Inappropriate manual intervention
Exposing information system to data/information thefts e.g. through shoulder surfing, gag calls
or use of an accomplice within the organisation.
Increased chances of incoming and outgoing mail thefts 4 Inability to access data as required
Unnoticed use of unauthorized version of computer programme to perpetuate fraud
1.E.2 CONTROLS IN IT ENV'T - APPLICATION CONTROLS & GENERAL IT CONTROLS
Internal controls in a computerized environment include both manual procedures and procedures designed
into computer programs. Such control procedures comprise two types of controls; General controls' &
Application controls.
Note: if general controls are ineffective, then application controls may be useless.
General Controls
These are policies and procedures that relate to many applications and support the effective functioning of
application controls by helping to ensure the continued proper operations of information systems. They are
controls that must be in place before any processing of data takes place. They include the following;
 Control over data centre and networks operations
 Controls over systems software acquisition
 Change and maintenance controls
 Access security controls
 Application systems acquisition, development and maintenance

CPA Page 42

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

Examples of general applications;

General controls Examples
General controls over :  Development of the payroll should have design, programming and
the development of[ documentation standards.
 The payroll application should have full testing procedures using test data
computer application
 Payroll application has to be approved by computer user and management
e.g. payroll application  There should be segregation of duties in the payroll development so that those
responsible for designing are not responsible for testing
Prevention or detection  Segregation of duties e.g. between payroll data inputting staff & staff
of x -unauthorized responsible to make changes to the payroll rates
 Restrict access to central computer by locked doors, keypads
changes to programs;
 Back-up copies of programs being taken & stored in other locations e.g. back-
up monthly payroll data in another allocation other than locations
 Virus check on software - use of antivirus software & policy prohibiting use of
unauthorized programs
Controls to prevent -  Passwords protection e.g. persons who process the payroll and who can
unauthorized change the payroll information to have, passwords
 Restrict access to authorized users only. Only persons who work in the °
amendments of data
payroll section are authorized access to computers in the payroll section
files
Controls to ensure  Storing extra copies of programs and data files off-site
continuity of operation  Protection of computer equipment against fire and other hazards Back-up
power sources e.g. having generators
in case of breakdown or
 Maintenance agreements and insurance
corrupt of data
Application Controls
These are controls specific to a particular accounting application. Separate application controls are
developed for different applications. Application controls must be evaluated specifically for every audit
area in which the client uses the computer where the auditor plans to reduce accessed control risk.
Application controls are to ensure the completeness and accuracy of all processing and the validity of
accounting entities. There are 4 key application controls types; input controls, processing controls, output
controls & controls over Master File information.
 Input controls - Controls over input are designed to ensure that the information processed by the
computer is valid, complete, and accurate. These controls are critical because a large number of
errors in computer systems are the results from input errors.
 Processing controls - Controls over processing are designed to ensure that data input into the
system is accurately processed. Thus, all data entered in the computer are processed, processed
once/and processed accurately. Most processing controls are also programmed controls, which
mean that computer is programmed to do the checking. Common examples. Include screen
warnings to prevent people logging out before processing is completed.

CPA Page 43

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

 Output controls - Controls over output are designed to ensure that data generated by the computer
are valid, accurate, & complete. Moreover, outputs should be distributed in the appropriate
quantities only to authorized people. The most important output control is review of data for
reasonableness by someone who knows what output should look like.
 Controls over Master File Information - Many transactions depend on the accuracy of
information in the Master File. For example, all sales transactions depend on price list, or all payroll
amounts depend on hourly rate or salary rate. User departments should get periodic reports
containing the contents of Master File. There should be procedures in place to verify that the correct
version of the Master File is being used.

1.E.3 COMPUTER-ASSISTED AUDIT TECHNIQUES (CAATS) - MEANING

CAATs is the use of computer programs to perform audit procedures and obtain audit evidence. CAATs
generally include data manipulation, data calculation, data selection, data analysis, identification of
exceptions & unusual transactions, regression analysis, & statistical analysis. CAATs are available on
generalized audit software (GAS) which provides the auditors with the ability to access, manipulate,
manage, analyze and report data in a variety of formats. Data mining software may also be used for
analytical' procedures.
The use of computer assisted audit techniques (CAATs) may enable more extensive testing of electronic
transactions and account files. CAATs can be used to select sample transactions from key electronic files,
to sort transactions with specific characteristics, or to test an entire population instead of a sample.

1.E.4 TECHNIQUES APPLIED IN CAATS - AUDIT PROGRAMS VS. TEST DATA & TYPES OF
CAATS
The techniques can add greatly to audit efficiency and effectiveness e.g. audit programs can very quickly
read thousands of records, examining each according to the criteria set by the auditor. Test data can be used
to investigate the operation of accounting programs that could not be easily tested in any other way.
Audit programs - used to examine data & interrogate clients' accounting data. The auditor will have a
program which can read the clients' files. That program can be used for the following;
 To select a sample of transactions to investigate.
 The samples could be automatically stratified.
 The program might be set to identify odd transactions or balances e.g. credit balances on a
receivables ledger, or inventory which hasn't moved for some time.
 It could also re-perform calculations e.g. checking that the sum of receivables accounts add up to
the balance shown in the nominal ledger and hence in the financial statements.

Test data is used to investigate (test) the operations of client programs. The auditor chooses data and this
is processed by the client's programs. This enables the auditor to check whether/not the client's programs
are operating correctly and as expected, and whether or not the various controls which were supposed to be
present are actually operating e.g. what happens if a dispatch entered for a zero quantity, or for a non-
existing product, or for a non-existing customer, or a dispatch which would raise the balance on the
debtor's account to above the credit limit. Test data is specially chosen data to check that the controls are
present. There would be some normal items, some unusual items and some extreme or unexpected items.

CPA Page 44

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

Types of CAATs (CPA Aug20l5 Qn2d May20l9 Qn2c)

 Use of dummy data - Using of client's software by auditor to process false/fictitious data i.e.
performing dummy tests using client's system to understand or prove something
 Parallel simulation - program used by auditors to understand how clients' systems calculate and
process data, for further analysis
 Embedded software - audit program configured/installed within the clients' systems and it monitors
continuously client's operations or as and when activated/run by the auditor
 Audit interrogation software - systems used by auditors to extract and re-format clients' data "for
interrogation and further investigation or conclusion
 Online audit reporting - online programs or applications used by auditors for sharing or ease of
working together as teams. Normally, they are used as online links between field/site team members
and off-site supervisors.

1.E.5 BENEFITS (ADVANTAGES) AND CHALLENGES (DISADVANTAGES) ASSOCIATED

WITH USING CAATS
Advantages of CAATs (CPAJun20ll Qn2c; Jun20l2 Qn2d; Nov20l7 Qn5a)
 Efficiency by saving time, re-performance, quicker report generation and easing work
 Reduced costs, and thus less costly/cost effective - but, in the long-run
 Improved quality of audit function as all the data or large samples of data can be tested
 A better knowledge of the computerized information system is developed
 CAATs are able to deal with large volumes of data.
 CAATs also minimizes human errors and frauds, through program-in-built controls
Difficulties in the use of CAATs (Disadvantages) (CPANov20l7 Qn5a)
 Use of CAATs may require a computer specialist - requires technical staff
 Use of CAATs may require an extensive investment in software. Not only in the short-run, it's
costly especially when the client changes the system and thus requiring the auditor to update his
auditing software/program.
 CAATs output may not be suitable for audit use. Also, not favouring small businesses in terms of
cost-effectiveness
 CAATs may corrupt client data, and thus, disruptive on the client side
 Loss of key information/data, due to virus, and maybe, due to power disruptions - these too greatly
affects negatively business operations.

SECTION l.F: AUDIT EVIDENCE & SAMPLING

1.F.1 AUDIT SAMPLING - MEANING & JUSTIFICATION
Audit sampling is the application of audit procedures to less than 100% of items within the population to
enable the auditor to obtain and evaluate evidence. The term "sampling" refers to the process of testing a
portion of a group of items in order to evaluate and draw conclusions about the population as a whole.
Thus, Audit Sampling involves the application of audit procedures to less than 100% of items within an
account balance or class of transactions such that all sampling units have a chance of selection. This
enables the auditor to obtain & evaluate audit evidence about some characteristic of items selected in order

CPA Page 45

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

to form or assist concerning the population from which the sample is drawn. Audit sampling can use either
a statistical or a non-statistical approach.
Why sampling (reasons for audit sampling)
 Time factor / constraint - saves a lot of time as few units are selected & tested
 Cost benefit analysis - economical as it saves time & audit cost
 Voluminous nature of transaction especially with big companies with so many transactions
 Practicability - it's almost impossible to test a "million" transactions esp. manually
 Controlling - It helps to control the audit work in more effective manner.
 Timely reporting - It enables the auditor to submit his audit report in time
1.F.2 KEY AUDIT SAMPLING & RELATED CONCEPTS (TERMINOLOGIES)
Population - This refers to the entire set of data from which a sample is selected and about which The
auditor wishes to draw conclusions e.g. if the auditor wants to check adequacy of controls relating to sales
transactions by checking debtors invoices, the population would be all debtors listed for the particulars
period being tested. Population has to be "complete" and "appropriate". Furthermore, all the items in an
account balance or a class of transactions constitute a population. A population may be divided into strata,
or sub-populations, with each stratum being examined separately. The term population is used to include
the term stratum.
Sampling Unit - This refers to the individual items constituting a population. For instance, cheques listed
on deposit slips, credit entries on Bank statements, sales invoices or debtors' (customers') balances, etc. The
total set of sampling units is called a population.
Error (for the purpose of this topic) - Error means either control deviations, when performing tests of
control, or misstatements, when performing substantive procedures. Similarly, "Total error" is used to
mean either the rate of deviation or total misstatement. "A misstatement" is the difference of the book value
(the recorded value in the client's accounts), and the audit value (the value that the auditor believes it to be
true).
Anomalous Error - This refers to an error that arises from an isolated event that has not recurred other
than on specifically identifiable occasions and is therefore not representative of similar errors in the
population. To be considered an anomalous error, the auditor has to have a high degree of certainty that
such error is not representative of the population. The auditor obtains this certainty by performing
additional work. For instance, an error caused by a computer breakdown that is known to have occurred on
only one day during the period. Another example is an error that is found to be caused by use of an
incorrect formula in calculating all inventory values at one particular branch.
Stratification - The process of dividing a population into subpopulations, each of which is a group of
sampling units, which have similar characteristics (often monetary value).
Tolerable error - The maximum error in a population that the auditor is willing to accept.
Tolerable misstatement - A monetary amount set by the auditor in respect of which the auditor seeks to
obtain an appropriate level of assurance that the monetary amount set by the auditor is not exceeded by the
actual misstatement in the population.
Tolerable rate of deviation - Rate of deviation from prescribed internal control procedures set by auditor
in respect of which the auditor seeks to obtain appropriate level of assurance that the rate of deviation set
by auditor is not exceeded by actual rate of deviation in the population.

CPA Page 46

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

1.F.3 SAMPLE SIZE CONSIDERATION FACTORS

Key factors influencing the sample size (Considerations) (CPANnv20ll0n3c)
Factor Smaller sample size Large sample size
1. Tolerable error  lower threshold (low value of TE)  higher acceptance rate of deviation
2. Inherent risk  low inherent risk  higher inherent risk
3. Control risk  low control risk  higher control risk
4. Sampling risk  Low sampling risk  Higher sampling risk
5. Number of  Very few number of items in  Many items in the population &
population items the population within the same range of value
6. Value of target  High valued items (esp. targeting  Less valued items or without specific
sample items items above tolerable error) target items

1.F.4 SAMPLE DESIGNING PROCESS & SAMPLING PROCEDURES/METHODS

1. The design (plan) of the sample
2. The selection of the sample
3. Testing of the sample.
4. Evaluation of the test results
Design of the sample - The auditor at this stage should take into consideration:
 The test objectives i.e. the auditor will start by considering the control objectives of the area under
review. These will determine the source of audit evidence and the nature of audit testing required to
evaluate that evidence. The sampling technique chosen will depend on the nature of opinion the
auditor wishes to express e.g. an opinion on error rates (e.g. rates of non-compliance) will call for
attribute sampling techniques.
 The population characteristics i.e. defining the population characteristics. An example is that an
auditor may choose to express an opinion about high value, low value or all items or an auditor may
sample invoices within the previous six months, and therefore any opinion expressed can only be
valid in terms of the previous six months.
 The sampling unit i.e. determining the sampling unit, as an individual item in the population e.g. an
invoice.
Selection of the sample - The auditor should select items for the sample with the expectation that all
sampling units in the population have a chance of selection. Various methods of selecting a sample are
appropriate in different circumstances and an auditor must be aware of the advantages and disadvantages of
each so that an appropriate method can be selected.
Testing of sample - Test will then be performed on selected sample items & interpretations done with
respect to the population. The auditor should perform audit procedures appropriate to the particular test
objective on each item selected. If a selected item is not appropriate for the application of the procedure,
the procedure is ordinarily performed on a replacement item.
Evaluation of test results - Finally, the results will be evaluated accordingly. The auditor should evaluate
the sample results to determine whether the preliminary assessment of the relevant characteristic of the
population is confirmed or needs to be revised. In the case of a test of controls, an unexpectedly high
sample error rate may lead to an increase in the assessed level of control risk, unless further evidence
substantiating the initial assessment is obtained. In the case of a substantive procedure, an unexpectedly
CPA Page 47

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

high error amount in a sample may cause the auditor to believe that an account balance or class of
transactions is materially misstated, in the absence of further evidence that no material misstatement exists.
Documenting Sampling Process -To be stated whatever sampling procedures are used;
 The objectives of the procedure and the definitions of error.
 The definition of the population (and the population value if relevant).
 How it was ensured that selection was made from a complete population.
 The definition of the sampling unit.
 The risk of incorrectly accepting a test-result.
 The tolerable error level or rate.
 The size of the sample and the sampling interval.
 The method of sample selection.
 The nature, causes and follow-up of errors found.
 Sample evaluation procedures.
 The overall audit conclusions.

1.F.5 APPROACH TO SAMPLE SELECTION - JUDGMENTAL & STATISTICAL

a) Judgmental / non-mathematical or non-statistical
b) Statistical
Judgmental Sampling (Non-mathematical or Non-statistical)
This is a traditional method of sample selection whereby a sample is chosen on the basis of the auditor's
personal judgment as to what constitutes an ideal sample i.e. it is a method where the auditor uses his own
experience and knowledge of the client's circumstances to select a sample without using any mathematical
or statistical tools. Note: Method is highly subjective.
Methods under non-statistical - for gathering audit evidence (CPAJun2015 Qn4c)
 Observation
 Inquiry
 Inspection
Advantages non-statistical sampling approach (CPAJun2015 Qn4d)
 Easy to understand - being a traditional method & used by many auditors for some time
 The auditor c3n bring his professional judgment and experience
 It does not entail any mechanical procedures arising out of mathematical manipulations and this
enables the auditor to reach reasonable conclusions.
 It saves time on the "part of the auditor as it enables such an auditor to avoid tedious computations,
which are a characteristic of mathematical oriented statistical sampling.
 As it is not scientific, it enables the auditor to use his personal intuition and thus avoid mechanical
conclusion.
Disadvantages of non-statistical sampling approach
 It relies heavily on personal intuition in selection of sample, which is then very relative and highly
subjective.
 It deprives the auditor of reasonable and defensible conclusions regarding the sample because the
auditor does not have the basis of defending the sample tested.

CPA Page 48

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

 It may be manipulated by lazy audit assistants who may select small samples for their convenience,
leading to a biased opinion.
 This method does not portray any logic in sample selection, be it the direct composition and as
such, conclusions found on the sample may not hold for the entire population.
 Conclusions reached using this method are usually vague since the sample selected was not specific
in the first place.
Statistical Sampling
A method by which the auditor selects a sample using statistical tools involving mathematical manipulation
in which a sample is tested to ascertain whether the tests of the sample hold for the population. Statistical
sampling is characterized of: (i) random selection of a sample; & (ii) use of probability theory to evaluate
sample results, including measurement of sampling risk. Below are the statistical methods that can be
used for selection;
 Haphazard selection - the auditor selects the sample without following structured technique. The
auditor is not biased towards any feature of the sampling unit e.g. date, amount, customer, invoice,
number etc. he will take any invoices readily available.
 Cluster sampling - units in the population can often be found in geographical groups or clusters
e.g. schools, households, box files in a month, documents for a specific month etc. a random sample
of clusters is taken e.g. 2 out of 10 box files of vouchers in a month, and then all units within those
clusters are examined.
 Monetary unit sampling - samples are drawn in proportion to their size, giving a higher chance of
selection to the larger items (i.e. the chance of being selected is proportional to the individual items
size)
 Random number selection - makes use of tables or digits that have been scientifically randomized.
The tables provide assurance that each member of the population has an equal chance of selection.
 Systematic selection or interval sampling - after randomly selecting a starting point in the
population 1 and n, every nth unit is selected, where n is equal to the population size divided by the
sample size e.g. every 30th item will be selected.
 Stratified sampling - the population is sub divided into mutually exclusive layers. The strata can
have equal size or you may want a higher proportion in a certain strata. Determining how many
strata to develop and what items to group together, requires the use of judgment. Once the
population has been stratified, the sample items can be selected through random number sampling
or interval sampling.
Advantages of statistical approach to selecting a sample
 It's defensible since conclusions reached may be objective & the method being scientific
 It provides the auditor with uniform basis for selecting samples to be tested, since it's based on
mathematical manipulation
 it eliminates personal bias & provides for more objective recommendations to management
 It may be used by lower grade staff who due to lack of experience and knowledge may not use
judgmental sampling.
 It leads to uniformity of standards among different auditing firms or auditors, due to objective &
uniform sample sizes.

CPA Page 49

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

Disadvantages of statistical approach to selecting a sample

 Being scientific, it calls for trained audit assistants & as such, it may increase the auditors training
costs.
 The method may be time consuming especially in large corporations as it may lead to designing
formulae and their mathematical manipulations, all of which are time consuming.
 It may be inappropriate for small firms.

1.F.6 CIRCUMSTANCES WHEN AUDIT SAMPLING IS NOT APPROPRIATE

 When the population is too small (very few items) especially for substantive procedures
 When terms of the engagement are clear, requiring 100% examination or tests especially with
forensic audits
 When the client is rated high risk and 100% testing is expected to reduce the risk to low acceptable
level
 When it becomes necessary following application of audit procedures e.g. if all items of the
population fall above 50% of tolerable error as pre-determined by the auditor

1.F.7 SAMPLING RISK VS. NON-SAMPLING RISK

Sampling Risk - a risk that an auditor draws an inappropriate opinion on the population as a result of
sampling. This arises from the possibility that the auditor's conclusion, based on a sample may be different
from the conclusion reached if the entire population were subjected to the same audit procedures. This
represents the risk that the sample selected does not necessarily truly represent the population. There are
two (2) types of sampling risk;
(i) The risk that the auditor will conclude, in the case of a test of control, that control that risk is lower
than it actually is, or in the case of a substantive test, that a material error does not exist when in
fact it does (type 1 error for mathematically/hypothesis testing). This type of risk affects audit
effectiveness and is more likely to lead an inappropriate audit opinion.
(ii) The risk that the auditor will conclude, in the case of a test of control, that risk is higher than it
actually is, or in the case of a substantive test, that a material error exists when in fact it does not.
This type of risk affects audit efficiency as it would usually lead to an additional work to establish
that initial conclusions were incorrect.
Non Sampling Risk - a risk that an auditor might use inappropriate procedures and fail to /recognise an
error. This is a risk arising from factors that cause the auditor to reach an erroneous / conclusion for any
reason not related to the size of the sample. For example, the auditor may (have used inappropriate
procedures or he might misinterpret evidence leading to erroneous "conclusion or the population was
wrongly defined.

1.F.8 AUDIT EVIDENCE - MEANING, SUFFICIENCY & APPROPRIATENESS

According to ISA 560, Audit Evidence is all the information used by the auditor in arriving at the
conclusions on which the audit opinion is based, and includes the information contained in the accounting
records underlying the financial statements and other information. Audit evidence is that information
obtained by the auditor in arriving at the conclusion on which he bases his opinion. Audit evidence
provides the link between the audit fieldwork and the audit report.

CPA Page 50

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

Sufficiency, Appropriateness, Reliability & Limitations (CPA Jun20l5 Qn4b)

According to the institute of internal auditors (I I A) practice Advisory 2310-1 (internal auditing), the
auditor should obtain relevant, reliable, sufficient and useful (appropriate) evidence to enable him to draw
reasonable conclusions therefrom:

According to ISA 500 (external auditing), in the conduct of an engagement, the engagement team should
obtain sufficient appropriate audit evidence to enable it to draw reasonable conclusions on which to base
the audit opinion. Audit evidence should be evaluated by its major characteristics which include;
Sufficiency and Appropriateness.
Sufficient Audit Evidence - Sufficiency is lie measure of the quantity (amount) of audit evidence needed
to form the audit opinion. Evidence is sufficient if it is factual, adequate, and convincing so that a prudent,
informed person would reach the same conclusion as the auditor. The judgment on what is sufficient will
be influenced by:
 The risk of misstatement (the greater the risk, the more evidence is likely to be required).
 The assessment of the accounting and internal control procedures.
 The materiality of the item being examined.
 The experience gained during past audits.
 The source and nature of the evidence available
 Nature and size of business being audited
 Financial position of the company
Appropriate Audit Evidence - Appropriateness is the measure of the quality of audit evidence and relates
to; relevance and reliability of information. Appropriateness relates to relevance and reliability of
information in providing support for, or detecting misstatements in, the classes of transactions, account
balances and disclosures, and related assertions. Thus, appropriateness of audit evidence is determined by
its quality & it relates to; Relevance, Reliability, & Consistency.
Relevant & Useful - Evidence is relevant if it supports engagement observation/recommendations and is
"consistent with the objectives for the audit engagement". Evidence is useful if it helps the organization
meet its goals. Evidence gathered must assist management to meet their objectives. Relevance of
information can be with reference to existence of assets, rights and obligations of assets & liabilities,
occurrence of certain events, valuation of assets.
Reliable - Reliability is the quality of information when it is free from material error and bias and can be
depended upon by users to represent faithfully that, which it either purports to represent or could
reasonably be expected to represent. Evidence is reliable if it is the best attainable through the use of
appropriate audit engagement techniques. It refers to the credibility of the evidence. Reliability is largely
influenced by the source (internal or external) and by its nature (i.e. visual, documentary or oral).
Considerations/Evaluation for Reliability of Audit Evidence (CPA Jun20l30n4a)
► Evidence is more reliable when it is obtained from independent sources outside the entity
► Audit evidence that is generated internally is more reliable when the related controls imposed by the
entity are effective.
► Audit evidence obtained directly by the auditor (e.g. observation of the application of a control) is more
reliable than audit evidence obtained indirectly or by inference (e.g. inquiry about the application of a
control).

CPA Page 51

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

► Audit evidence is more reliable when it exists in documentary form, whether paper, electronic, or other
medium (e.g. a written record of a meeting is more reliable than a subsequent oral representation of the
matters discussed).
► Audit evidence provided by original documents is more reliable than audit evidence provided by
photocopies or facsimiles.
► Internal evidence may be more reliable if it's obtained; from reliable senior official, from an employee
with no financial interest in the entity, or from a number of different personnel.
Consistent - Engagement team would ordinarily obtain more assurance from consistent audit evidence
obtained from different sources or of a different nature than from items of audit evidence considered
individually.
The engagement team should therefore consider whether the conclusions from different types of audit tests
are consistent with one another. When different sources of audit evidence appear to contradict each other,
the reliability of each remains in doubt until further work has been done to resolve the inconsistency.
However, when the individual sources of evidence relating to a particular matter are all consistent, then the
cumulative degree of assurance obtained is higher than that obtained from individual sources.
Audit procedures for obtaining Consistent Audit Evidence
Risk assessment procedures - These are used to obtain an understanding of the entity and its environment,
including its internal control, to assess the risks of material misstatement at the financial statement and
assertion levels.
Tests of controls - Test the operating effectiveness of controls in preventing, or detecting and correcting,
material misstatements at the assertion level.
Substantive procedures - Detect material misstatements at the assertion level and include tests of details
of classes of transactions, account balances, and disclosures and substantive analytical procedures.
Limitations on quality & quantity of audit evidence (CPA Jun20I3 Qn4a; Aug 20I7 Qnlc)
 Time for evidence collection could be limited
 Absolute proof can be impossible, sometimes
 Limitation in resources, such as money, human resource, and skills
 There may be lack of cooperation from staff and third parties in availing audit evidence.
 There are possibilities of collusion between management, employees and third parties leading to
distortion of audit evidence.
 Hearsay evidence is open not only to personal prejudice and bias but also it may be distorted in the
process of transmission, which may lead to a biased conclusion.
 It may be expensive to gather some evidence especially from third parties who may be numerous
and geographical spread. .

1.F.9 AUDIT EVIDENCE - TYPES, SOURCES, & METHODS/PROCEDURES OF GATHERING

AUDIT EVIDENCE
Types of Audit Evidence
Physical evidence - is generally obtained by observing people, property or event by documented examples
or if not possible, by corroborating observation.

CPA Page 52

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

Testimonial evidence - may take the form of letters, statements in response to enquiries or interviews, and
is not conclusive since these are usually somebody's opinion; they should be supported where possible by
documentation.
Documentary evidence - is the usual form of audit evidence and includes letters, agreements, contracts,
directives, memoranda and other business documents. The source of the documents will affect its reliability
and the trust we place in it.
Analytical evidence - usually derived from computations, comparisons to standards, trends, operations and
similar operations.
Key Sources of Audit Evidence (CPA Jun20l8 Qn5a)
♦ Internal audit evidence -evidence obtained from the entity's accounting systems, accounting
records, documents, and management and staff
♦ External audit evidence -evidence obtained from sources outside the entity (audit client) e.g. the
customers, lenders, suppliers and professional advisors like lawyers.
♦ Self-generated evidence -evidence generated by the audit team, through any means such as
analytical reviews, interviews and inquiries.
♦ Inference -evidence received by Inference e.g. management representations
Methods or Procedures or Techniques oi Garnering Audit Evidence (CPAJun20l4 Qna)
 Observation. This involves both seeing & noticing. It's done to ascertain that an organization's
procedures/ policies are being followed, e.g. stocktaking, cash counts, wage payments, etc.
 Inspection. An auditor will use inspection by checking documents, records and the entity's tangible
assets all of which are aimed at giving the auditor a means of assessing the effectiveness and
reliability of documentary evidence, existence, valuation and ownership of assets. Documents
include log books, land titles, certificates, etc.
 Interviews. Consists of seeking information of knowledgeable persons, financial and non-financial
information. It may be oral or written and the interview process continues throughout assessment
process. The reliability of this technique will depend on the integrity of source.
 Analytical Reviews. This involves examining something in detail with the aim of discovering
significance e.g. trends, averages, ratios, percentages etc. The auditor will be looking for what was
expected but did not happen or vice versa.
 Computations & re-computations. This is the process of checking mathematical accuracy of
documents or records to confirm correct amounts, especially done for deductions like PAYE, NSSF
& contractual obligations.
 Confirmations (third-party confirmations). Confirmation is the process of obtaining a representation
of information or of an existing condition directly from a third party especially client's bankers,
financiers, customers, & suppliers.
 Re-performance. This is the auditor's independent execution of procedures or controls that were
originally performed as part of the entity's internal control, for example, re-performing the bank
reconciliations, or using CAATs for re-performing the ageing of accounts receivable.
 Others - other specific methods include; vouching, comparisons, etc.

CPA Page 53

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

1.F.10 ANALYTICAL PROCEDURES - MEANING, TYPES & EVALUATION OF ANALYTICS

Analytical procedures - are evaluations of financial information made by a study of plausible relationships
among both financial and non-financial data. Analytical procedures also encompass the investigation of
identified fluctuations and relationships that are inconsistent with other relevant information or deviate
significantly from predicted amounts. They therefore consist of analysis of significant ratios & trends
including resulting investigation of fluctuations and relationships that are inconsistent with other relevant
information or deviate from predictable amounts. In a nut shell, they entail the use of comparisons and
relationships to determine whether account balances or other data appear reasonable e.g. relationship
between; cost of sales & sales, payroll costs & number of employees, etc.
Types of Analytical Procedures (general) (CPA May20l9 Qn2b)
 Trend analysis - analysis of changes in an account balance over time esp. comparing last year's
account balance to the current un-audited balance or balances in many time periods e.g. comparing
receivables of Y/E 2019 with that of Y/E 2018, for credit ns/c/deficiency indicators
 Ratio analysis - comparison of relationships between financial statement accounts, comparison of
an account with non-financial data, or the comparison of relationships between firms in an industry,
client data with similar prior period data, client data with client-determined expected results, client
data with auditor-determined expected results e.g. computing liquidity (current asset or acid-test)
ratios to identify liquidity/going-concern risk indicators
 Reasonableness testing - is the analysis of account balances or changes in account balances within
an accounting period in terms of their "reasonableness" in light of expected relationships between
accounts e.g. investigating invoice worth Ushs 200m when average price is Ushs 5m
 Data mining - set of computer-assisted techniques (CAATs) that use sophisticated computer
statistical analysis/software and artificial intelligence techniques -to examine large volumes of data
with objective of indicating hidden or unexpected information or patterns e.g. identifying ghost
workers & detecting un-authorised reversal journal entries using CAATs, etc.
Using & Investigating Results of Substantive Analytical Procedure
Analytical procedures consist of looking at amounts in the financial statements, calculating ratios and then
comparing the amounts and ratios to; Last year's results, Budgets, & industry standards. Also the trends and
changes in the company's financial statements over time will be examined. Analytical procedures are a
powerful source of evidence & are used in 3 places;
 Planning. For instance, if last year's inventory amounted to 34 days' of supply and this year
amounted to 97, then you have identified an area that will need attention during the audit. Why has
inventory increased so much? Was this planned? Is there an error? Will it sell? What value should it
have?
 Substantive tests. For instance, if last year's collection period was 32 days and this years is 31.5,
then this gives some confidence that the figures this year are correct. Similarly if sales are very
close to budget, this implied some support for the figures being correct
 Final review. Here, just before the audit report is signed, the partner stands back and looks at the
financial statements as a whole. Do the figure seem to make sense?
Analytical procedures allow the auditor to assess whether or not the financial statements are consistent with
their understanding of the entity. Assumed examples include;

CPA Page 54

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

 If they believed that the entity was substantially dealing in cash transactions yet it had a large
receivables balance they might wonder why.
 If the receivables balance changes dramatically from one year to the next, but sales hadn't really
changed, the auditors might begin to question the recoverability of those balances. If the days of
inventory held by the organisation rapidly increased they might begin to worry about the valuation
of inventory and whether or not it could all be sold at above cost, -fr If expenses moved
significantly or how they moved? If a business keeps about the same level of activity you wouldn't
expect the expenses such as telephone, post, heating, and lighting to increase much more than the
rate of inflation.
 If, however, the telephone costs had increased markedly the auditors need to find out why. It might
be because the company had gained an important overseas customer and there are now many high
cost overseas telephone calls. If the increase can't be explained in a reasonable manner then an error
may have been made and wrong amounts may have been posted to the telephone account.

1.F.11 EXTERNAL CONFIRMATIONS (ISA 505) - CIRCULARIZATION

Meaning & Importance (CPA Nov2011 Qn5a)
External confirmation is the process of obtaining and evaluating audit evidence through a direct
communication from a third party in response to a request for information about a particular item affecting
assertions made by management in the financial statements. In deciding to what extent to use external
confirmations, engagement team considers the characteristics of the environment in which the entity being
audited operates and the practice of potential respondents in dealing with requests for direct confirmation.

External confirmations are frequently used in relation to obtaining evidence regarding account balances and
their components especially for; bank balances with the financial institution, trade receivables from
customers, trade payables due to suppliers, income for not-for profit entities relating funding disbursed
during the period under review, loans & borrowings with lenders, etc. Not only used for account balances,
but they may also be used as a request of external confirmation of the terms of agreements or transactions
an entity has with third parties e.g. if there has been any modifications & details of such modifications in
the agreement.
Examples & Evaluations of Situations for External Confirmations; (CPANov20I8 Qn5a,ii:)
► When inventory is situated in several locations, the engagement team will need to determine which
locations are appropriate to attend based on materiality & risk of misstatement.
► When third parties hold inventory on entity's behalf, engagement team should consider the need to
obtain a direct confirmation from the third party, taking into account of materiality.
►If engagement team is unable to attend the physical inventory count, a physical count should be
taken/observed on alternative date.
► Bank balances and other information from bankers.
► Accounts receivable balances.
► Stocks held by third parties at bonded warehouses for processing or on consignment.
► Property title deeds held by lawyers or financiers for safe custody or as security.
► Investments purchased from stockbrokers but not delivered at the balance, sheet date.
► Loans and other borrowings.

CPA Page 55

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

► Contingent liabilities including off-balance sheet items and legal cases.

► Accounts payable balances.
Design of the External Confirmation Request
The engagement team should tailor external confirmation requests to the specific audit objective. Factors to
consider when designing confirmation requests include;
 The assertions being addressed.
 Specific identified risks of material misstatement, including fraud risks.
 The layout & presentation of the confirmation request.
 Prior experience on the audit or similar engagements.
 Method of communication (for example, in paper form, or by electronic or other medium).
 Management's authorization to the confirming parties to respond to the auditor.
 The ability of the intended confirming party to confirm or provide the requested information e.g.
individual invoice amount vs. total balance.
Types of Confirmations designs/requests - Positive Vs. Negative Confirmations
The engagement team may use positive or negative external confirmation requests or both.
A positive external confirmation request asks the respondent to reply to the auditor in all cases, whether
in agreement with the information or not. There is a risk, however, that a respondent may reply to the
confirmation request without verifying that the information is correct. The engagement Spy team may
reduce this risk, however, by using positive confirmation requests that do not state the amount (or other
information) on the confirmation request, but ask the respondent to fill in the amount or furnish other
information. On the other hand, use of this type of "blank" confirmation request may result in lower
response because of more required effort.
A negative external confirmation request asks the respondent to reply only in the event of disagreement
with the information provided in request. However, when no response is received, y the engagement team
will have no way of ascertaining whether the intended third parties have received the confirmation
requests. Accordingly, the use of negative confirmation requests $r ordinarily provides less reliable audit
evidence than the use of positive confirmation requests, and the engagement team should consider
performing other substantive procedures to supplement the use of negative confirmations.
A combination of positive and negative external confirmations may be used. For example, where the
total accounts receivable, balance comprises a small number of large balances and a large number of small
balances, the auditor may decide that it is appropriate to confirm all or a sample of the large balances with
positive confirmation requests and a sample of the small balances using negative confirmation requests.
Summarised Steps when Obtaining Confirmations from a Client's Bankers; (CPA Jun20I3 Qn5b)
 Auditor obtains explicit written authority from the client to allow banks to disclose information on
the account holder
 The auditor's request must refer to the client's letter of authority and the date thereof
 Letters of authority should be signed as per the bank mandate of the account holder
 Letter of authority may either give permission to disclose information for a specific request or grant
permission of indeterminate length of time
 The request to the bank manager should be for that year end date.
 The auditor should check that the bank has answered all the questions (requests made)
 Where direct reply is not received from bank, auditor should, verify authenticity or reply obtained

CPA Page 56

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

Methodology to follow when Circularizing Debtors; (CPAJun20l2 Qn3b)

Select sample of receivables to be circularized
Inform client of intended list of those to be circularized
Consider implications if client objects to any of the accounts selected being circularized
Record names and a mounts circularized
Record replies received and consider implications of any accounts not agreed
For no replies, perform alternative procedures (other evidence relating accounts receivable)

SECTION 1.G; SUBSTANTIVE AUDIT PROCEDURES

1.6.1 MEANING OF SUBSTANTIVE AUDIT PROCEDURES
Substantive procedures are tests or audit procedures performed to obtain audit evidence to detect material
misstatements in the financial statements at the assertion level,
Therefore, substantive procedures are responses to auditor's assessment of risk of material misstatement in
the company's financial statements. The higher the assessed risk of material misstatements, the more likely
the extent of the substantive procedures will increase and the timing of procedures will be performed close
to the period.
"Irrespective of the assessed risk of material misstatement, the auditor should plan and perform substantive
procedures for each material class of transactions, account balance and disclosure i.e. substantive
procedures are performed for every significant account balance." Furthermore, if auditor has determined
that an assessed risk of material misstatement at the assertion level is a significant risk, the auditor should
perform substantive procedures that are specifically responsive to that risk. For example, if there is a
significant risk that management is inflating revenue to meet earnings expectations, auditor may design
external confirmations not only to confirm outstanding amounts, but also to confirm the details of sales
agreements & then follow-up those confirmations with inquiries regarding any changes in sales agreements
& delivery terms.
1.G.2 TYPES OF SUBSTANTIVE AUDIT PROCEDURES
(1) Tests of details of classes of transactions, account balances; and disclosures and
(2) Substantive analytical procedures.
(1) Tests of Details (TODs)
Tests of transactions are audit procedures related to examining the processing of particular classes of
transactions through the accounting system and are usually performed for accounts like property &
equipment, long-term debt & equity accounts e.g. search for unrecorded liabilities.
Tests of account balances are audit tests that substantiate the ending balance of a general ledger account or
line item in a financial statement. Tests of balances are substantive tests that provide either reasonable
assurance of the validity of a general ledger balance or identify a misstatement in the account. When testing
balances, the auditor is concerned with overstatement or understatement of the line item in the financial
statement. Tests of balances are important because the auditor's ultimate objective is to express an opinion
on financial statements that are made up of account balances.
(2) Substantive Analytical Procedures
Analytical procedures are evaluations of financial information made by a study of plausible relationships
among both financial and non-financial data. Analytical procedures also encompass the investigation of

CPA Page 57

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

identified fluctuations and relationships that are inconsistent with other relevant information or deviate
significantly from predicted amounts.
There are four types of substantive analytical procedures;
(i) Trend analysis
(ii) Ratio analysis
(iii) Reasonableness testing (iv) Data mining

1.G.3 SUBSTANTIVE PROCEDURES FOR STATEMENT OF COMPREHENSIVE INCOME (SOCI)

The Financial Statements Assertions - Income Statement;
♦ Occurrence - transactions recorded (events) took place (occurred)
♦ Completeness - existing transactions have all been recorded
♦ Accuracy - amounts included in the account balance are stated at correct amounts
♦ Cut-off- transactions near the balance sheet date are recorded in the proper period
♦ Measurement - that amounts recorded in the account balance are appropriate"
♦ Classification - amounts included in the client's listing are properly classified
♦ Presentation & disclosure - account balances & related disclosure requirements are properly presented in
the financial statements.
Matters relating to Revenue & Expenses Recognition;
(i) Materiality
(ii) Risk
(iii) Relevant accounting standards
(iv) Audit evidence

Procedures for Verifying Revenue (& partly Receivables); (CPA Jun20l4 Qn2c; May20l3 Qnlb)
♦ Agree subledgers to general ledger. Obtain details/schedules/subledgers of revenue & receivables, then
agree them to the general ledger or trial balance -to confirm completeness).
♦ Retranslate transactions in foreign currencies using spot or average rates. In case of foreign* currency
denominated revenue, retranslate sample of transactions -to confirm measurement.
♦ Perform cut-off tests. Obtain all/sample of revenue entries posted towards & immediately after* year end,
inspect their support documents (e.g. invoices, GDN, etc.) to identify any entries} recognized in the wrong
period e.g. Jan-2019 invoices being recorded in FY ended Dec-2018.
♦ Perform reasonableness test. Gain overall insight into reasonableness of revenue, analyse individual
transactions & evaluate if revenue recognition / measurement seems appropriate.
♦ Conduct analytics. Disaggregate data (e.g. grouping revenue monthly or revenue per stream) to identify
unusual items for further investigation, by obtaining explanation of any significant movements contrary to
auditor's expectations -to confirm completeness & measurement.
♦ Perform key item testing? Identify key items (large revenue transactions, unusual items like debit
balances in the revenue ledger, etc.) -and check for proper classification & measurement
♦ Review sales returns. Identify credit balances under receivables which may include returns for further
investigation -and determine whether sales returns provision requires adjustment.
♦ Vouching representative sample to confirm occurrence & measurement. Obtain a sample of revenue
transactions, request for support, match amounts/price's accuracy, & to confirm that all revenue are

CPA Page 58

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

adequately supported with; invoices, sales agreements/contracts/orders, goods delivery note (GDN) or
shipping documents for evidence of delivery, among others
♦ Credit policy/limits. Obtain & review entity's credit policy, and confirm based on a sample of revenue
transactions, that, only authorized customers are given credit and within credit limits
♦ Numbering: Check sales invoices for sequential numbering & inquire for any missing numbers
♦ Approvals: Sample items, obtain invoices & confirm authorization, & against customer orders
♦ Reconciliation: Obtain ledgers of; revenue, receivables &/ or cashbook, and reconcile them, etc.
Expenses & Purchases (capital, admin & operating expenses); (CPA Nov20I8 Qn5a.i)
♦ Agree subledgers to general ledger for completeness purpose -obtaining details (schedules) of expenses
and then agree the respective sub-ledgers to the general ledger and trial balance
♦ Vouching -select a representative sample and perform various specific procedures via vouching (inspect
support documents) to confirm that events or recorded transactions actually took place (occurrence) and
were accurately recorded (measurement).
♦ Accuracy tests -confirming existence of original paperwork like contracts, invoices, signatures and
compare all the original documentation against the amounts paid to find any mistakes.
♦ Analytical procedures -e.g. comparisons of current year and prior year to identify expense subledgers
with unexpected significant changes, to confirm transaction's fair statement.
♦ Testing unusual & key items -identification of unusual items, key items, and significant fluctuations in
various expense lines for testing via inspection of support documents
♦ Reasonableness tests -A reasonableness check involving checking expenses to see if they are in line with
what is considered ordinary and that amount incurred/paid is reasonable.
♦ Vendor existence check -Review master file and request for contracts with sampled vendors to ensure
that all vendors paid exist and do operate real/related businesses etc.
Payroll Audit (CPANov2012 Qn2)
This is normally presented separately as staff costs in the financial statements. Depending on the nature of
staff costs, a number of procedures can be performed in line with the reported different payroll costs e.g.
salaries, wages, Pay as You Earn, NSSF, Local Service Tax (LST), Gratuity, & among other related staff
costs. Procedures may include among the following;
 Agreeing staff cost sub-ledgers to general ledger -to confirm completeness of payroll amount
 Analytical procedures-comparisons, month on month for reasonability of movements, etc.
 Re-computations-especially computation of statutory deductions like PAYE & NSSF costs
 Review of staff files -mainly for key personnel, to check competence, roles, identification, etc.
 Inspecting employee contracts -to confirm if payroll amounts match with contract amount
 Matching amount -as per payroll & amount actually paid to employees either by cash/cheque etc.

1.G.4 SUBSTANTIVE PROCEDURES FOR STATEMENT OF FINANCIAL POSITION (SOFP)

The Financial Statements Assertions - Balance sheet (CPAdun2CI8 Cn5c; Aug20l3 Qnlc)
♦ Existence - that amounts included in the account balance exist
♦ Rights and obligations - that account balances (assets & liabilities) belong to the entity
♦ Completeness - existing amounts in the records are included in the account balance
♦Valuation & allocation - that amounts recorded in the account balance are appropriate
♦ Cutoff- transactions near the balance sheet date are recorded in the proper period

CPA Page 59

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

♦ Presentation & disclosure - account balances & related disclosure requirements are properly presented in
the financial statements.
Property, Plant & Machinery (PPE). Audit procedures/evidence may include; (CPAJun20I5 Qn2c)
♦ Agreeing fixed asset register (FAR) to the general ledger -for completeness check
♦ Analytics -comparing expected net book values (NBV) with recorded NBVs, to confirm valuation
♦ Recomputation of depreciation charge and accumulated depreciation -to confirm accuracy
♦ Inspection of relevant documents like logbooks & land titles -to verify ownership/rights
♦ Physical verification of tangible assets (observation) -to verify existence of PPE
♦ Perform impairment tests for valuation -identification of any impairment factors (internal/external)
♦ Review company's policies & relevant standards e.g. IFRS -for valid presentation &disclosures
Illustration -Assertion-based practical substantive procedures for non-current assets (PPE)
Completeness
♦ Select a sample of assets visible at client premises and inspect against FAR, to ensure they are included -
for visible assets to fixed assets register (FAR)
♦ Examine the repairs & maintenance accounts in the general ledger for large and unusual items that may
be capital in nature - for mispostings of recurrent v/s capital expenditures
♦ Identify large payments in respect of non-current assets and examine payment vouchers against general
ledger (GL) - to ensure they are included in GL.
♦ Review opening balances against the prior year signed annual report - to ensure last year's closing
balance have been correctly brought forward in the current year.
♦ Reconcile fixed asset register (FAR) with the general ledger (GL) - to ensure that FAR reconciles to
general ledger as reported in the trial balance and financial statements
Accuracy/Measurement
♦ Cast fixed assets (FA) movement schedule and agree to figures in Financial Statements (FS).
 Test additions for the year - using a sample of FA additions chosen from entries in the nominal
ledger. Based on the sample, perform the following detailed tests;
 Agree details of the additions to an invoice, to confirm amount recorded Vs. invoice amount
 Ensure goods have been received by checking to the goods received note (GRN)
 Agree details to user's specification, and ensure that document details tally with records
 Trace FA additions to the FAR, to ensure that they accurately recorded and complete.
♦ Check whether closing balance in the nominal ledger agree to the total in the FAR.
♦ If any assets have been constructed by the company, obtain analysis of costs incurred and agree to
supporting documentation.
♦ Check the profit/loss on disposal, by re-computation based on NBV and sales proceeds
Valuation
♦ Re-perform depreciation calculations by:
 All assets or select a sample of assets from the register & recalculate the charge for the year.
 Recasting the list of individual asset depreciation charges.
 Agreeing the total charge to the FS.
♦ Analytical review of depreciation charge for the year: agreeing current year's charge as reasonable by
taking last year's charge, with amendments for additions, disposals & revaluations, and seek explanation
for any material differences.

CPA Page 60

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

♦ Review and assess company's depreciation policies for reasonableness of depreciation rates.
♦ Review and re-compute profits/losses on disposals - large profits indicate high depreciation rate whilst
large losses is an indication of low depreciation rate being used.
♦ Perform impairment tests - by reviewing assets and establish the need for any write down for
impairments in value, based on any identified external and internal factors in line with IAS 36
♦ Perform revaluation tests (if any) - If assets have been revalued during the year, tests include;
 Agree new valuation to valuer's report.
 Verify that all similar assets have also been revalued.
 Ensure that depreciation charge is based on new carrying value.
 Check qualifications and independence of valuer.
 Review valuation report and check for accuracy and reasonableness.
 Perform site visit
♦ Take note of condition of assets during inspection - when physically inspecting assets, take note of their
condition and usage in case of impairment.
♦ Trace entries in FAR & FA movement schedule to the source documentation - select a sample of entries
in the fixed assets register and fixed asset movement schedule, and trace them back to source
documentation (e.g. invoice, payment voucher, etc.) to ensure properly stated cost.
Existence
♦ Select a sample of assets from FAR and physically inspect them
♦ For a sample of recorded assets, obtain and inspect ownership documentation (e.g. land title, motor
vehicle logbook, insurance documents, etc) for beneficial ownership
♦ For leased assets, inspect lease documents to assess whether the lease is operating/finance
Presentation & Disclosure
♦ Obtain opening trial balance, & agree opening balances with prior year financial statements and ensure
they match with opening balances in the fixed asset movement schedule
♦ Compare depreciation rates in use with those disclosed made (under the accounting policies in the notes
to the financial statements of prior year signed report
♦ Obtain company's related policy like the asset management or revaluation policy, review them against the
information presented and disclosed in the financial statements
♦ Obtain the draft financial statements, review them and ensure that adequate disclosures are made, e.g.
charges on FA to secure a loan (if applicable). '
♦ Review the schedule of FAR and ensure that it's disclosed by way of a note to the financial statement,
with a reconciliation of cost, additions, revaluations/disposals, depreciation, & NBV
Summarized Potential Misstatements in PPE due to Fraud/Errors; (EPAJun2EI2'Dn3c)
♦ Purchase of an asset at inflated price especially from a related party
♦ Wrong write-off of the asset as scrap, obsolescence, missing, donated, or destroyed
♦ Expenditures for repairs and maintenance (operating expenses) recorded as PPE or vice-versa
♦ Capitalization of expenditures not normally attributed to PPE cost e.g. training, admin overhead
♦ Recording of an asset purchased, which in effect has not actually been received/delivered yet
♦ Use of an asset of the entity for the benefit of a person other than the entity's benefit
Inventory. Audit procedures &/or evidence may include (CPA Aug20l5 Qn4d Jun2018 Qn3d),
♦ Agreeing inventory listing to the general ledger, for completeness check

CPA Page 61

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

♦ Perform net realizable value (NRV) test, provisioning test, reconciliations, for proper valuation
♦ Obtain confirmations, if stock is with 3rd parties i.e. confirm if stock is held by third-parties
♦ Inspect relevant documents if stock is in transit, e.g. shipment documents, pre-delivery contract
♦ Cutoff tests, by cross-checking year-end inventory issued/received based on GDNs, GRNs, etc.
♦ Attending stock-take (observation) at year-end or perform roll-back procedures, for existence
♦ Perform analytical procedures, e.g. comparison of prior year with current year balances, etc.
♦ Review draft financial statements (draft annual report), company policy and relevant accounting
standards e.g. IAS 2-lnventories, to confirm appropriate presentations and disclosures
♦ etc.
Reasons for Attending Inventory Count (Stock-take) by the Auditor, (CPA Aug2015 Qn4a)
 To gather audit evidence to support audit opinion, relating with existence of inventory
 The physical count will validate the book inventory records
 It will provide evidence of the operation of internal controls over inventories, including the clients'
inventory count procedures
 It provides substantive evidence for the auditors of a material statement of financial position and
statement of comprehensive income figure
Objectives of Auditing Inventory; (CPA Aug20I5 Qn4b)
❖ To ascertain the existence of the inventory
❖ to ascertain that inventory is appropriately valued at lower of cost and net realisable value
❖ To ensure that adequate provisions are created for dead and slow moving items
❖ To verify the completeness and accuracy of the inventory balance
❖ To verify that inventory is appropriately presented and disclosed in the financial statement
Audit Procedures Performed Before the Inventory Count - planning; (CPAAug2018 Qn1d)
(i) Review previous year's work papers and discuss with management any significant changes
(ii) Discuss inventory count arrangements with management
(iii) Familiarise yourself with the nature and volume of inventories
(iv) Consider the location of inventories
(v) Arrange to obtain third party confirmation
(vi) Establish whether expert help may be needed
Audit Procedures Performed During the Inventory Count; (CPAJun20I8 Qn3d)
(i) Observe inventory count to ascertain that employees are carrying out their instruction.
(ii) Check the count of a selected number of products.
(iii) Check details of inventory for cut-off procedures.
(iv) Form an impression of magnitude of inventory held for comparison with financial statements
(v) Record fully the work done and impressions of the inventory count in the working papers.
(vi) Give special attention and focus on high value inventory.
(vii) Verify details of the sequence of inventory sheets.
(viii) Enquire into, observe and discuss the store keeping staff, the procedures for identifying damaged,
obsolete and slow moving inventory.
(ix) Take photocopies of rough inventory count sheets, signed by client auditor/witness
(x) If any aspects prove unsatisfactory, inform management and request for a recount.

CPA Page 62

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

Audit Procedures Performed After the Inventory Count; (CPA Nonv20ll Qn3a)
(i) Check cut offs with details of the last number of goods inwards/outwards
(ii) Test that the final inventory sheets have been properly prepared from the counts records.
(iii) Follow up any notes made at the attendance
(iv) Check final inventory sheets for pricing, extension, additions, summarising and official signatures.
(v) Inform management of any problems encountered in the inventory count for action in the subsequent
count.
Cash & Bank. Audit procedures &/or evidence may include (CPANov 2011 Qn5c: Jun20I2 Qn4a; Nov
20I4 Qn2b)
♦ Agree cash & bank sub-ledgers to the general ledger, to confirm completeness
♦ Perform cutoff tests, based on year-end interbank transactions or interbank reconciling items
♦ Revaluation tests, (revaluing balances in foreign currencies) with closing rate, for proper valuation
♦ Obtain bank confirmations, to confirm valuation and existence of cash at bank
♦ Inspect relevant documents, e.g. petty cash counts for existence of cash at hand
♦ Review reconciliations & investigate bank reconciling items, to confirm completeness/valuation
♦ Re-perform bank statement reconciliations, to confirm accuracy of cash and bank balances
♦ Perform analytical procedures, e.g. comparison of prior year with current year balances, etc.
♦ Review company's policies & relevant standards e.g. IFRS -for valid presentation & disclosures
♦ etc.
Note: Objectives of Auditing Cash & Bank (cash & cash equivalents); (CPA Nov2013 Qn4a,i)
 Existence. Confirm that the cash actually exists at a given date
 Completeness. Find out if all cash was recorded in periodical reports or financials
 Rights over cash. Ensure that all cash collected belonged to the Company i.e. that a cash sale was
made in the company names
 Cut off. Ensure that all amounts are correctly recorded in the proper period
 Classification & Understandability. Ensure that cash & bank balances are correctly classified,
reported and disclosed in the financials in accordance with applicable reporting framework.
Receivables Audit procedures & or evidence may include (CPAJun20l2Qn3a; Jun2013 Qn3a;
Aug2019Qn1d)
♦ Agree trade receivable & other receivable sub-ledgers to the general ledger, for completeness
♦ Perform cutoff tests, by reviewing transactions towards/after period end against support docs
♦ Analytical procedures e.g. comparison of prior with current year balances against expected mov't
♦ Obtain confirmations from customers, to verify rights over receivables, existence and valuation
♦ Perform revaluation tests, by translating (if not yet) or retranslating (if already) using closing rates
♦ Inspection of relevant documents e.g. invoices & sales contracts, to confirm existence & rights
♦ Review of subledgers & investigate unusual balances like credit balances, for proper classification
♦ Review draft financial statements (draft annual report), company policy and relevant accounting
standards e.g. IFRS 9-Financial instruments, to confirm appropriate presentations and disclosures
♦ etc.
Payables. Audit procedures &/or evidence may include (BPA Nov2012 Qn4a; Jun2015 Qn3b)
♦ Agree accounts payables & other payables' sub-ledgers to the general ledger, (completeness)
♦ Cutoff tests, by checking invoices & subsequent payments, for existence of unrecorded liabilities
CPA Page 63

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

♦ Revaluation tests, by translating (if not yet) or retranslating foreign balances using closing rates
♦ Inspection of documents e.g. LPOs, purchase invoices, GDN, to confirm existence of obligation
♦ Review of subledgers & investigate unusual balances like debit balances, for proper classification
♦ Obtain confirmations from suppliers, to confirm existence and fair statement of payables
♦ Perform substantive analytical procedures e.g. trend analysis, ration analysis, and data mining
♦ Review draft report against relevant policies/standards, for appropriate presentation & disclosures
Leased Assets. Audit procedures &/ or evidence may include;
♦ Inspect lease documents (also with bank) to assess whether the lease is operating/finance
♦ Perform substantive analytical procedures e.g. trend analysis, ration analysis, & data mining
♦ Examine lease agreements and prepare a summary of key terms & pertinent data for filing
♦ Determine that leases have been properly classified as either finance leases or operating leases using the
criteria of IAS 17 (IFRS 16 - effective 1 January 2019)
♦ For capitalized leases, check/re-compute their present value computations and determine the
appropriateness of the discount rate used
♦ Review payment documents against lease agreement, and ensure that lease payments and expenses
included in the accounts are in agreement with the provisions of the lease contracts
♦ Review draft financials and determine that executory costs to be paid by the lessee (property taxes,
insurance, etc.) have been properly accrued and included in expenses
♦ Review lease ledger & determine that any additional contingent rents payable have been accrued (such
contingent rents may result from escalation clauses, gross receipts, provisions, etc.)
♦ Ascertain that footnote and balance sheet disclosures are in accordance with IAS 17 (IFRS 16)
♦ etc.
Borrowings (loans, etc.). Audit procedures &7 or evidence (CPAJun20l3 Qn2b; Jun20l8 Qn5c&d),
♦ Review the board of directors meeting minutes. During your review, make sure that any new loan
agreements or bond issuances are authorized.
♦ Review client agreements. Look at any agreements the client has entered & ensure documents reconcile
with information in the minutes of the board meeting especially; principal, rate, length for loans, & make
sure the balance sheet shows correct outstanding loan balance
♦ Examine cash transactions. Review client's long-term debt's cash transactions. Trace any large cash
disbursements made by client or cash receipts hitting its bank statements to the appropriate source
documents e.g. invoices. The company may be trying to artificially inflate sales by recording a loan as sales
revenue
♦ Perform re-computations. Re-compute & compare with installments or other payment obligations as
noted in the terms and conditions of the borrowing
♦ Analytical procedures e.g., -comparison of current year's balance with prior year's outstanding in line
with expected balance based on verified loan installments or interest accrued
♦ Obtain confirmations from financiers, to confirm existence of the loan obligation and ascertain actual
outstanding amounts/obligation as at the report date
♦ Perform compliance tests. Review and confirm compliance with applicable standards especially
regarding presentation, classification, and disclosures as required by IFRS

CPA Page 64

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

1.G.5 ADJUSTING VS. NON-ADJUSTING EVENTS - POST BALANCE SHEET REVIEW & ITS
IMPORTANCE
IAS 10 "Events after the Balance Sheet Date", defines subsequent events as "those events, favourable and
unfavourable, that occur between the balance sheet date and the date when the financial statements are
authorised for issue". Two types of events can be identified:
(a) those that provide evidence of conditions that existed at the end of the reporting period (adjusting
events after the reporting period); and
(b) those that are indicative of conditions that arose after the reporting period (non-adjusting events after
the reporting period).
The main importance of post balance sheet events review helps "to identify events occurring after the
balance sheet date which may have an implication on the financial statements". (CPAAug2CI7Ma)
Examples of adjusting subsequent events include; (CPAJun20I4 Qn2d- Aug20I7 Qn2b)
 The subsequent determination of the price of assets sold before the year-end.
 The re-negotiation of amounts owing by customers, or the insolvency of a customer.
 The effect of changes in taxation rates.
 Discovery of error/fraud, provided the error/fraud discovered occurred prior to year-end.
 The receipt of sale proceeds after the balance sheet date, or other evidence, concerning the net
realizable value of inventories.
 Evidence that a previous estimate of accrued profit on a long-term contract, was materially
inaccurate.
 Amounts received or receivable in respect of insurance claims, which were in the course of
negotiation at the balance sheet date.
 Impairment of assets identified following an impairment review (under IAS 36, the need to write
down following a valuation may not be necessary if the value in use supports the carrying value).
Examples of non-adjusting subsequent events include; (EPAJun20I4 Qn2d Aug20l7 Qn2b)
 Mergers and acquisitions.
 Change of principal activities.
 Issues of shares and loan stocks.
 Purchases and sales of Property, plant and equipment, and investments.
 The consequences of natural disaster such as flood or earthquake.
 Opening new trading activities or extending existing trading activities.
 Post year-end decline in the value of property or other investments.
 Changes in foreign exchange rates.
 Government action.
 Strikes and other labour disputes.
 A significant part of the trading activities becoming a discontinued operation, if it was not
anticipated at the year-end.
In line with IAS 10 requirements, ISA 560 provides the following key definitions;
(a) Date of the financial statements - the date of the end of the latest period covered by the financial
statements, which is normally the date of the most recent balance sheet in the financial statements subject
to audit.

CPA Page 65

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

(b) Date of approval of the financial statements - the date on which the directors assert that they have
prepared the entity's complete set of financial statements, including the related notes, and that they have
taken responsibility for them.
(c) Date of the auditor's report - the date selected by the auditor to date the report on the financial
statements. The auditor's report is not dated earlier than the date on which the auditor has obtained
sufficient appropriate audit evidence on which to base the opinion on the financial statements.
(CPAAug20l7Bn2c)
(d) Date the financial statements are issued - the date that the auditor's report and audited financial
statements are made available to third parties, which may be, in many circumstances, the date that they are
filed with a regulatory authority. (CPAAug20l7Mc)

1.G.6 AUDIT OPINION ON FINANCIAL STATEMENTS - AUDITOR'S INDEPENDENT

REPORT
Use of Audit Evidence to Form an Opinion
The auditor's opinion is normally based on sufficient appropriate audit evidence indicating whether the
financial statements give a true and fair view (or are presented fairly, in all material respects) in accordance
with the applicable financial reporting framework and comply with statutory requirements. The auditor
should document matters, which are important in providing evidence to support the audit opinion, and
evidence that the audit was carried out in accordance with ISAs.
Types of Opinions
 Unmodified opinion (unmodified audit reports)
 Unqualified opinion
 Emphasis of matter paragraph
 Modified opinions (modified audit reports) (CPA Jun20I4 Qn5b, Jun20I5 Qn5a)
 Qualified opinion-except for (CPA Aug20I8 Qn2a; Nov20I8 Qn5b)
 Disclaimer of opinion
 Adverse opinion
Unmodified Opinion (Unmodified Audit Reports)
 Unmodified (unqualified) Opinion - This should be expressed when the auditor concludes that the
financial statements give a true and fair view in accordance with IFRS and Ugandan Companies
Act. An unmodified opinion also indicates implicitly that any changes in accounting principles or in
the method of their application, and the effects thereof, have been properly determined and
disclosed in the financial statements.
Specific circumstances under which Unqualified audit opinion may be issued (CPA Aug 2018 Qn2a)
a) the financial statements are in accordance with the books and records of the entity
b) the books and records include all the transactions for the accounting period
c) financial statements comply with the appropriate financial reporting framework
d) all transactions have been properly disclosed
e) the statement of financial position is a fair reflection of the assets and liabilities of the entity at a
particular point in time
f) all assumptions used in preparing financial statements are reasonable and that all estimates used are fair
and capable of explanation

CPA Page 66

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

g) the auditor has been able to obtain sufficient appropriate evidence in respect of all aspects of the
financial statements
h) there are no events which might affect the presentation of the financial statements that the auditors are
not aware of
i) there are no any errors/misstatements, which are material - free from material misstatements
j) the basis on which the accounts are prepared is reasonable
Circumstances when auditor may be unable to express an unqualified opinion; (CPANov2013Qnd)
i. Scope limitation from lack of evidence e.g. inability to conduct necessary audit procedures
ii. Departure from GAAP
iii. Lack of independence of the auditor
Emphasis of Matter (Matters that do not affect auditor's opinion) - In certain circumstances, an auditor's
report may be modified by adding an emphasis of matter paragraph to highlight a matter affecting the
financial statements, which is included in a note to the financial statements that more extensively discusses
the matter. The emphasis of matter paragraph does not affect the auditor's opinion and is normally included
after the auditor's opinion paragraph. The emphasis of matter paragraph would ordinarily refer to the fact
that the auditor's opinion is not qualified in this respect. The engagement partner would normally consider
including an emphasis of matter paragraph in the auditor's report in the following circumstances:
 When there is a going concern problem; or
 When there is a significant uncertainty (other than a going concern problem), the resolution of
which is dependent upon future events & which may affect the financial statements or
 When there's material inconsistency in other information in documents containing financial
statements (e.g. a directors' report), and directors refuse to make appropriate amendment.
Note: Going Concern concept & Indicators/Factors of going concern, (CPANov20l3Qn5a,b&c)
Assumption that the enterprise will continue in operational existence for the foreseeable future.
Responsibility of directors/auditor. Directors are responsible for ensuring that the Company will
continue in operational existence for the foreseeable future, and are responsible to report to members in
published financial statements. Auditors have the responsibility to check the accuracy of director's
workings and assumptions concerning going concern. If workings are considered inappropriate or
incorrect, then the audit report may be modified or qualified.
Indicators or factors include -as per ISA 570 (Revised);
 Inability to comply with terms of loan agreement
 Loss of a major market
 Pending legal proceedings against a firm
 Continuous excess of expenses to incomes (deficits or financial losses)
 Excess of liabilities to assets (Net Liabilities)
 Negative operating cash flows
 Fixed term borrowing approaching maturity without realistic prospects of renewal/repayment
 Loss of key management without replacement
 Adverse key financial ratios e.g. low profitability or liquidity ratios
 Inability to pay creditors on due dates

CPA Page 67

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

Modified Opinion (Modified Audit Reports) (CPAAug2015 Qn3a).

Matters that Do Affect the Auditor's Opinion. In certain circumstances, the auditor may not be able to
express an unmodified opinion. International Standards on Auditing (ISA) 705 (Revised) modifications to
the audit opinion in the independent auditor's report, establishes three types of modified opinions, namely,
a qualified opinion, an adverse opinion, and a disclaimer of opinion. The decision regarding which type of
modified opinion is appropriate depends upon:
 The nature of the matter giving rise to the modification, that is, whether the financial statements are
materially misstated or, in the case of an inability to obtain sufficient appropriate audit evidence,
may be materially misstated.
 The auditor's judgment about the pervasiveness of the effects or possible effects of the matter on the
financial statements.
Circumstances for Modified Audit Opinion
Therefore, ISA 705 (Revised) deals with the circumstances when the auditor is to express clearly an
appropriately modified opinion on the financial statements arising from the fact that:
(a) The auditor concludes, based on the audit evidence obtained, that the financial statements as a whole are
not free from material misstatement; or
(b) The auditor is unable to obtain sufficient appropriate audit evidence to conclude that the financial
statements as a whole are free from material misstatement.
Reasons/matters that affect auditor's opinion are; (CPANov20l2 Qn5b)
A qualified opinion - The auditor shall express a qualified opinion when:
(a) Auditor, having obtained sufficient appropriate audit evidence, concludes that misstatements,
individually or in the aggregate, are material, but not pervasive, to the financial statements; or
(b) The auditor is unable to obtain sufficient appropriate audit evidence on which to base the opinion, but
the auditor concludes that the possible effects on the financial statements of undetected misstatements, if
any, could be material but not pervasive.
 An adverse opinion - The auditor shall express an adverse opinion when:
(a) Auditor, having obtained sufficient appropriate audit evidence, concludes that misstatements,
individually or in the aggregate, are both material and pervasive to the financial statements.
 A disclaimer of opinion - The auditor shall disclaim an opinion when:
(a) The auditor is unable to obtain sufficient appropriate audit evidence on which to base the opinion, and
the auditor concludes that the possible effects on the financial statements of undetected misstatements, if
any could be both material and pervasive.
Summary of modified Opinions
Nature of Matter Gi vi ng Auditor 's Judgment about the Per vasi veness of the Effects
Rise to the Modification or Possible Effects on the Financial Statements
Material but Not Per vasive Material and Pervasi ve
Financial statements are
Qualified opinion Adverse opinion
materially misstated
Inability to obtain sufficient
Qualified opinion Disclaimer of opinion
appropriate audit evidence
Auditor's objectives in determining appropriate persons to communicate to; (CPA Aug2018 Qn2b)
 To enable the auditor to communicate clearly to those charged with governance, responsibilities of
the auditor in relation financial statement audit, overview of planned scope & audit timing

CPA Page 68

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

 To enable auditor obtain relevant information for the audit from those charged with governance
 To enable the auditor provide timely observations arising from the audit that are significant and
relevant to their responsibility to oversee the financial reporting process.
 To promote effective 2-way communication between auditor & those charged with governance.
 It facilitates free communication between the parties for better working relationships
Basic Components of Auditor's Unqualified Report(CPAJun20llQns5b: Jun20l3 Qn2c)
1. Opinion. 2. Basis for opinion
3. Key audit matters (for specific entities) 4. Other information
5. Responsibilities of management 6. Auditor's responsibility for audit of financials
7. Report on other legal and regulatory requirements
8. Engagement partner's name on the audit resulting in independent auditor's report
9. Signature, both in the name of audit firm and auditor's personal name as per ICPAU
10. Auditor’s Address (registered office location & report printed on letterhead)
11. Date (auditor's date)
SECTION 1.H: INTERNAL AUDIT
1.H1 INTERNAL AUDITING MEANING, SCOPE, LIMITATIONS, & ROLE
Meaning of Internal Auditing
Internal auditing is an independent, objective assurance and consulting activity designed to add value and
improve an organization's operations. It helps an organization accomplish its objectives by bringing a
systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control,
and governance processes. Internal auditing is a catalyst for improving an organization's governance, risk
management and management controls by providing insight and recommendations based on analyses and
assessments of data and business processes
Scope of Internal Auditing
The scope of internal auditing within an organization is broad and may involve topics such as an
organization's governance, risk management and Management controls over: efficiency or effectiveness of
operation (including safeguarding of assets), the reliability of financial & management reporting, and
compliance with 1aws & regulation. Internal auditing may also involve conducting proactive fraud audits
to identify potentially fraudulent acts: participating in fraud investigations under the direction of fraud
investigation professionals, and conducting post investigation fraud audits to identify control breakdowns
and establish financial loss.

Internal auditing activity is primarily directed at evaluating internal control. As per the COSO framework,
internal control is broadly defined as a process, effected by an entity's board of directors, management, &
other personnel, designed to provide reasonable assurance regarding the achievement of the following core
objectives for which all businesses strive;
Effectiveness and efficiency of operations.
 Reliability of financial and management reporting.
 Compliance with laws and regulations.
 Safeguarding-of Assets
Note: Committee for Sponsoring Organisation of Tread way Commission (COSO) is joint initiative

CPA Page 69

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

of five private sector organizations, established in the United States, dedicated to providing thought
leadership to executive management and governance entities on critical aspects of Organizational
governance, business ethics, internal control, enterprise management, fraud, and financial a common
internal control model against which Companies & organizations may assess their control system. COSO is
supported by 5 supporting organizations including Institute of Management Accountants (IMA), American
Accounting
Association (AAA), American Institute of Certified Public Accountants (AICRA)Institute of Internal
Auditors (IIA), & Financial Executives International (FEI).
Limitations of &/ or with Internal Auditing
 Installation & operation of internal audit involve extra expenditure which cannot be met by many
small concerns. As a matter of fact, internal audit is confined to larger business.
 Internal audit, becomes as better as it is used by managers. ,
 Internal audits are employed by the organization and this can impair their independence, objectivity,
and ability to report fraud/error to senior management. This is mainly because of perceived threats
to their continued employment with in the company.
 Internal auditors are not required to be fully professionally qualified and so there may be limitations
in their knowledge and technical expertise.
Role of Internal Auditor in Organisational Management (CPA Jun2014 Qn3c)
The general role of internal audit performed by the internal auditor is to provide independent assurance that
an organization’s risk management, governance and internal control processes are operating effectively.
Role in internal control - Internal auditing is primarily directed at evaluating internal control. ''Under
COSO framework, internal audit's objective regarding internal controls are; (i) effectiveness & efficiency
of operations, (ii) reliability of financial & management reporting, (iii) compliance with laws &
regulations, and (iv) safeguarding of assets.
Role in risk management - The internal audit department has a two-fold role in relation to risk
management; (i) it monitors the company's overall risk management policy to ensure it operates effectively,
and (ii) it monitors the strategy implemented to ensure that they continue to operate effectively.
Role internal audit in corporate governance - helping the Audit Committee of the Board of 'Directors
(or equivalent) perform its responsibilities effectively. This may include reporting critical management
control issues, suggesting questions or topics for the Audit Committee's meeting agendas, and coordinating
with the external auditor and management to ensure the Committee receives effective information.

1.H.2 USE 0F INTERNATIONAL PROFESSIONAL PRACTISE FRAMEWORK IN INTERNAL

AUDITING
The practice of internal auditing is guided by international Professional Practices Framework (IPPF). This
acts as the framework for internal audit effectiveness. IPPF is thus a conceptual framework that organizes
the authoritative guidance promulgated by the institute of internal auditors (IIA). Authoritative Guidance is
comprised of two categories; (i) mandatory & (ii) strongly recommended. Internal auditors have to comply
with the framework especially on core principles, standards, & code of ethics.
Core principles for internal auditors as per IPPF
 Demonstrates integrity.
 Demonstrates competence and due professional care.

CPA Page 70

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

 Is objective and free from undue influence (independent),

 Aligns with the strategies, objectives, and risks of the organization.
 Is appropriately positioned and adequately resourced.
 Demonstrates quality and continuous improvement.
 Communicates effectively,
 Provides risk-based assurance.
 Is insightful proactive, and future-focused.
 Promotes organizational improvement.
International Standards for the Professional Practice of Internal Auditing (Standards).
Standards followed by internal auditors as per IPPF are principle-focused and provide a framework for-
performing and promoting internal auditing. The Standards are mandatory requirements consisting of (a)
statements of basic requirements for the professional practice of internal auditing and for evaluating the
effectiveness of its performance. The requirements are internationally applicable at organizational and
individual levels, (b) Interpretations, which clarify terms or concepts within the statements, (c) Glossary
terms.
Code of Ethics. The Code of Ethics states the principles and expectations governing the behavior of
individuals and organizations in the conduct of internal auditing. It describes the minimum requirements
for conduct, and behavioral expectations rather than specific activities. Internal auditors are expected to
apply and uphold the following principles; integrity, objectivity, confidentiality, and competence.

1.H.3 EXTERNAL VS. INTERNAL AUDITING – DIFFERENCES & SIMILARITIES

Comparison between Internal & External Audit(or)
Basis Internal Audit External Audit
Responsibility A responsibility for internal auditors, to Not a responsibility, even though fraud
regarding fraud prevent through effective controls, can be detected by external auditors
detect, and report fraud
Designed to add value & improve an An exercise to enable auditors to express
Objective
organization's operations an opinion on the financial statements
Reports to the board of directors or other Reports to the shareholders or members of
people charged with governance, such a company on the truth and fairness of the
Reporting as Audit Committee. Reports are accounts. Audit report is publicly available
private, for the directors & management to the shareholders and other related
of the company parties
Scope Work relates to the operations of the Work relates to the financial statements
organization
Often, internal auditors are employees External auditors are independent of the
Relationship of the organization, although company and its management, usually
sometimes the function is outsourced appointed by the shareholders
Internal audit is not a statutory An external audit is a legal requirement,
Regulation requirement for companies to have, but by the Companies Act, for it to be
companies institute it for the good of conducted annually and by other relevant

CPA Page 71

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

governance of the entity laws & regulations

Reporting The framework used by internal An external auditor uses International
framework auditors for reporting are Standards for Standards on Auditing in the conduct of
Professional Practice of Internal his worker
Auditing as per IPPF
Similarities (Common interests) between Internal & External Audit (CPAJun20ll3 Qn3b;Jun20l3
Qn3a)
Interest in effective system of internal control
Continuous effective operation of internal control Adequate management information flow
Asset safeguarding
Adequate accounting system-compliance with companies act
Ensuring compliance with statutory and regulatory requirements
Both carry out testing routines which examine and analyse many transactions
Both seek active cooperation
Both produce reports on their activities

1.H.4 PERFORMING AN INTERNAL AUDIT ASSIGNMENT

Nature of internal audit work
The internal audit activity must evaluate and contribute to the improvement of governance, risk
management, and control processes using a systematic and disciplined approach. It has to cover at least the
following aspects; governance, risk management & internal consols.
Planning internal audit assignments (CPA May20l9 Qn2a)
Internal auditors must develop and document a plan for each engagement, including the engagement's
objectives, scope, timing, & resource allocations. In planning the engagement, internal auditors must
consider:
The objectives of the activity being reviewed and the means by which the activity controls its performance;
The significant risks to the activity, its objectives, resources, and operations and the means by which the
potential impact of risk is kept to an acceptable level;
The adequacy and effectiveness of the activity's governance, risk management, and control processes
compared to a relevant framework or model; and
The opportunities for making significant improvements to the activity's governance, risk
management, and control processes.
Conducting an internal audit assignment
 Internal auditors must identify, analyze, evaluate, and document sufficient information to achieve
the engagement's objectives.
 Identifying Information - Internal auditors must identify sufficient, reliable, relevant, and useful
information to achieve the engagement's objectives.
 Analysis & evaluation - Internal auditors must base conclusions and engagement results on
appropriate analyses and evaluations.
 Documenting Information - Internal auditors must document relevant information to support the
conclusions and engagement results.

CPA Page 72

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

Communication of the results of internal audit assignments

Internal auditors must communicate the results of engagements.
Criteria for Communicating - Communications must include engagement's objectives & scope as-well as
applicable conclusions, recommendations, & action plans.
Final communication of engagement results must, where appropriate, contain internal auditors' opinion
and/or conclusions. When issued, an opinion or conclusion must take account of the expectations of senior
management, the board, and other stakeholders, and must be supported by sufficient, reliable, relevant, and
useful information.
Quality of Communications - Communications must be accurate, objective, clear, concise, constructive,
complete, and timely.
Disseminating Results - The chief audit executive must communicate results to the appropriate parties.
The format & content of audit review reports (CPA Nov2018 Qn4b)
Overall Opinions (report) - When an overall opinion is issued, it must take into account the expectations of
senior management, the board, and other stakeholders and must be supported by sufficient, reliable,
relevant, and useful information. The communication/report will identify:
 The scope, including the time period to which the opinion pertains;
 Scope limitations;
 Consideration of all related projects including the reliance on other assurance providers;
 The risk or control framework or other criteria used as a basis for the overall opinion; &
 The overall opinion, judgment, or conclusion reached
 Recommendations to management & those charged with governance
1.H.5 DEVELOPMENTS IN INTERNAL AUDITING - NATURE & OUTSOURCING OF INTERNAL
AUDIT
Nature & purpose of internal audit assignments
Value for Money Audits. These are audits which examine the economy, efficiency and
effectiveness (3Es) of activities and processes. The internal auditor will evaluate these three factors
for any given business system or operation.
Information Technology Audits. This is a test of controls in a specific area of the business regarding
the computer system. Controls over computers are tested and it is often necessary to have an IT
specialist in the internal audit team to undertake an audit.
Financial Audits. This involves reviewing all the available (usually the company's records) to
substantiate information in management and financial reporting. This is similar to external audit
work.
Operational Audits. These are audits of the operational process of the organization. They are also
known as management or efficiency audits. Their prime objective is the monitoring of
management's performance, ensuring company policy is adhered to. Examples include;
procurement audits, marketing audits, treasury audits, & human resource audits.
Investigation Audit. Detailed inspection, verification, clarification and correction of business
accounts or any doubts that may have occurred regarding any transaction business form.

CPA Page 73

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

Advantages & disadvantages of outsourcing the internal audit function

Advantages of outsourcing the internal audit function (CPA Jun 20I2 Qn5a; Jun2016 Qn4a)
Skills. If the outsourced auditing firm is a large one, the company can enjoy the expertise of the auditors
who are most skilled in their areas of audits.
Staff Quality. Especially true if the provider is from the Big Four where the quality of the auditing staff
supplier should be unusually high.
Knowledge of Best Practices. Compared to the in-housed auditors, the outsourced auditors might have
more knowledge acquired when they review the functions of many companies hence building up a huge
knowledge base of how processes can be performed most efficiently and effectively.
Variable costs. The company only pays for audits performed. Hence, auditing cost can be switched from
being a fixed one for an in-house staff to a variable one for an outside staff.
Quick accessibility to audit services. The company has the advantages of very quick accessibility to an
experienced audit team if it acquires a new business in a foreign location that is inconvenient for its internal
staff to reach.
Reduced travel costs. With a big auditing firm, it can avail itself with audit staff from all over the region.
Thus, saving company with huge traveling costs if it sends its own internal staff.
No downtime. The company is able to avoid non-productive downtime that sometimes occurs with an in-
house staff e.g. interval between end of one audit and the next one.
No hiring and training costs. The company can avoid the substantial hiring and training costs needed to
staff and retain high key powered audit team
Disadvantages of outsourcing the internal audit function (CPAJun20l2 Qn5a;Jun2013 Qn4a)
Higher Cost. It can be more expensive especially to small companies as auditing firm will charge its client
using hourly rate which includes the firm's overheads and profit margin.
Gaps in experience & skillsets. The perceived quality of the auditors provided by the audit firm may be
lower than anticipated since most of them have a very high staff turnover and also recruiting staff with
lower level of experience in order to give them experience.
Losing training opportunities. Some companies used the internal audit function to train their managers so
as to give them a sound knowledge of how the company functions. By outsourcing, the company loses its
training ground for the future manager of the company.
Giving-up on responsibility. The management might have the wrong notion that the responsibility now is
passed to the outsourced provider.
Independence issue. Sometimes, outsourced providers are external auditors whose independence is at stake
as due to conflict of interest with their role as the internal auditors.
Controls over the Outsourced Internal Audit Function; (CPAJun20l2 Qn5b)
Setting performance measures in terms of costs and areas to be reviewed
Ensuring appropriate audit methodology, working papers (wps) reviews are maintained
Reviewing wps on sample basis to ensure they meet internal audit guidance standards
Agreeing internal audit work plans in advance before work commencement
If external auditors are used, then the company has to ensure that the two functions are separated so
that independence and objectivity is not impaired
Establishing comprehensive terms of reference
Establishing a well-designed reporting procedure to e.g. finance, audit committee or Board

CPA Page 74

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

1.H.6 TYPES OF INTERNAL AUDITS & RELIANCE ON INTERNAL AUDITOR'S WORK

Types of Audits done by Internal Auditors (CPA Aug 2015 Qn3a)
Routine and automatic audits.
Periodic audits
Surprise audits
Investigative audits
Consultative and adhoc audits
Qualities of Internal Audit Reports (CPAJun2CI8Mb)
(i) Objectivity. The comments and opinions expressed in the internal audit reports should be objective
and free from bias.
(ii) Clarity. The language used should be simple and straight forward, i.e., easy to be understand ^ by
entity's management.
(iii)Accuracy. The information contained in the internal audit report should be accurate and free from
errors and or omissions.
(iv) Brevity. The internal audit reports should be concise and precise, i.e., straight to the issues intended to
be communicated.
(v) Timeliness. The internal audit reports should be submitted to management promptly so that corrective
action can be put in place.
Factors when designing internal audit department (CPAJun2011 Qn2a;Aug20l5 Qn3B. Jun20173n5b)
 Increase in size of the business activities or the organisation
 Dynamic business like changes requiring intensive controls in place T Regulatory requirement, to
have internal audit department or audit committee
 Competition, for strong internal controls and operations
 Evolution of information technology, which requires data security through controls
 Availability of resources like finances and competent staff to execute internal audit function
Criteria for Reliance on Internal Auditor's Work by External Auditors (CPA Nov20l3 Qn4c; Aug20l5
Qn3d)
 Organisation status or structure - in terms of reporting structure e.g. reporting to who?
 Scope of function - depth and sufficient of work done by the internal auditor
 Technical competence - training, qualifications, and experience of the internal auditor
 Supervision and review - the extent to which internal audit work is supervised/reviewed
 Sufficiency of audit evidence - as collected and reported by the internal auditor
 Quality of internal audit reports - content and responses reported by internal auditor
 Level of resource available - the staff available in the internal audit department
 Independence of internal auditors - possibility of their decisions or views being biased

CPA Page 75

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

PART 2 PROFESSIONAL ETHICS AND VALUES

SECTION 2.A; INTRODUCTION
2.A.1 MEANING OF ETHICS
Ethics is concerned with "the study of human conduct or behavior in relation to what is right or wrong,
good or bad, desirable or undesirable". Ethics is closely related to values, which are principles that are
basically taken to be important or cherished. Therefore, ethics is practical and relevant in all forms of
private human activities and business activities. In the past and recent times, the accountants' public image
has dwindled alarmingly due to high corporate failure on both global and local arena. This was and is said
to be attributed to accountants' (auditors) failure to whistle-blow the dubious activities which had come to
their notice. Generally, the aim of this paper is to enable students identify, assess, discuss, and even reason
professionally regarding the different ethical issues which will be presented in the exam and practically at
the workplaces.

For academic study guidance on CPA P12, formerly CPA P9: Professional Ethics and Values, Ethical
Education Framework (EEF) will be followed. The ethics education framework has been designed to
provide a structure for the development of ethical education. It recognizes that ethics education is actually a
lifelong process and will continue through the career of an accountant or in any other professional field.
The framework establishes a four-stage learning continuum in which professionals are expected to move
through during their careers.
Four Learning Stages of Professional Ethics (Education Ethical Framework)
1st Stage: Ethical knowledge/education. Ethical education focusing on communicating fundamental ethical
knowledge about professional values, ethics, and attitudes. The aim is to develop ethical intelligence by
obtaining knowledge of the different ethical concepts and theories relating to the area .of work. This stage
explains the fundamental theories and principles of ethics. Having obtained knowledge of theories, the
accountant will understand the ethical framework within which they operate. By the end of this stage, the
participant should have read the members' handout on ethics and therefore having understood the
theoretical terms and basically the ethical/fundamental principles.
2nd Stage: Ethical sensitivity Ethical sensitivity applies the basic ethical principles from stage one to the
actual work of the accountant in the functional areas such as auditing, human resource, consultancy, and
taxation. The aim of this stage is to ensure that the accountant can recognize ethical threats. The stage is
developed by providing case studies and other learning aids to exhibit how and where ethical threats can
arise. Thus, the accountant is sensitized on ethical issues - the areas where ethical threats appear or can be
identified e.g. if the client offers free use of company's car (not prior agreed upon) may create a conflict of
interest & independence issues on an audit.
3rd Stage: Ethical judgment. The accountant/participant is now taught how to integrate and apply ethical
knowledge and sensitivity (stages one and two) to form reasonable and well-informed decisions. This stage
three therefore assists accountants in deciding on ethical priorities and being able to apply a well-founded
process for making ethical decisions. It is taught by applying ethical decision-making models to ethical
dilemmas, showing how ethical judgment is being applied. By the end of this stage, the participant will
have taken different scenarios used in stage two and further identify methods of overcoming the ethical
threats or dilemmas. For instance being in position to understand that the offer of free usage of unexpected
company's car by the auditor should be declined.

CPA Page 76

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

4th Stage: Ethical behavior. The concern here is to explain how an accountant should-act ethically in all
situations, that is, not just at the workplace but in other situations where the profession of accountancy
must be upheld. This means that ethical behavior is more believing in ethical principles, and it t also
involves acting on those principles. In terms of lifelong education, the accountant must therefore continue
to be aware of ethical theory, ethical threats and continually seek to judge actions in the light of expected
ethical behavior. By the end of this stage four, the participant should be in position to transfer the
knowledge obtained in stages one to three into practical scenarios.

2.A.2 ETHICS VS. VALUES VS. NORMS VS. ARTIFACTS

Ethics is concerned with the study of human conduct or behavior in relation to what is right or wrong, good
or bad, desirable or undesirable. Ethics can also be defined as;
"Rules and principles that define right and wrong conduct" or
"What is right and proper and just in decision and actions that affect other people - what is considered
proper and just behavior"
Thus; Ethics can be termed as "the discipline dealing with what is good or bad or what is right or wrong or
specifically with moral duty and Obligation". It is broadly concerned with moral principles and individual
behaviours. (CPA Jun20l2 Qn2a;CPA Aug20l8 Qn3a)
Values can be defined as what is believed to be important about how people and the organizations behave.
Values help people to determine what they think is right or wrong, what is -important, what is
desirable/pleasing. Values are basic convictions that a specific mode of conduct or end-state of existence is
personally or socially preferable to an opposite or converse mode of conduct or end state of existence.
Examples of values include; self-respect, honest, responsible, independent, equality, and happiness. (CPA
Jun20I2 Qn2a; CPAAug20l8 Qn3a) Organizational Values are beliefs as per what is best or good for the
organization and what should or ought to happen. The stronger the values, the more. They will influence
behavior. Implicit values are those that are deeply embedded in the culture of an organization and are
reinforced by the behavior of management. While espoused/explicit values are idealistic and are not
reflected in managerial behavior and may have little or no effect.
Some of the most typical areas in which values can be expressed, implicitly or explicitly are;
► Performance ► Competence
► Competitiveness ► Innovation
► Quality ► Customer service
► Teamwork ► Care & consideration for people
Note: Values are translated/enacted into reality through norms and artifacts. They may be expressed
through the media of language (organizational jargon), rituals, stories, myths, and among other channels.

Norms (morals) can be defined as acceptable standards of behaviour within a group that are shared by
group’s members. Equally, norms are unwritten rules of behavior-rules of the game that provide informal
guidelines on how to behave. Norms tell people what they're supposed to be doing, saying, believing, even
wearing. They are never expressed in writing. If they are expressed in writing, they become policies or
procedures. (EPAJun20I2 Qn2a)

CPA Page 77

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

Artefacts are visible and tangible aspects of an organization that people hear, see or feel. Artefacts can
include such things as the working environment, the tone and the language used in letters or memoranda,
the manner in which people address each other at meeting or over the telephone, the welcome (or lack of
welcome) give to visitors and the way in which telephonists (Public Relations Officers or Customer Care)
deal with outside calls.

2.A.3 NATURE OF ETHICS

Objective Principles. These are ethical principles or ethical basis derived from pure logical or rational
grounds of ceasoning. They-are generally accepted to be true to a wider community.
Subjective Principles. These are ethical principles derived from personal conviction and may not
necessarily be logical or rational.
2.A.4 PHILOSOPHICAL VS. PROFESSIONAL APPROACHES TO ETHICS
Philosophical Approach to Ethics - Rational
According to this ethical approach, values are learnt from childhood by interacting with people and the
environment. To effectively impart values, one has got to work on issues that affect society in general.
People instinctively learn values without much reasoning as to why such values are what they are.
Professional Approach to Ethics - Training.
This ethical approach give ethical credit to intentional training and thus a professional approach to ethics.
More and more organizations are setting up seminars, workshops and similar ethical training programs to
encourage ethical behavior. Such trainings are reminders that management wants employees to consider
ethical issues in decision making. They clarify what practices are not acceptable.
Note: Critics of ethical training argue that it is useless because people establish their individual value
systems when they are-young. Supporters argue that values can be learnt after early childhood and that
training can increase the individuals stage moral development.

2.A.5 ETHICAL THEORIES MORAL ABSOLUTISM VS. RELATIVISM

Moral Absolutism Vs. Moral Relativism Ethical Theories (CPAJun20EUnE;Aug20l6 Qn5a)
Moral Absolutism is concerned with right & wrong conduct universally - there's nothing like a "6" which is
equally a "9" viewed from different angles. The absolute is what determines whether the action or conduct
is right or wrong from all corners. From standpoint of moral absolute, some things are always right and
some things are always wrong no matter how one tries to rationalize them. Moral absolutism emerges from
a theistic worldview.
Moral Absolutism is the ethical belief that there are absolute standards against which moral questions can
be judged, and that certain actions are right or wrong, regardless of the context of the act. Thus, actions are
inherently moral or immoral, regardless of the beliefs and goals of the individual, society or culture that
engages in the actions. It holds that morals are inherent in the laws of universe, nature of humanity, the will
of God or some other fundamental source.

Absolutism is when things are right or wrong for every human being from an objective point of view and
can't change according to culture. Certain actions are intrinsically right or wrong (right or wrong in
themselves). A person who believes ethics should not vary depending on things such as culture or religious
upbringing, would take a clear stand on a moral issue. For example, an absolutist would not only claim that

CPA Page 78

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

homosexuality is either clearly wrong or clearly acceptable, but also state that their particular position is
applicable to everyone.
Criticisms of Moral Absolutism
 A primary criticism of Moral Absolutism regards how we come to know what the absolute morals
are. For morals to be truly absolute, they would have to have a universally unquestioned source,
interpretation and authority, which critics claim is an impossibility.
 Another of the more obvious criticisms is the sheer diversity of moral opinions which exists
between societies (and even within societies) in the world today, which suggests that there cannot
be a single true morality.
 A Consequentialist would argue that it cannot be right for a moral absolutist to be unprepared to kill
one man in order to prevent the deaths of many others, although this would be a rather extreme and
dogmatic example of moral absolutism.
Strengths of Moral Absolutism (CPAJun20I2 Qn6)
 Morality isn't based on preferences, but rather on absolute and universal values.
 Absolutism allows different societies to share common values.
 It gives authority to human rights legislation; which is designed to protect people.
 It allows one society to evaluate the morality of another society; a society can judge actions which
are wrong and act on that judgment.
 Absolutism provides a fixed ethical code which gives clear moral judgments in situations where
there's a need for ethical guidance.
Weaknesses of Absolutism (CPAJun2012 Qn6)
♦ Absolutism doesn't take into account historical development. An absolutist theory has no place for the
evolutionary nature of humanity in general, and of moral theories in particular.
♦ It doesn't take into account cultural difference - absolutists can seem intolerant of cultural diversity.
♦ It doesn't take into account individual lifestyles.
♦ It doesn't consider the situation. Absolutism ignores the circumstances in which ethical judgments are
made.
♦ How do we actually know what absolute morals are, as all sources of morality are open to human
interpretation?
Moral Relativism is the belief that conflicting moral beliefs are true - there can be a ―6‖ which is equally a
―9‖ if viewed from different angles. This carries the idea that what you regard as a right conduct may be a
right conduct for you, but not for me. To put it another way, "Relativism (insists \ that what is true for the
individual replaces the search for absolute truth". "These conflicting moral beliefs may exist in case of two
or more individuals or in different cultures (cultural relativism) or in different historical epochs (historical
relativism)" (CPAMay20I3 Qn5aii).

Moral Relativism is the position that moral propositions do not reflect objective and/or universal moral
truths, but instead make claims relative to social, cultural, historical or personal circumstances. It is related
to, but not the same as, Moral Realism (the position that certain acts are objectively right or wrong,
independent of human opinion), & to Moral Universalism (the position that there is a universal ethic which
applies to all people, regardless of culture, race, sex, religion, nationality, sexuality or other distinguishing
feature).
CPA Page 79

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

Relativism is the theory which stated that there are no absolute truths; truth is relative to the subject & can
vary from person to person and from society to society. There are no universally valid moral principles and
so there is no one true morality. All principles and values are relative to a particular culture and age. Truth
is relative. Relativism is most appealing because of its sensitivity - it accepts others' beliefs, refuses to
judge, and insists that no belief is best. Some relativists believe that because they cannot know truth, they
have to be tolerant of all other beliefs. A common phrase of a relativist is, "Who am I to judge?" The
greatest obstacle for a relativist is explaining how legislation should occur when right and wrong is either
unknown or different depending on each person's beliefs. Continuing with the previous illustration of
homosexuality, a relativist will believe this choice is right or wrong for them but, at the same time, will
insist that imposing their view on others is being too judgmental.
Strengths of Relativism (CPA Jun2012 Qn6)
 Relativists believe in tolerance and respect for other people's societies. Relativism is the only
practical moral philosophy for society today, since mass migration has made a massive difference
in societies, it rejects the idea that a group's moral norms are superior to any other. This respect for
diversity produces a peaceful and harmonius society.
 Relativism rejects moral imperialism (one culture/society forcing their "superior" morals on another
culture/society). Most of the 20th Century wars were fought for ideological/cultural reasons.
Relativism rejects the unique truthfulness of any ideological position.
 Language isn't neutral - culture determines language. Words vary in their meaning from {/society to
society, language to language. Words like goodness or justice, truth or freedom
 mean different things in different parts of the world and at different times in history.
 Truth lies in the ideas of the masses. "Truth is with the crowd and error with the individual".
The selfishness of the individual is weakened by the needs of the group - the views of the crowd
filter out the selfishness of the individual. However, groups may not always filter out personal
prejudices; they might amplify them.
 With subjective relativism the individual's character determines their morals. Most ethical. Theories
ignore the personality of the individual. Subjective relativism puts personality to centre stage. But
again, this may be strength or a weakness. .
Weaknesses of Relativism (CPA Jun20I2 Qn6)
 Relativism fails to appreciate that certain moral values are universal. It implies that there can be no
real evaluation or criticism of practices such as murder. Just because cultures differ, it doesn't mean
there's no objective "good". "Every culture has a concept of murder"
 Relativism argues that the job of ethics is essentially descriptive (& not prescriptive). If ethics just
describes & analyses customs of different societies it wouldn't be possible to condemn corrupt/evil
actions. This wouldn't be possible if non-judgmental and culturally-sensitive approach is followed
 Relativism views culture as the sole influence on human life and therefore on morality. Moral
problems are "often complex and are determined by a variety of issues. Relativists believe a
multicultural society will be tolerant and morally good, as people know more about each other's
cultures. However, this hasn't been the case in human history, as there have been more than just
cultural problems which divide humans.
 Relativism seems to give little reason for behaving morally except to be socially acceptable.
CPA Page 80

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

 What is the difference between social reform & moral imperialism? Cultural relativists reject any
interference by one culture in morality of another, so would social reformer be seen as intolerant
rather being courageous innovator? Moral progress becomes ethical interference and this prevents
human progress, so a single society's culture becomes fixed in the past.

2.A.6 ETHICAL THEORIES - CATEGORICAL IMPERATIVE (CI)

This further explains deontological ethical theory & it was advanced by Kant Immanuel. Kant's
classification of imperatives: imperatives are either hypothetical (if you desire X, then do Y) or categorical
(do Yl). When hypothetical imperatives take happiness as their goal, Kant calls them assertoric (because
there is no question about the satisfaction of the "if part: all rational creatures desire to be happy). Moral
imperatives are categorical (with a small "c"). Kant thinks that they can all be derived from The
Categorical Imperative (with a big "C"). The categorical imperative is a moral absolute. It is expressed in
the Groundwork of the Metaphysics of Morals," in three (3) distinct formulations (CPAJun2012 Qn7b;
Jun2015 Qn6a).
1st formulation of the CI: The Formula of Universal Law. Act only on that maxim through which you can
at the same time will that it should become a universal law. Kant suggests that we should "act only on that
maxim becomes a universal law." An act is wrong if its maxim cannot be willed (by others & yourself) into
becoming universal law. Shortcoming »one's actions can't be liked by everyone and thus, universal law is
not feasible practically.
2nd formulation of the CI. Formula of the End in Itself. Act in such a way that you always treat
humanity, whether in your own person or in the person of any other, never simply as a means, but always
at the same time as an end. Kant says that we should treat other rational beings as ends in themselves, never
as a means to an end. He is saying that the identity of a person is tied to the rationality of their actions, not
their ego (being motivated by their desires or inclinations). To be rational human beings is to submit
ourselves to universal laws, respecting others as much as oneself. Shortcoming »not everyone deserves
respect in some instances like a corrupt accountant with gross misconduct.
3rd formulation of the CI. The Formula of Universal Kingdom of Ends. Every rational being must so act
as if he were through his maxim always a legislating member in the universal kingdom of ends. Kant's third
& final formulation of the categorical imperative is the principle of autonomy (autonomy of will). It
outlines that every rational being is able to reason through to the necessary conclusions to act morally, as a
"maker of laws in the kingdom of ends". This principle of autonomy essentially allows the first formulation
of categorical imperative to hold.
Shortcoming not everyone can always act morally since one's behavior is greatly influenced by one's
character.
2.A.7 CONSEQUENTIALISTS VS. NON-CONSEQUENTIALISTS ETHICAL THEORIES L
Consequentialist - theory of value judges the Tightness or wrongness of an action based on the
consequences that action has. The most familiar example would be utilitarianism "that action is \ best that
produces the greatest good for the greatest number". (CPA Jun2013 Qn7)
The Normative ethical theory (Teleological Ethics') which maintains the Tightness (or 'goodness') of an
action is in some way determined by the consequences which follow from the act. If an action produces
good consequences, it is the 'right' action. The question for the consequentialist to answer is, "What is a

CPA Page 81

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

good consequence & for whom is it good?" Different attempts to answer - this question give rise to distinct
versions of Consequentialism:
 Hedonism - whatever brings me the most pleasure
 Egoism - whatever brings me the most happiness (CPAJun2D150n3a).
 Psychological Egoism – everyone is a matter of fact) always acts in their own best interest
 Ethical egoism - everyone should always act in their own best interest
 Individual ethical Egoism - everyone ought to act so as to promote my wellbeing
 Universal ethical Egoism - everyone ought to act so as to promote their own well being
 Utilitarianism - whatever brings about the greatest amount of happiness for the greatest number of
people (CPA Jun20I5 Qn3a)
 Act Utilitarianism - an action is 'good' just in case it brings about the greatest amount of happiness
for the greatest number of people
 Rule Utilitarianism - a rule is 'good' just in case it brings about the greatest amount of happiness for
the great number of people
Non-Consequentialists - theory of value that judges the Tightness or wrongness of an action based on
properties intrinsic to the action, not on its consequences. The most common examples are; Libertarianism
- people should be free to do as they like as long as they respect freedom of others to do the same.
Contractarianism - no policy that causes uncompensated harm on anyone is permitted. (CPAJun20I3 Qn7)

Note: Generally, Philosophical theories based upon principles are; Teleological theories (Consequential) &
Deontological Theories (Non-Consequential). Teleological or Consequential theories include; Egoism, Act
utilitarianism, Rule utilitarianism, and situation ethics. Deontological (Non-Consequential) theories
include; Kantian- Categorical Imperative, Rawl's theory of Justice, Divine command theory, & Natural law
theory (theistic & non-theistic).

2.A.8 ETHICAL THEORIES - ROMBERG MORAL REASONING (CRITERIA IN ETHICAL

REASONING)
Kohlberg's Stages of Moral Reasoning (CPANov2011 Qn3a; Nov20l2 Qn7; Jun20l5 Qn6b)
Level 1: Pre-conventional: At this level, judgment is based on person's needs & perceptions.
Stage 1: Punishment-obedience orientation. Person in this stage obey rules to avoid punishment. A good or
bad action is determined by its ^physical consequences. Individuals make moral decisions on the basis of
what is best for themselves, without regard for the needs or feeling of others. They obey .rules only if
established by more powerful individuals; they disobey when they can also without getting caught.
Stage 2: Personal-reward orientation (exchange of favours). In this stage, personal needs determine right or
wrong. Fav5rs are returned along the lines of "you scratch my back, I'll scratch yours". Individuals begin to
recognize that others also have needs. They may attempt to satisfy the needs of others if their own needs
are also met in the process. They continue to define right and wrong primarily in terms of consequences to
themselves.
At level one, a person's answer to the Heinz dilemma might be, "it is wrong to steal the drug to save your
wife because you might get caught." This reasoning is based on the consequences of his actions. This
person's primary concern is avoiding punishment. On the reverse side, the reasoning for stealing the drug
would be to avoid punishment by your wife and the law, assuming an investigation came after the wife's'

CPA Page 82

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

death. The inquiry may blame the man for not coming up with a way to get the money to save his wife's
life.
Level 2: Conventional: The expectations of society and society's laws are taken into account in a decision
about a moral dilemma.
Stage 3: Good boy-nice Girl orientation. To a person in this stage, good means "nice". One's behavior is
determined by what pleases and is approved by others. This is a point in Kohlberg's theories that has
received criticism regarding its bias against women. Individuals make moral decisions on the basis of what
actions will please others, especially authority figures. They are concerned about maintaining interpersonal
relationships through sharing, trust, and loyalty. They now consider someone's intentions in determining
innocence or guilt.
Stage 4: Law & order orientation. When deciding the punishment for a given wrongdoing, laws are
absolute. In all cases, authority must be respected and the social order maintained. Individuals look to
society as a whole for guidelines concerning what is right or wrong. They perceive rules to be inflexible
and believe that it is their "duty" to obey them.
At level two, one takes into account society's norms and laws, saying, "It's wrong for Mr. Heinz to steal
because it's against the law. Mr. Heinz wants society to approve of his actions, so he doesn't steal the drug."
On the flip side, the subject may believe: "it's right to steal because Mr. Heinz means well by trying to help
his dying wife. He'll pay the drug when he is able, or accept the consequences for stealing the drug." In this
case, the subject still respects the law, but places an even higher value on loyalty to his loved' ones. This
shows a desire to be a good person but still conform to the law.
Level 3: Post-Conventional: Judgments are based on abstract, more personal principles that aren't
necessarily defined by society's laws.
Stage 5: Social-contract orientation. Good is determined by socially agreed upon standard of individual
rights. The United States Constitution is based on this type of morality. Persons operating in this moral
stage believe that different societies have different views of what is right and wrong. Individuals recognize
that rules represent an agreement among many people about appropriate behavior. They recognize that
rules are flexible and can be changed if they no longer meet society's needs.
Stage 6: Universal-ethical-principal orientation. What is "good" and "right" are matters of individual
conscience and involve abstract concepts of justice, human dignity, and equality. In this stage, persons
believe there are universal points of view on which all societies should agree. Individuals adhere to a small
number of abstract, universal principles that transcend specific, concrete rules. They answer to an inner
conscience and may break rules that violate their own ethical principles.
At level three, a person's response might be, "It's not wrong for Mr. Heinz to steal because human life must
be preserved and life is worth more than personal property." Note that the thinking here is more abstract
than the previous levels. Laws to a person at this level can be considered somewhat arbitrary, depending on
the situation. This person realizes that laws are important to keep society running relatively smoothly, but
also knows that they can be too rigid to apply in some cases. This person justifies that saving a life is more
important than an abstract symbol of power, money, etc.

CPA Page 83

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

2.A.9 ETHICAL OBJECTIVES OF AN ORGANISATION & ACCOUNTANCY PROFESSION

Organisational Ethical Objectives
Staff of all organizations need ethical guidance in order to guide them towards fulfillment of the personal
goals and the overall organizational goals and objectives. The dos and don'ts should be well articulated in
the code of conduct and other organizational manuals. There are a number of benefits related with
recognition of organizational ethics like;
 The organization avoids the damaging effects of a reputation. Unethical business only makes short-
term gains not long-term.
 A solid ethical framework guides managers as they cope with an increasingly complex environment
influenced by government regulations, special interest groups, and media.
 The company earns the respect of two essential groups, employees and customers. Ethics may be
impossible to quantify but customers and employees easily recognize it.
 Rescue from costs of unethical workplace conduct such as fraud, customer dissatisfaction, decrease
in productivity,
 In addition to the above, rescue from erosion of personal and organizational reputations in the eyes
of stakeholders especially clients and the public.
Accountancy Profession Ethical Objectives
No matter how their livings are earned, accountancy members will often need ethical guidance in relation
to particular circumstances. Members of the accountancy bodies engaged in professional practice, or who
in one way provide professional services to clients, may on occasion, need guidance on the correct course
to pursue in their dealings with clients' affairs. The purpose of the Ethical Code is to provide such guidance
and to lay down standards against which conduct may be assessed.

Members in salaries employment are subject to the terms (including terms applied by law) of contracts of
employment. In certain respects, they are in a very similar position as to practitioners in practice.

Members of Various accountancy bodies are under an obligation to avoid conduct which would bring
discredit on themselves, the accountancy body or the accountancy body or the accountancy profession.
Such conduct may involve disciplinary proceedings.
Members are expected in normal circumstances to follow the guidance contained in the code of ethics as
may be published by various accountancy bodies.

SECTION 2.B; WORKPLACE ETHICS

2.B.1 MEANING OF WORKPLACE ETHICS
Workplace Ethics involve setting expectations, providing guidance along the way and consistently
choosing to do the right thing at workplace. Ethical standards guide individuals & the company to act in an
honest and trustworthy manner in all interactions. These standards should encourage employees to make
the right decisions for the company, not the individual, and give them the courage to come forward should
they notice dishonest and unethical behavior. Company programs focused on ethics help lay out company
standards and expected practices as they relate to ethical behavior and decisions. This can include
providing clear guidance on common ethical dilemmas, such as using the phone at work for personal long-
distance calls or using company software programs for personal projects.

CPA Page 84

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

2.B.2 FACTORS DETERMINING ETHICAL BEHAVIOUR AT WORK

1. Individual Standards & Values. These include; (CPA Aug2015 Qn5a; Nonv20l5 Qn2b)
Behavior. All companies specify what's acceptable behavior, and what is not, when hiring an
employee. Behavior guidelines typically address topics, such as harassment, work attire and language.
Workers who don't follow codes of conduct may receive written and verbal warnings, and ultimately be
fired.
Integrity. A key component to workplace ethics and behavior is integrity, or being honest and doing
the right thing at all times e.g. health care employees who work with mentally or physically challenged
patients must possess a high degree of integrity, as those who manage and work primarily with money.
Note: Behavioural characteristics of a person of integrity, (CPANov20l2Ma)
 Be straightforward, honest, and truthful (including oneself)
 Deal fairly -behaving without bias in accordance with norms expected by profession/person
 Comply with the spirit as well as the letter of laws and regulations
 Take into consideration the public interest
 Show consistency
 Be open-minded and open to consider new information and ideas
 Take corrective action
Accountability. Taking responsibility for your actions is another major factor when it comes to workplace
ethics and behavior. That means showing up on scheduled workdays, as well as arriving on time and
putting in an honest effort while on the job.
Teamwork. A vital aspect of the workplace is working well with others. That includes everyone from
peers to supervisors and managers to customers. While not all employees will always like each other, they
do need to set aside their personal or even work-related differences to reach a larger goal through teamwork
at workplace.
Commitment. Ethical and behavioral guidelines in the workplace often place a high amount of importance
on dedication. Although possessing the necessary skills is essential, a strong work ethic & positive attitude
toward the job can carry you a long way. Committed workers inspire their co-workers to do the same.

Individual standards & values in line with ethical decision making can be explained in reference to the six
(6) pillars of individual character. Six Pillars of Character are (CPAJun20l2 Qn2b; Nov2013 Qn4c)
Trustworthiness. When others trust us, they give us greater leeway because they feel we don't need
monitoring to assure that we'll meet our obligations. They believe in us and hold us in higher esteem. That's
satisfying. At the same time, we must constantly live up to the expectations of others and refrain from even
small lies or self-serving behavior that can quickly destroy our relationships. Simply refraining from
deception is not enough. Trustworthiness is the most complicated of the six core ethical values and
concerns a variety of qualities like honesty, integrity, sincerity/genuineness, reliability (promise keeping),
loyalty, safeguarding confidential information & avoiding conflict of information.

Respect. People are not things & everyone has a right to be treated with dignity. We certainly have no
ethical duty to hold all people in high esteem, but we should treat everyone with respect, regardless of who
they are and what they have done. We have a responsibility to be the best we can be in all situations, even
when dealing with unpleasant people. Based on the Golden Rule, "do unto others as you would have them
CPA Page 85

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

do unto you" - nicely illustrates the pillar of respect. Respect prohibits violence, humiliation, manipulation
and exploitation. It reflects notions such as civility, courtesy, decency, dignity, autonomy, tolerance &
acceptance.
Responsibility Life is full of choices. Being responsible means being in charge of our choices and, thus,
our lives. It means being accountable for what we do and who we are. It also means recognizing that our
actions matter and we are morally on the hook for the consequences. Our capacity to reason and our
freedom to choose make us morally autonomous and, therefore, answerable for whether we honor/degrade
ethical principles that give life meaning & purpose. Ethical people show responsibility by being
accountable (accountability), pursuit of excellence, exercising self-restraint, perseverance, diligence &
continuous improvement.
Fairness. Most people would agree that fairness involves issues of equality (equity), due process (reaching
the fairest results & to minimize complaints) impartiality (decisions made without favoritism),
proportionality, and openness. Most would agree that it is unfair to handle similar matters inconsistently.
Most would agree that it is unfair to impose punishment that is not commensurate with the offense. The
basic concept seems simple, even intuitive, yet applying it in daily life can be surprisingly difficult.
Fairness is another tricky concept, probably more subject to legitimate debate and interpretation than any
other ethical value. Disagreeing parties tend to maintain that there's only one fair position (their own). But
essentially fairness implies adherence to a balanced standard of justice without relevance to one's own
feelings or inclinations.
Caring. If you existed alone in the universe, there would be no need for ethics and your heart could be a
cold, hard stone. Caring is the heart of ethics, and ethical decision-making. It is scarcely possible to be truly
ethical & yet unconcerned with the welfare of others. That is because ethics is ultimately about good
relations with other people. It's easier to love "humanity" than to love people. People who consider
themselves ethical and yet lack a caring attitude toward individuals tend to treat others as instruments of
their will. They rarely feel an obligation to be honest, loyal, fair or respectful except insofar as it is prudent
for them to do so, a disposition which itself hints at duplicity and a lack of integrity. A person who really
cares feels an emotional both the pain and pleasure of others. Of course, sometimes we must hurt those we
truly care for, as some ethical decisions, do cause pain. The highest form of caring is the honest expression
of benevolence (kindness) or altruism (unselfishness).
Citizenship. Citizenship includes civic virtues & duties that prescribe how we ought to behave as part of a
community. The good citizen knows the laws and obeys them, yes, but that's not all. She volunteers and
stays informed on the issues of the day, the better to execute her duties and privileges as a member of a
self-governing democratic society. She does more than her "fair" share to make society work, now and for
future generations. Good citizen gives more than she takes. Such a commitment to the public sphere can
have many expressions, such as conserving resources, recycling, using public transportation and cleaning
up litter.

2. Codes of Ethics & Compliance Requirements (CPA Aug2015 Qn5a).

The Professional Code of Conduct" prohibits members from doing a number of things. The purpose of the
code is to provide guidance, and to lay down standards against which conduct for the members of the
institute engaged in professional practice or who in any way provide professional services to clients

CPA Page 86

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

inclusive of those in salaried employment, may be assessed. Summary of ethics & compliance
requirements is as follows;
 No Certified Public Accountant shall; (a) allow a person who is not a Certified Public Accountant
to practise in his name; (b) allow a Certified Public Accountant who is not his partner or employee
to practise in his name; or (c) enter into partnership for any professional business with a person who
is not a Certified Public Accountant.
 No Associate Accountant shall; (a) allow a person who is not an associate accountant to practice in
his name; (b) allow an associate accountant who is not his partner or employee to practise in his
name; or (c) enter into partnership for any professional business with a person who is not an
Associate Accountant.
 No accountant shall pay, allow to pay or agree to pay a share or commission brokerage out of the
fee or profits for his professional services to a person other than a certified public accountant, an
associate accountant, a retired partner or a nominee; or legal representative of a retired partner.
 No accountant shall accept any part of the profits of professional work of a legal practitioner,
auctioneer, broker or agent who is not certified public accountant or associate accountant,
 No accountant shall solicit clients or professional work either directly or indirectly.
 No accountant shall advertise professional services, contrary to the Code.
 No accountant shall disclose information acquired in the course of his professional engagement to a
person other than the client without the consent of the client.
 No accountant shall accept any professional engagement as auditor which was previously held by
another accountant without first communicating with that accountant in writing.
 No accountant shall accept any appointment as an auditor of a company without first ascertaining
from the company whether the requirements of the law relating to appointment of auditors have
been complied with. No accountant shall certify or submit a report on financial statements which
financial statements are not examined by him, his partner or employee of his firm.
 No accountant shall permit his name or the name of his firm to be used in a manner leading to a
belief that he vouches for the accuracy of estimates of earnings of a future transaction.
 No accountant shall give his opinion on financial statements or business in which he, his firm or his
partner has a substantial interest unless he discloses the nature of interest when expressing his
opinion.
 An accountant shall not charge fees which are based on a percentage of profits or which are based
on results except for professional employment in insolvency or receivership.
 An accountant shall disclose all material facts which are missing from a financial statement non-
disclosure of which would make the financial statement misleading. 4 An accountant shall report all
material misstatements which appear in a financial statement & shall invite attention to any material
departure from generally accepted procedure of audit.
 An accountant shall keep all clients moneys on a separate banking account and shall use that money
for the purposes for which it is intended.
 No accountant shall knowingly submit false statement, return/form to a client or the Council.
 No accountant shall express a professional opinion on a matter without obtaining sufficient
information on the matter.

CPA Page 87

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

 An accountant who conducts his professional duties with gross negligence commits an offence of
professional misconduct and shall be dealt with in accordance with the statute.

3. Discrimination (CPAJun2013 Qn4b; Aug2015 Qn5a; Jun2016 Qn5b; Nov20I7 Qnla.ii)

Discrimination issues include discrimination on the bases of age (ageism), gender, race, religion,
disabilities, weight & attractiveness. Discrimination based on a person's ethnicity, race or culture may
manifest itself in a number of ways in the workplace. This may include grouping employees based on race
and having differing standards on promotions, punishment, and hiring and placement of employees based
on ethnicity, race or cultural orientation.
How to deal with discrimination at workplace (BPA Aug2015 Qn5b: Nov20I7 Qn1a.ii)
 Follow established procedures, as per policies, codes of conduct, etc.
 Keep an open mind, carry out further inquiries and have fair from all concerned parties
 Keep it confidential, while conducting investigations
 Cooperate with government investigation agencies or relevant ethical enforcement institutions
 Take notes during interviews & keep track, received during the interviews from both parties
 Interview the people involved, not only concerned parties but others esp non-family members
 Look for corroboration or contradictions, after comparing information from non-family members
 Recommend/take appropriate action against the wrongdoer(s), in line with policy guidelines

4. Harassment (CPA Jun20I3 Qn4a; Aug20I5 Qn5a; Nov20l5 Qn2a; Nov20l9 Qn3a)
Workplace harassment is offensive, belittling or threatening behaviour directed at an individual worker or
group. Ignoring workplace harassment, or what some might regard as bullying, can have serious
consequences. Maintaining a harassment-free work place is designed to assist agencies in their continuing
responsibility to develop policies & programs aimed at preventing workplace harassment. Developing
these policies and ensuring that they are understood by employees will contribute to a fair, flexible, safe
and rewarding workplace, consistent with the values. In addition, this will assist employees to understand
their obligations under the code of conduct, which requires them to treat everyone with respect, courtesy &
without harassment.
Examples of harassing behaviour (influence of managers or co-workers) include:
 Offensive physical contact, derogatory language or intimidating actions
 Insulting or threatening gestures or language (overt or implied) or continual & un warranted
shouting in the workplace
 Unjustified arid unnecessary comments about a person's work or capacity for work
 Openly displayed pictures, posters, graffiti or written materials which might be offensive
 Phone calls or messages on electronic mail or computer networks which are threatening, abusive or
offensive to employees
 Persistent following or stalking (crime of following & watching somebody over a long period of
time annoyingly or frighteningly) within the work place, or to & from work or elsewhere
 Sexual advances to female or male employees etc.
Measures and Procedure of dealing with Workplace Harassment (CPA Nov20I7 Qnlb.i)
Involvement of senior management, being responsible for preventing harassment
Involvement of individual employees, employees are responsible too for preventing harassment y
CPA Page 88

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

Establish or report to workplace harassment contact officers, the official identified officer
Establish or follow complaint handling procedures, as developed by management
Establish workplace resolution mechanisms, like encouraging discussion, mediation or apology
Embrace information awareness & training, in line with policies, code of conduct, etc.
Ensure proper record keeping and confidentiality, for identification and corrective action
Conduct monitoring & evaluation, i.e. monitoring occurrences of workplace harassment if any
Embrace reporting outside the work area, if morally justified as per the whistleblower's policy
Effects associated with Workplace Harassment (CPA Nov20I7 Qn1b.ii)
(i)Costs. The employer may incur costs arising from non-compliance with regulations regarding
harassment.
(ii) Loss of competent employees or employees losing jobs. Due to workplace harassment, good employees
may decide to resign.
(iii) Loss of customers and clients. For those who consider that the company is not harassment
free and its working environment for employees.
(iv) Losing morale. Employees of the company may lose morale due to harassment.

5. Manager's & Co-worker's Influence - Mgt of ethical behaviour (CPA Aug2015 Qn5a; Dec2016
Qn2a)
Managers are instruments of ethical behavior. Managers are one of the keys to whether company will act
ethically or unethically. As major decision makers, they have more opportunities than others to create an
ethical tone for their complaints.
Qualities of an ethical charismatic leader;
Uses power to serve others.
Aligns vision, with followers' needs and aspirations.
Considers and learns from criticism.
Stimulates followers to think independently and to question the leader's view.
Foster open two-way communication.
Coaches, develops and supports followers.
Share recognition with others.
Relies on internal moral standards to satisfy organizational and societal interest.
Moral standards used by managers; (CPA Jun20l3 Qn4c)
 Fair treatment of employees, customers, suppliers, co-workers and other managers,
 Fair competition regarding pricing, dealing with suppliers & customers and avoiding favourism
 Honesty in communication regarding job evaluation, advertising, labeling & expenses accounts
Organisational responsibility that promotes efficiency reduces waste and advances the organization.
 Respect for law by abiding to rules and regulations.
 Social responsibility "regarding; community impacts, environmental pollution, hazardous consumer
goods and corporate philanthropy.
Other factors that contribute to ethical behavior (individual standards) (CPAJun20I8 Qnlc)
6. Personal values and morals of other staff
7. The level of moral development
8. The upbringing and background of the accounting officers

CPA Page 89

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

9. Life experiences
10. Peer influence
11. Situational factors i.e. depending on situation at hand
Measures of enforcing Ethics by Office of Auditor General (OAG) (CPA Jun20l8 Qn1d)
 Enabling laws which require civil servants to give reasons for their official/personal decisions
 Management approaches which encourage all public officials & civil servants to deal positively
with corruption and unethical practice when they encounter it.
 Use of the 'whistleblower' protection law to protect appropriate 'public interest disclosures' of
wrong doing by officials.
 Ethics audits to identify risks to the integrity of the most important processes (e.g. financial
management, tendering, recruitment and promotion, dismissal and discipline).
 New Human Resource Mgt strategies (which link ethical performance with entry & advancement,
with disciplinary processes), merit based promotion & recruitment, anti-discrimination protections.
 Training and development in the content and rationale of ethics' Codes, the application of ethical
management principles, the proper use of official power, and the requirements of professional
responsibility.
 Effective external and internal complaint and redress procedures
 Institute investigations into matters and if confirmed, recovery measures of the amounts irregularly
paid out or misappropriated should be initiated.
2.B.3 IMPORTANCE OF ETHICAL BEHAVIOUR AT THE WORKPLACE
Why should business be ethical? What prevents a business from pilling up as much profits as it can? And
in any way, it can, regardless of ethical consideration. Business firms should promote a high level of ethical
behavior for the following reasons: (CPA Dec2016 Qn2a)
 The general public expects business to exhibit level of ethical performance and social
responsibility. Companies that fail to fulfill this public demand can expect to be spotlighted,
criticized, curbed and punished.
 Measuring up to public expectations' of high ethical behavior is one way for business to gain
widespread public approval.
 Businesses and their employees should act ethically to prevent harms to the general public and the
corporation's many stakeholders e.g. Disposal of toxic waste carelessly.
 Ethical behavior is related to better business relations & productivity at workplace. Being ethical
imparts a sense of trust which promotes positive alliances among business partners
 Promoting ethical behavior can protect business firms from abuse by unethical employees and
competitors. It has been estimated that in US, one out of every three employees has stolen from
their employers.
 High ethical behavior also protects people who work in business. Employees resent being ordered
to do something against their personal convictions such as falsifying accounts.
 Most people want to act in ways that are consistent with their own sense of right and wrong,
knowing that one works in a supportive ethical climate contributes to employees' sense of
psychological security.
 Attracting socially conscious investors.

CPA Page 90

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

SECTION 2.C; ETHICS ITS1 BUSINESS

2.C.1 MEANING OF BUSINESS ETHICS & ETHICAL PRINCIPLES IN BUSINESSES
Ethics is a conception of right and wrong conduct. Ethics tells us when our behaviour is moral and when it
is immoral. Ethics deals with fundamental human relationships - how we think and behave towards others
and how we want them to think and behave towards us. Therefore, ethical principles are guides to moral
behavior.
Business-wise, Business Ethics (CPA Nov20ll Qn2a: Aug20I5 Qnla) is the application of general ethical
ideas to business behavior. Business ethics is not a special set of ethical ideas different from ethics in
general and applicable only to business. If dishonesty is considered to be unethical and immoral, then
anyone in business who's dishonest with employees, customers, shareholders/competitors is acting
unethically and immorally. If protecting others from harm is considered to be ethical, then the manufacturer
who recalls a dangerously defective product is acting in an ethical way.
In addition to Six Pillars, Josephson Institute offers 12 Ethical Principles for Business Executives:
► Honesty ►Loyalty
► Integrity ►Promise-Keeping & Trustworthiness
► Fairness ► Concern for Others
► Respect for Others ► Law Abiding
► Commitment to Excellence ► Leadership
► Reputation & Morale ►Accountability
Note: Factors/drivers influencing Integrity in organizations; (CPANov2015 Qn3b)
 Culture. Organisational culture has an impact on the way individuals behave within it. It is much
easier to behave with integrity if surrounded by framework that encourages such behaviour.
 Leadership - tone at the top is clearly vital. The perception of organisational integrity is influenced
by a cumulative effect of the integrity exhibited by the individuals within the organisation,
especially top management who must be commitment to support employees to uphold the
organization’s ethical values and to deal with any ethical dilemmas they may face.
 Policies. Integrity to be effective, the ethical values must be embedded within the way the
organisation does business.
 Awareness and communication mechanisms in place. Organisations should have not only clear
ethical values, but also well-articulated in a code of conduct. Staff need to undergo regular training
or subjected to continuous awareness programs
 Disciplinary action for non-compliant staff. The organisation would need to take additional steps to
ensure that the message that certain behaviours are not permitted, is received throughout the firm
even for critical personnel with ongoing work.
 Individual professional integrity. It follows that individual professional integrity and organisational
integrity are linked and that the organizational culture is key to the achievement of integrity within
the profession.

2.C.2 NATURE, PURPOSE OF ETHICS & MORALS FOR ORGANISATIONAL INTERESTS

Business Ethics 'primarily relates to the application of ethical values to business behavior. It encompasses
many areas from broad strategies to how companies negotiate with suppliers. It goes beyond legal

CPA Page 91

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

requirements & is to some extent therefore discretionary. Many companies provide details of ethical
Approach in a Corporate Social Responsibility (CSR) Report.
Key areas of Corporate Ethics;
► The purpose and value of the business ► Employees - human resource
► Customer relationship & management ► Shareholder or providers of funds
► Community & charitable involvements ► Suppliers & supply chain issues
► Ethical conflict resolution - based on implementing ethical code of conduct.

The purpose and value of the business. This provides the reason for the organization's existence. Key areas
in the purpose or mission statement of the company will include;
• The products or services provided
• The financial objectives of the company, and
• The role of the business in society as seen by the company itself.
Employees. There must be information on how the business relates to its employees. Employees have
rights and they must not be seen simply as a means of producing goods/services. The company has to
consider introducing and implementing different relevant policies required by the statute or thought
appropriate by the company especially on:
► Working conditions ► Recruitment
► Development & training ► Rewards
► Health, Safety & Security ► Equal Opportunities
► Retirement ► Redundancy
► Discrimination ► Use of company's assets by employees.

Customer relationship & management. The company has the responsibility to produce quality goods
and/or services, for customers at reasonable price - taking into account the fact that the company needs to
make some profits. Customer faith in the company & its products/services must be established and build up
over time. Key areas for the company to invest include; product quality, fair pricing and after sales
services.
Shareholders or other fund providers. Shareholders are company's investors. They thus expect an
appropriate & proper return on their invested money. The company therefore must commit to:
 Providing a proper return on shareholder investment.
 Providing timely and accurate information to shareholders on the company's historical
achievements and future prospects.
 Shareholders will normally be involved to a greater or lesser extent with the decision making in the
company under the principles of good corporate governance.
Suppliers (Purchasing/supplying). Suppliers provide goods and services. They will usually attempt to
provide those goods and services with appropriate quality & in timely fashion. The company will always
normally be expected; to settle invoices promptly, co-operate with suppliers, to maintain and improve the
quality of inputs, not using or accepting bribery or excess hospitality as a means of securing contracts with
suppliers, attempt to select suppliers based on some ethical criterion such as support or fair trade principle
or not using child labour in manufacturing operations.

CPA Page 92

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

2.C.3 SOURCES OF ETHICAL STANDARDS

The Utilitarian Approach. The approach is one that provides the most good or does the least harm to a
person. Some ethicists emphasize that the ethical action is the one that provides the most good or does the
least harm, or, to put it another way, produces the greatest balance of good over harm. The ethical
corporate action, then, is the one that produces the greatest good and does the least harm for all who are
affected e.g. customers, employees, shareholders, the community, and the environment. (CPA Augl7 Qn3a;
Augl9 Qn4a)
The Rights Approach (the deontological approach). This approach starts from the belief that humans have
a dignity based on their human nature on their ability to choose freely what they do with their lives. Other
philosophers and ethicists suggest that the ethical action is the one that best protects and respects the moral
rights of those affected. On dignity basis, they have a right to be treated as ends and not merely as means to
other ends. Moral rights include; right to make one's own choices about the kind of life to lead, not to be
injured, degree of privacy, etc. – even though now widely debated, as even some argue that nonhumans
have rights too. (CPA Aug19 Qn4a)
The Fairness of Justice Approach. The idea that all equals should be treated equally. That is, ethical
actions treat all human beings equally or if unequally, then fairly, based on some standard that is
defensible. For instance some people are paid more based on their harder work or the greater amount that
they contribute to an organization, and say that is fair. (CPA Aug19 Qn4a)
The Common Good Approach. This approach suggests that the interlocking relationships of society are
the basis of ethical reasoning and that respect and compassion for all others. Philosophers have also
contributed the notion that life in community is a good in itself and our actions should contribute to that
life. This approach also calls for attention to the common conditions that are important to the welfare of
everyone including vulnerables. (CPA Aug/9En4a)
The Virtue Approach, Ancient approach to ethics that ethical actions ought to be consistent with certain
ideal virtues that provide for the full development of our humanity. These virtues are dispositions and
habits that enable us to act according to the highest potential of our character and on behalf of values like
truth and beauty. Virtues include; honesty, courage, compassion, generosity, tolerance, love, fidelity,
integrity, fairness, self-control, & prudence. (CPA Aug/9En4a)
Other Ethical Philosophical Approaches (CPA Jun15 Qn3a; Aug19 Qn4a)
❖ Egoism - belief that an action is right if decision makers freely decide to pursue their own short/longer
interest. Ethical decisions are based on individual - "what's best for me"
❖ Utilitarianism - is the belief that an action is right if it results are good for the greatest number of
people affected by the action. Ethical decisions are based on the principle 'what is best for the greatest
number'. It's concerned for the good of entire society not individual.
❖ Dogmatic approach - an approach in ethics which believes that there is one truth which is to be applied
in all situations''. It's similar to absolutism approach which assumes that moral rights. are unchallengeable,
that they are true in all situations & common to all societies.
❖Pragmatic approach – this attempts to find the best solution depending on particular situation. W It's
similar to relativism which assumes that there are diverse ethical viewpoints or beliefs & hat is 'correct' for
a given situation will depend on conditions-at a given time.

CPA Page 93

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

2.C.4 TYPES OF BUSINESS ETHICAL ISSUES - FACE TO FACE, FUNCTIONAL &

CORPORATE ETHICAL ISSUES
Face-to-Face Ethical Issues
These relate to individual-oriented ethical issues. Individuals are the ones who make moral decisions. It's
individual's actions that can lead to the collapse of some institutions/companies. It is a contentious matter
as to whether one should really say that the actions of the corporations are immoral or moral in the same
sense as the acts of individuals!
Corporate Policy Ethical Issues
These relate to company-oriented ethical issues and basically originating from the company's set or
external-based relevant policies. As part of more comprehensive compliance and ethics programs, many
companies have formulated internal policies pertaining to the ethical conduct of employees. These policies
can be simple statements or in broad highly generalized language (typically called corporate ethical
statements), or they can be more detailed policies containing specific behaviour requirements (typically
called corporate ethics codes). They are generally meant to identify the company's expectations of workers
and to offer guidance on handling some of the more common ethical problems that might arise in the
course of doing business. It is hoped that having such a policy will lead to greater ethical awareness,
consistency in application, and the avoidance of ethical disasters.
Case-Based Scenario. In 2002, the justice department of the US charged the Accounting Firm - Arthur
Anderson for obstruction of justice. Arthur Anderson was caught shredding documents (cutting/tearing
documents into pieces) which showed how it helped Enron hide its debt through the use of several
accounting tricks. Critics later said that the justice department should have charged the individual
employees of Arthur Anderson not the company because "companies do not commit crimes, people do".
Although we say that corporate organizations "exist" and "act" like individuals, they obviously are not
human individuals. Yet our moral categories are designed to deal primarily with individual humans who
feel reason and deliberate, and who act on the basis of their feelings, reasoning and deliberations. The
central point that we must constantly keep before our eyes as we apply the standards of ethics to business
activities is that we must not let the fiction of "the corporation" obscure (doubt) us that human individuals
underlie (trigger) the corporate organization. Consequently, these human individuals are the primary
carriers of moral duties and responsibilities.
Function Area Ethical Issues
These relate to company's specific departmental or specific business unit's ethical issues like areas of
accounting, sales & marketing, HR, purchasing & supplies, productions, etc.

2.C.5 CORPORATE POLICY & FUNCTIONAL AREA ETHICS - UNETHICAL BUSINESS PRACTICES
There are various unethical business practices exhibited by various business companies (most commonly,
functional) across the globe, as delineated below; (CPA Aug20l8 Qn3a) Accounting/Finance/Auditing: The
issues here include the integrity of the accounting records and the objectivity of the reports produced
thereof (accounting records should not be tampered with). Professional behaviour and competence of the
accounting personnel are the other issues in this area, that is, act to bring reputation in the accounting
profession, and have the excessive due-care, know the subject matter and whatever is taking place. In audit
particularly, the independence of the auditor is paramount to the accounting profession.
Key examples of unethical practices in accounting profession;

CPA Page 94

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

• Creative accounting: concerning earnings management, misleading financial analysis, etc.

• Insider trading, securities fraud, forex scams: concerning manipulation of financial markets
• Executive compensation: which concerns excessive payments made to corporate CEOs
Sales & Marketing: Marketing goes beyond the mere provision of information about (and access to) a
product, may seek to manipulate our values and behaviour. To some extent, society regards this as
unacceptable, but where is the ethical line to be drawn. Marketing ethics overlaps strongly with media
ethics, because marketing makes heavy use of media.
Key examples of unethical practices in marketing;
• Pricing: price fixing, price discrimination, price skimming, and lack of clarity in pricing.
• Specific marketing strategies: viral marketing, spam (electronic), and planned obsolescence.
• Children and marketing: marketing in schools.
• Selling counterfeit goods and brand piracy
• Deceptive advertising
• Encouraging people to claim prizes when they are phoning premium rate numbers
• "Bait and switch" selling: attracting customers and then subjecting them to high pressure selling
techniques to switch to a more expensive alternative.
• Copying the style of packaging in an attempt to mislead consumers
• Unethical practices in market research and competitor intelligence
• Content of advertisements: attack ads, sex in advertising, immoral or harmful products
• Dumping: selling at a loss to increase market share and destroy competition in order to subsequently raise
prices, and embracing black-markets.
• Anti-competitive practices: these include but go beyond pricing tactics to cover issues such as
manipulation of loyalty and supply chains.
• Bribery, kickbacks, and facilitation payments: while these may be in the short-run interests of the
company and its shareholders, these practices may be anti-competitive or offend against the values of the
society.
Recommended ethical issues: sale of quality products, charging fair prices, offering after-sales services,
disclosure of product ingredients on product packaging, avoiding misleading adverts, ensuring proper
weights of products, and disposing off expired goods.
Production: This area of business ethics deals with the duties of a company to ensure that products and
production processes do not cause harm. Some of the more acute dilemmas in this area arise out of the fact
that there is usually a degree of danger in any product or production process and it's difficult to define a
degree of permissibility, or the degree of permissibility may depend on the changing state of preventative
technologies or changing social perceptions of acceptable risk.
Examples of unethical practices relating to production;
• Defective addictive and inherently dangerous products and services e.g. tobacco, alcohol, weapons, motor
vehicles, chemical manufacturing, etc.
• Ethical relations between the company and the environment, of which issues include; pollution,
environmental ethics, carbon emissions trading.
• Ethical problems arising out of new technologies: genetically modified food, mobile phone radiation, and
health.

CPA Page 95

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

• Product testing ethics: animal rights, use of economically disadvantaged groups (such as students) as test
objects.
• Selling goods abroad which are banned at home.
• Omitting to provide information on side effects.
• Selling unsafe products.
• Inaccurate and incomplete testing of products.

2.C.6 GENERAL AREAS COVERED BY CORPORATE CODES OF ETHICS

We use ethical principles both consciously & unconsciously when dealing with ethical dilemmas. Among
the general ethical areas covered by corporate codes of ethics and relevant principles are;
► Self-interest ► Corporate/Industrial Espionage (CPAJun20I5 Qn7a)
► Economic Espionage (CPAJun20I5 Qn7a) ► Political Participation
►Fraudulent conduct ► Conflict of interest
► Proper recording of funds ► Improper influence on audits
► Improper disclosure to the public ►Obstruction of justice
► Insider trading ►Commercial bribery
► Political contributions ►Payments to foreign government officials
► Unlawful harassment ► Unfriendly employee relations
► Anti-trust compliance ► Environment & Safety actions
► Embezzlement ► Whistle-blowing

2.C.7 UNETHICAL OR ILLEGAL PRACTICES - DELINEATION OF KEY UNETHICAL PRACTICES

Veil of Ignorance (CPA Jun20I2 Qn4). A theory of justice that emphasizes that all people are biased by
their situations, and further explains how people agree on a "social contract" to govern how the world
should work. Philosopher John Rawls suggests that we should imagine we sit behind veil of ignorance that
keeps us from knowing who we are & identifying with our personal circumstances.

There are 2 primary principles supplement Rawls' veil of ignorance: the liberty principle and the difference
principle. According to the liberty principle, the social contract should try to ensure that everyone enjoys
the maximum liberty possible without intruding upon the freedom of others. According to the difference
principle, the social contract should guarantee that everyone has an equal opportunity to prosper. In other
words, if there are any social or economic differences in the social contract, they should help those who are
the worst off. And, any advantages in the contract should be available to everyone.
So, according to Rawls, approaching tough issues through a veil of ignorance and applying these principles
can help us decide more fairly how the rules of society should be structured. And fairness, as Rawls and
many others believe, is the essence of justice.
Antitrust Compliance (CPA Jun20I2 Qn4). A concept that emphasizes that every company or nation
should have a policy to comply strictly with applicable antitrust laws domestically/abroad. It involves
establishing an anti-trust law which is a collection of laws that regulates the conduct and organization of
companies, generally to promote fair competition for the benefit of consumers.
Associates of the Company must avoid any conduct which may be construed as a violation of antitrust
laws. Foreign sales and the Company's business abroad also require compliance with the business
CPA Page 96

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

competition laws of other countries or treaty organizations, such as the European Union. Examples include;
agreements/understandings between competitors to fix prices, allocate business or markets, and engage in
boycotts or to limit supply is considered per se unlawful and are not defensible under the antitrust laws.
Commercial Bribery (EPA Jun20I2 Qn4). A form of bribery which involves corrupt dealing with agents
or employees of potential buyers to secure an advantage over business competitors. It is a form of
corruption which does not necessarily involve government personnel or facilities.
No company's funds/assets should be paid, loaned or otherwise disbursed as bribes, kickbacks or other
payments designed to improperly influence or compromise the conduct of the recipient. No company's
associate shall accept any funds or other assets for assisting in obtaining business or for securing special
concessions from the company for any other person or legal entity.
Insider Trading or Dealing (CPA Jun2011 Qn2a; Jun2012 Qn4a). The illegal practice of trading on the
stock exchange to one's own advantage through having access to confidential information. Thus, "insider
trading" relates to trading in company's stock based on material non-public information or communicating
material non-public information to others in violation of the law. Companies should expressly prohibit it.
The practice destabilizes stock markets, may lead to illegal profits and it could lead to increase in share
price or loss of shareholder value.

The term "insider" includes not only refer to directors, officers, 10% shareholders, or employees of the
Company but may also include immediate family members who reside with the' insider or persons for
whom the insider has a financial responsibility.
Material information is generally defined as information for which there is a substantial likelihood that a
reasonable investor would consider it important in making his or her investment decisions. Material
information is also information that, if disclosed, is reasonably certain to have a substantial effect on the
price of a Company's securities.
Material information includes, but is not limited to, earnings estimates, changes in previously released
earnings estimates, possible significant merger or acquisition proposals, major litigation, extraordinary
management developments, and dividend changes.
Note:
Information is non-public until it has been communicated to the marketplace
It is not allowed to trade with any insider while in possession of material non-public information
A non-insider is also prohibited from trading while he or she is in possession of material non-public
information
Penalties apply to both the individuals involved in the insider trading and to their employers
A person can be subject to penalties even if he/she didn't personally benefit from the violation
Penalties include fines, jail sentences, and disgorgement of profits .
Espionage; The practice of spying or of using spies, typically by governments to obtain political and
military information. Espionage is generally the discovering of secrets of another country especially
political or military information or the discovering of industrial information of a business organisation
using "spies (people who secretly gather information within a country or organization).
"Economic espionage" is the theft or misappropriation of a trade secret with intent/knowledge that the
offense will benefit any foreign government, foreign instrumentality, or foreign agent. Economic espionage
is thus, the unlawful targeting and theft of critical economic intelligence such as with trade secrets &

CPA Page 97

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

intellectual property, clandestine acquisition or outright theft of invaluable proprietary information in a

number of areas including technology, finance and government policy. Economic espionage differs from
corporate/industrial espionage in a number of ways as it's likely to be state-sponsored, have motives other
than profit or gain (e.g. closing a technology gap), and be much larger in scale and scope.
"Industrial or Corporate espionage" is the spying directed towards discovering the secrets of a rival
manufacturer or other industrial company. Industrial espionage is thus the covert and sometimes illegal
practice of investigating competitors to gain a business advantage. The target of investigation might be a
trade secret such as a proprietary product specification or formula, or information about .business plans.
(CPA Nov2l Qn7a & b)
Industrial espionage Vs. Sabotage (CPA Jun2015 Qn7a). Sabotage is a deliberate action aimed at
weakening a corporation via subversion, obstruction, disruption or destruction. In a workplace setting,
sabotage is the conscious withdrawal of efficiency generally directed at causing some change in workplace
conditions. One who engages in sabotage is a saboteur. Unlike espionage, Saboteurs typically try to
conceal their identities because of consequences of their actions.

How industrial espionage can be prevented; (CPA Jun20ll Qn4b; Nov2011Qn7c; Jun20l5 Qn7b).
i) Ensure Physical Security Companies should ensure the physical security of their offices, equipment, and
infrastructure. This means setting up surveillance systems, securing entry points, and hiring or
contracting specialized personnel. It is particularly important that firms identify the most sensitive
information and facilities and ensure that these are given extra layers of protection,
ii) Establish Policies for Controlling Information. In many instances, the unwanted disclosure of secrets
could have been easily avoided if the company had simply put more thought into controlling the flow of
information. The company should establish policies on what information employees can share inside and
outside the workplace. They should also establish procedures for control, reproduction, and storage of
sensitive data. Particular attention should be paid to what is disseminated over the Internet and social
media sites. Additionally, the company should develop procedures for the proper disposal of paper
documents, IT hardware, and other sensitive equipment.
iii) Train the Workforce. While a company may enact policies on the proper storage, control, and
dissemination of information, they also need to ensure that their employees are trained to follow these
procedures. The company should conduct periodic training and awareness campaigns to inform
employees about the threat from industrial espionage and the importance of information security.
Employees should understand that the threat from espionage is internal as well as external. As such, they
should instruct workers on the correct procedures for identifying and reporting suspicious activity.
iv) Compartmentalize Information. Not all information needs to be accessible by every employee in a
company. That is why information should be compartmentalized on a need to know basis. Even senior
members of a particular corporation may not need to know every technical detail about business
operations. As such, company should put in place policies to segregate which employees have access to
which information, with special attention given to those employees who have access to a company's
most vital trade secrets.
v) Conduct Background Checks and Monitoring. The company should conduct background checks on all
employees with access to sensitive data. This may even include often-overlooked individuals such as
janitors, caterers, and ground keepers. Specifically, it should attempt to identify any possible factors that

CPA Page 98

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

could make particular worker more prone to illegally disclosing information. It should also continue to
carry out periodic security evaluations of their employees even after they have initially been vetted.
vi) Establish Employee Exit Procedures. It is critical that the company develops comprehensive employee
exit policies. From day one, an employee needs to understand the firm's policies on information security.
This means that all employees should be required to sign a nondisclosure agreement, and be reminded of
this agreement upon leaving the firm. Moreover, the company should be aware that most cases of
intellectual property theft perpetrated by employees occur during their last month of work. This is why
it's important to make an employee's exit as smooth and resentment-free as possible. Companies may
also consider limiting access workers who are expected to leave the organization in near future.
vii) Ensure Cyber Security. Cyber security is the practice of defending computers, networks & data from
malicious attacks Industrial espionage is increasingly becoming the purview of the cyber realm. Thus,
it's important for companies to maintain robust cyber security frameworks. Even while systems should
look outward to protect a company from external threats, they should also look inward. Cyber security
professionals should monitor their internal networks to uncover suspicious activity & record the
transmission, copying, and accessing of sensitive files,
viii) Establish Contingency and Crisis Management Plans. Even the best-laid plans can go wrong. That is
why it's important for companies to develop contingency & crisis strategies in the event of intellectual
property theft. The company should attempt to assess the potential damage caused by the theft of trade
secrets and develop response plans. They should consider losses to their competitiveness as well as
losses to their reputation. Additionally, it is a good idea for the company to have a legal strategy in the
wake of an incident of corporate espionage. After all, industrial espionage is illegal in many countries,
and offenders can face stiff sentences.

2.C.8 ETHICAL DILEMMA IN BUSINESSES - EXAMPLES & GUIDING STRATEGIC

CONCEPTS OF DILEMMAS
Meaning of Ethical Dilemma. An ethical dilemma involves a situation that is morally problematic) and
makes a person to question what is the right or wrong thing to do
Examples of ethical dilemmas with suggested safeguards; (CPANov20ll Qn1a; Jun2014 Qn1a; Jun2 Qn2b)
Business ethical dilemma Possible resolution/safeguard
Conflict of interest Obtain legal advice
Competitive intelligence Do not divulge information
Business gifts Do not accept, or Disclose.
Business hospitality Seek legal advice
Part-time jobs Do not take longer
Personal gain and selfish interest Disclose
Competitive pressure for the profits Consult those charged with governance
Trading on insider information Report to those charged with governance
Indirect commitment to outcomes Do not commit
Open acceptance of mistakes in workplace More training, or obtain the help of an expert.
Regulated & unregulated operations Consult with professional body
Cross cultural contradictions Consult experts or professional body
Key Strategic Concepts explaining Ethical Dilemma (CPA Nov2011Qn5)

CPA Page 99

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

Ethical Intuitionism. This is basically the view that we can perceive moral truths via a faculty called
"ethical intuition." An ethical intuition is a way that things seem to be, morally. For instance, if we see a
child being stabbed, we have an intense internal reaction that what we are seeing is wrong. This is a moral
"intuition." The action seems to be wrong. "Intuitions" are not some special insight into moral truths. They
are really just the products of whatever we already believe about morality. Thus, we should assume that
things are the way that they seem to be.
The means-end ethic. When the means and ends of a persuasive act are each morally sound, the overall
act will be ethical. The act may be either ethically permissible (that is, ethics permits one to perform the
act) or ethically obligatory (that is, ethics requires that one perform the act).
The test of common sense. The most common test of an ethical theory seemed to be, "does this ethical
theory give answers that fit with our moral intuitions?" Let's say we have evolved a "sixth sense" that can
directly detect moral values. Can it be trusted? I think not...It is a simple consequence of the fact that we
have not evolved reliable morality detectors that we must choose an ethical theory just as we would a
scientific theory: based not on our feelings, but on what m actually find out there in the universe, and what
conforms to logic.

The Golden Rule. The Golden Rule is the principle of treating others as one's self would wish to be
treated. It is a maxim that is found in many religions and cultures. The Golden Rule can be considered an
ethic of reciprocity in some religions, although other religions treat it differently. Golden rule is a basic
principle that should always be followed to ensure success in general or in a particular activity. "Do unto
others as you would have them do unto you" is the idea (also called the law of reciprocity) that may be the
most universally applauded moral principle on Earth. Something like it appears in every major religion and
ethical philosophy.
General respect. Respect (moral recognition respect) is the acknowledgment in attitude and conduct of the
dignity of persons as ends in themselves. Respect for such beings is not only appropriate but also morally
and unconditionally required; the status and worth of persons is such that they must always be respected.
General respect is amongst the key ethical principles (among others like integrity, competence,
responsibility, etc.) as per the code of ethics & conduct.
2.C.9 BENEFITS OF ADHERING TO BUSINESS ETHICS
Benefits of adhering to business ethics; (CPA Aug20l5 20l7 Aug20l7 Qn3b; Ang20l8 Qn3b)
 Improved society, due to ethical business operations like taxes which improve service delivery
 Change management, exemplified by ethical business owners
 Strong teamwork, due to reward schemes and recognition of team efforts
 Increased access to capital and thus;, increased productivity
 Employee growth, arising from fair compensation and career advancement
 Management of the human resources, due to clear ethical human resource policies
 Avoidance of criminal acts, since ethical business address non-compliance issues
 Promotion of strong public image, since ethical businesses create good reputation & trust
 Managing values associated with quality management, strategic planning & diversity

2.C.10 MYTHS ABOUT BUSINESS ETHICS

Various myths about business ethics include amongst the following; (CPAJun2015 Qn2b; Aug2018 Qn3b)

CPA Page 100

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

• Business ethics is more a matter of religion than management

• If employees are ethical, businesses don't need to pay attention to business ethics
• Business ethics is a discipline best led by philosophers, academics and theologians
• Business ethics is superfluous (unnecessary). It only asserts the obvious of doing good
• Business ethics is a matter of the good guys preaching to the bad guys
• Business ethics is the new policeperson on the block, myth that it's new practice
• Ethics can't be managed, yet it's always managed indirectly
• Business ethics and social responsibility is the same thing
• If the organisation isn't in trouble with the law, then it's ethical
• Managing ethics in the workplace has little practical relevance

SECTION 2.1); BUSINESS & ENVIRONMENTAL ETHICS

2.D.1 SUSTAINABILITY (ACCOUNTING & REPORTING), TRIPPLE BOTTOM LINE &
INTEGRATED REPORTING
Sustainability Dev't & Ethics (CPAJun20ll Qn3a; Dec2016 On la; Aug20I7 Qn5a; Nov2018 Qnlb)
Using a case of Tata Steel Company, it defines sustainability ethics as "an enduring and balanced approach
to economic activity, environmental responsibility and societal benefit". Sustainability is about meeting
challenges of ensuring that future generations nan enjoy the same kind of lifestyles people enjoy today. If
tis naturally involves taking a long-term perspective on balancing economic, environmental and social
impacts of business.
A commitment to ethical behaviour is often shown in the corporate social responsibility (CSR) policy of a
business. Businesses are no longer judged solely on their ability to deliver goods and services but also on
the manner of delivery and how they impact on society and the environment e.g. Tata Steel sustainability
policy states: 'Our policy is to conduct our activities in relation to economic progress, social responsibility
& environmental concerns in an integrated way in order to be more sustainable and to meet the
expectations of our stakeholders.
The World Commission on Economic Development brought the idea of sustainability to the global stage in
1987. The United Nations sponsored this study of the relationship between economic development and the
environment, published as "Our Common Future," also known as "The Brundtland Report." Prior to this,
the United Nations had struggled to find a way to address global environmental problems. The
industrialized countries had proposed international treaties & action, but the developing nations had
prioritized the need for economic development, with little interest in environmental regulation.
Then Brundtland Report provided a deceptively simple definition of sustainability: "meeting the needs of
the present generation without compromising the ability of future generations to meet their needs." The
official U.N. definition of sustainability has 3 dimensions, or 3 pillars, also known as the "3 Es" of
sustainability. These are; Environmental Protection, Economic Development, and Social Equity.
In addition to Brundtland Report, common definitions equally note three (3) key dimension of
sustainability. Every dimension focuses on different subsets as detailed below;
(i) Environmental factors energy, water, greenhouse gases, emissions, hazardous, and non-hazardous waste,
recycling, and packaging
(ii) Social factors (Equity): community investment, working conditions, human rights & fair trade, public
policy, diversity, safety, and anticorruption.

CPA Page 101

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

(iii) Economic factors: accountability or transparency, corporate governance, stakeholder value, economic
performance, and financial performance.
The Justice (Social or Equity) Dimension of Sustainability
The social equity pillar has the clearest ethical component, that of socio-economic fairness or social justice.
The lifestyles of the richest and poorest members of the human family pose the greatest threat to the
integrity of our Earth's life support systems, but for different reasons. The wealthiest consume vastly more
than their fair share of resources, more than the planet can provide for everyone. The poorest 1/3rd of
human society, those living on less than $2 per day, have no alternative but to use resources in a short-
sighted way, e.g. cutting down trees for firewood before they are able to grow to their full height. The
wealthiest countries have the capacity to make choices for a more sustainable lifestyle, while the poorest
members of the human family generally do not. Thus, sustainability is built upon the practice of solidarity
with the poor; fostering economic development for them will enhance sustainability. The social equity
dimension suggests that sustainable development is an inherent moral good, but its consequences are likely
to be ethically positive as well.
Sustainability Accounting
Sustainability accounting was originated about 20 years ago and is considered a subcategory of financial
accounting that focus on the disclosure of non-financial information about a firm's performance to external
parties such as capital holders, mainly to shareholders, creditors and other authorities. This is equally
referred to as social accounting, environmental accounting, corporate social reporting, corporate social
responsibility reporting, or non-financial reporting. These represent the activities that have a direct impact
on society, environment and economic performance of an organisation. Sustainability accounting in
managerial accounting contrast with financial accounting, in that managerial accounting is used for internal
decision making & creation & of new policies that will have an effect on the organisation's performance
at economic, ecological and social (known as the "triple bottom line" or Triple-P's; People, Planet, &
Profit) level.

Sustainability Accounting is a tool used by organisations to become more sustainable. The most known
widely used measurements are the Corporate Sustainability Reporting and the triple bottom line
accounting. These recognise the role of financial information and shows how traditional accounting is
extended by improving transparency and accountability by reporting on the Triple-P's. As a result of the
triple bottom level reporting, and in order to render and guarantee consistency in social and environmental
information the Global Reporting Initiative (GRI), was established with the goal to provide guidelines to
organisations reporting on sustainability. In some countries guidelines were developed to complement the
GRI. The GRI states that "reporting on economic, environmental and social performance by all
organizations is as routine and comparable as financial reporting"
Sustainability Reporting (CPAJun20l5 Qn3a)
A sustainability report is an organizational report that gives information about economic, env'tal, social and
governance performance. Sustainability reporting is not just report generation from collected data; instead
it is a method to internalize and improve an organization's commitment to sustainable development in a
way that can be demonstrated to internal & external stakeholders.

CPA Page 102

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

Organizations can improve their sustainability performance by measuring, monitoring & reporting on it,
and have positive impact on society, economy, & sustainable future.
The key drivers for the quality of sustainability reports are the guidelines of Global Reporting Initiative
(GRI, a global non-profit organization that promotes economic sustainability), guidelines of United Nations
Global Compact (a United Nations initiative), accounting guidelines as issued by International Accounting
Standards Board (IASB), guidelines of Sustainability Accounting Standards Board (SASB, a US non-profit
organisation), and auditing guidelines as issued by International Auditing and Assurance Standards Board
(IAASB) of International Federation of Accountants (IFAC). The GRI Sustainability Reporting Guidelines
and other relevant guidelines as issued by various institutions driving sustainability & corporate
governance, enable all organizations worldwide to assess their sustainability performance and disclose
results in a similar way to financial reporting. The largest database of corporate sustainability reports can
be found on the website of United Nations Global Compact initiative.
Triple Bottom Line (TBL) (CPA Jun20l5 Qn2a)
Triple bottom line (TBL or 3BL) is an accounting framework with 3 parts: Social, Environmental (or
ecological) and Financial. These 3 divisions are also called the three Ps(3Ps): People, Planet & Profit, or
the "three pillars of sustainability". Interest in triple bottom line accounting has" been" growing in both for-
profit, nonprofit and government sectors. Many organizations have adopted the TBL framework to evaluate
their performance in a broader context.

In traditional business accounting and common usage, the "bottom line" refers to either the "profit" or
"loss", which is usually recorded at the very bottom line on a statement of revenue and expenses. Over the
last 50 years, environmentalists and social justice advocates have struggled to bring a broader definition of
bottom line into public consciousness by introducing full cost accounting. For example, if a corporation
shows a monetary profit, but their asbestos mine causes thousands of deaths from asbestosis, and their
copper mine pollutes a river, and the government ends up spending taxpayer money on health care and
river clean-up, how do we perform a full societal cost benefit analysis? The triple bottom line adds two
more "bottom lines": social and environmental (ecological) concerns.

An example of an organization seeking a triple bottom line would be a social enterprise run as a non-profit,
but earning income by offering opportunities for handicapped people who have been labeled
"unemployable", to earn a living via recycling. The organization earns a profit, which is controlled by a
volunteer Board, and ploughed back into the community. The social benefit is the meaningful employment
of disadvantaged citizens, & reduction in the society's welfare or disability costs. The environmental
benefit comes from the recycling accomplished. In the private sector, a commitment to CSR implies a
commitment to transparent reporting about the business' material impact for good on the environment and
people. Triple bottom line is one framework for reporting this material impact. This is distinct from the
more limited changes required to deal only with ecological issues. Triple bottom line has also been
extended to encompass four pillars; quadruple bottom line (QBL). The fourth pillar denotes a future-
oriented approach (future generations, intergenerational equity, etc.). It is a long-term outlook that sets
sustainable development and sustainability concerns apart from previous social, environmental, and
economic considerations.

CPA Page 103

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

Integrated Reporting (IR)

Integrated Reporting (IR) is a "process that results in communication, most visibly a periodic "integrated
report", about value creation over time. An integrated report is a concise" communication about how an
organization's strategy, governance, performance and prospects (f lead to the creation of value over the
short, medium and long term." This implies that, there \ should be integrated representation of a company's
performance in terms of both financial and \ other valuable relevant information. Integrated Reporting
provides greater context for performance data, clarifies how value relevant information fits into operations
or a business, and may help embed long-termism into company decision making.
In line with one of the key objectives for UN, GRI, IFAC, International Integrated Reporting
Committee/Council (IIRC), IR reflects the broad & longer-term consequences of the decisions
organizations make, based on a wide range of factors, in order to create and sustain value. This implies that
IR enables an organization to communicate in a clear, articulate way how it is drawing on all the resources
& relationships it utilizes to create and preserve value in the short, medium & long term, helping investors
to manage risks and allocate resources most efficiently.

2.D.2 CHALLENGES (EFFECTS) OF POLLUTION & RESOURCE DEPLETION

Challenges/effects of env'tal degradation (resource depletion/pollution); (CPA Aug2016 Qn4a; Aug20I7
Qn5b.i) The sustainability framework extends ethical concern to future generations. Human society now
consumes natural resources faster than they can be replenished, and this is compromising the ability of
future generations to meet their needs. Current and future generations are inheriting a world that is
biologically impoverished, has fewer resources, and suffers from more pollution than ever before. Modern
humans are not accustomed to considering future generations, but the power of our markets and
technologies threaten their quality of life. We can express a moral concern for the future by restraining our
consumption or depletion of non-renewable resources today which may result into (Effects): land
degradation, soil erosion, flooding, air pollution, water pollution, drought, soil pollution, food shortage,
water shortage, high prices, global warming, etc.

Three (3) top natural resources depleted, with causes & effects/challenges; (CPA Aug2016 Qn4a)
 Water
Causes: Increased irrigation, increased use in agriculture, roads and infrastructure prevent water seepage in
the soil, rising temperatures
Consequences/effects: Drinking water shortage, food shortage, & famine.
 Oil
Causes: Industrial boom, increased population, & wastage.
Consequences/effects: Less transportation, smaller economies, higher prices, possibly help push the
transition to green energy with reduced CO2 emissions and pollution
 Forests (EP Aug2017 Qn5b.i)
Causes: urbanization, illegal 1oggng, agriculture, & subsistence farming.
Consequences/effects: Soil erosion, global warming caused by the rise of greenhouse gases, extinction of
species, loss of biodiversity, flooding and drought.
 Other key resources are; Land, Air, etc.

CPA Page 104

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

2.D.3 INTERRELATIONSHIPS AND INTERDEPENDENCE OF ECOLOGICAL SYSTEMS

Ecology is the study of the relationships between different forms of biological life and their natural
surroundings. All living things are dependent on both nature and each other for their survival. This
dependence is called ecological interdependence and it can take numerous forms - from food webs to
habitat creation. Key ecological interdependences include:
 Food Webs. The most easily understood method of ecological interdependence is a brutish one:
living things eat other living things to survive. The predator and prey relationship was one of the
first feeding relationships that scientists understood. In the feeding relationship, predators were seen
as being at the top of a food chain. As ecology has grown as a field, so has the understandings
feeding relationships. The concept of food cycle arose to account for the fact that all organisms,
including predators, die, and are consumed other organisms like insects and bacteria. The
recognition that food cycles are linked led to the development of the concept of a food web, where
all organisms are potentially food and each organism feeds on more than one type of organism.
 Mutualism. Mutualistic relationships evolve over time. In these relationships, the two species
involved benefit from their interaction e.g. bees & flowers rely on one another. The bee gathers
nectar from the flower and makes it into honey for food. In nectar-gathering process, pollen attaches
to the body of the bee. When the bee visits the next flower, some pollen rubs off and pollinates the
flower, thereby, helping the flowers reproduce.
 Habitat Creation Many animals create their own shelter that in turn creates habits for other
species. When beavers construct wooden shelters in ponds, for example, they create habitats for
other species as well. Beaver damns are constructed in streams, but the completion of a beaver
damn creates a slow-moving pond of water. This allows species of fish that cannot live in fast-
moving water to prosper, and the beavers get to eat the fish. Also, creation of a slow moving body
of water allows nutrients that would otherwise wash downstream to settle. This nutrient-rich water
supports growth of new plant life, allowing other herbivorous species to thrive
 Environmental Impacts. Ecological interdependence can also happen when a species helps build
Earth's life-sustaining atmosphere. Most living organisms require oxygen to survive, plants produce
oxygen & consume carbon dioxide. Carbon dioxide is produced metabolically by both plants &
animals. Without plants, atmospheric oxygen would be rapidly depleted, CO2 levels would rise,
destroying virtually all life on earth. In the oceans, likewise, photosynthetic 3 algae over thousands
of years have oxygenated the oceans to support marine life.
2.D.4 ECO-FRIENDLY BUSINESS PRACTICES
Various ethical & eco-friendly business practices; (CPADec20I6 Qn1b; Aug20l7 Qn5bii Nov20l8aji, Qn1a,ii)
❖Recycle, reduce & reuse. Copy and printer paper is the best place to start your business greening
efforts. Begin by reducing the amount of paper you use. If a document is for internal use only, email it
rather than print and distribute it. If you misprint a file, save the paper to use for scratch paper, or mark
through the printed side and print on the back. If your company generates a large amount of paper, have it
shredded and sent to recycle. You can also save other items, buy pen refills instead of new pens. Put a box
by the soda machine to collect empty aluminum cans. Donate them to your local fire department, or use the
money earned to pay for an employee party at the end of the year. Recycle printer and toner cartridges.

CPA Page 105

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

❖Buy eco-friendly & recycled items While they may cost a bit more at times, the savings to the planet
can justify the small additional cost. You can find copy paper, business cards, paper towels and many more
items if you look for recycled products.
❖Save electricity & water. Learn to turn the lights off in rooms that aren't in use. Use energy-efficient
bulbs & lamps. Look for energy-efficient machinery & equipment. Cut the temperature on water heater by
a few degrees.
❖Opt for green cleaning. Avoid traditional cleaning supplies which are typically filled with toxic
chemicals that are harmful to humans & atmosphere. Instead, choose eco-friendly products that don't
contain harmful chemicals e.g. paper bags instead of buveras.
❖ Take it online. If possible, allow employees to telecommute to save gas & reduce the toxins in the
atmosphere. Use online training & eLearning opportunities instead of hosting classes that require employee
travel. Buy office supplies online rather than driving to supply store.

SECTION 2.E: PUBLIC INTEREST & CSR

2.E.1 MEANING & IMPORTANCE OF PUBLIC INTEREST
The public interest is considered to be the collective well-being of the community of people and institution
that the professional accountant serves, including clients, lenders, governments, employees, investors, the
business and financial community and others who rely on the work of professional accountants.
(CPAJun20II Qn7a; Nov2011 Qn6b; Dec2016 Q1a)

Acting in public interest means acting for the welfare of society at large. Various commentators have
argued that the figures accountants produce are not neutral, but represent corporate value judgment and are
in accordance with the wishes of certain viewpoints in society.

As per IFAC and institute's Code, a distinguishing mark of the accountancy profession is its acceptance of
the responsibility to act in public interest. Therefore, a professional accountant's responsibility is not
exclusively to satisfy the needs of an individual client or employer. In acting in the public interest a
professional accountant should observe and comply with the ethical requirements of this Code.
Why Accountants Act in Public Interest? (CPA Nov20I2 Qn2b)
 Failing to serve the public interest threatens the credibility of the profession and possibly its very
existence
 It is important for the public to have confidence in (their) integrity
 Working in the public interest means that professional accountants must keep up to date with the
expectations of society in order to fulfill their role and build confidence in the profession.
2.E.2 COMPOSITION OF THE PUBLIC INTEREST - PUBLIC & INTEREST
The term "public" may include but not limited to; (CPA Nov2017 Qn2b)
The public is all members of the community
Public consists of majority of members of community
The public is anyone who benefits from the products or services provided by accountants
The public consist of resource providers (lenders, creditors, suppliers, investors, etc.)
Consists of public sector entities and their recipients e.g. government, tax payers, etc.
The public consists of clients & employers of accountants, etc.
CPA Page 106

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

"Interest" may also mean:

o Interest is any benefit to a person's or group's welfare (economic and non-economic)
o Interest is concerned with adherence to moral values
o Interests are intangibles and difficult to describe
o Interests are concerned with enhancing people's material or economical well-being
o Interest relate mostly to client satisfaction in the pursuit of legitimate business goals.

2.E.3 NEGATIVE & POSITIVE OUTCOMES (COSTS & BENEFITS) OF PUBLIC INTEREST
Acting Against the Public Interest. Criticism of the accountancy profession has extended to the rules that it
follows. Critics have argued that the rules;
o Are too passive: allowing too great a variety of accounting treatments, and failing to impose
meaningful responsibilities on auditors e.g. explicit responsibility to detect and report fraud.
o Emphasize the wrong practices: giving priority to client confidentiality over disclosure in the wider
public interest.
Arguably, these views depend to some extent on hindsight (reflection or retrospection). The implication
being that as auditors and governance structures have failed to identify corporate malpractice there must be
something wrong with the rule book that is being followed. However, it has been seen how the fallout from
the Enron case influenced the development of stricter Sarbanes-Oxley rules in the United States. Partly,
this was due to a belief that in a number of ways, Enron did not tick the right boxes. It had a good number
of executive directors on its board with a strong range of experience.

2.E.4 DECISIONS/ ACTIONS TAKEN IN THE PUBLIC INTEREST AS A DEMOCRATIC PROCESS

There are many criticisms of liberal economic democracy. Critics have claimed the model of liberal
economic democracy being far from reality & has flaws. By providing the information that supports the
present system, accountants are involved in perpetuating its flaws.
o A Lack of equality. One significant criticism is that individuals are not equal economically and are
evidently not able to make economic choices that will benefit themselves. The argument that people
make a rational economic choice to be homeless is clearly wrong. Accountants are therefore
accused of supporting those who can make economic choices and by doing so perpetuate social
inequality, ensure wealth, continue to be distributed amongst the already wealthy and suppress
minorities and the disenfranchised and powerless.
o A Role of institutions: A related criticism is that individuals do not exercise the real power but
institutions - principally the government and corporations. Indeed, critics point to many instances of
governments acting to protect the interest of shareholders and the information rights of th^ financial
community against less well-off groups in society. Marxist (communalist) arguments take this view
point to the furthest conclusion, arguing that poor is held by capital, that capital and labour are
inevitably in conflict and that the state acts as to protect capital and suppress labour, accountants
too are complicit (involved) in this.
o A Failure to increase social welfare. The argument that the pursuit of individual self-interest leads
to maximum social welfare appears tenuous (weak or unsubstantiated). Even if wealth is
maximized, there is no guarantee that all aspects of social welfare will be maximized; indeed some
aspects of social welfare will be maximized; indeed some aspects of social welfare such as quality
CPA Page 107

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

of life or health would not seem to have an obvious link with maximizing income. In addition to
maximization of wealth, does not imply that wealth will be fairly distributed. Critics have claimed
that economic growth has been at the expense of a widening gap between rich & poor, both within
developed countries & third world countries.
o A Environmental problems: Critics such as the "deep ecologists" have claimed accountants are
complicit in a version of utilitarianism with the economic ends justifying the means rather than
another preferable ethical position.
A Critics of the accountancy profession Inevitably perhaps, it has been the critics of the accountancy
profession who have been most vocal in highlighting the influence of accounting in resource allocation,
seeking to demonstrate its complicity in wealth distribution and its role as the agent of capital.

2.E.5 CORPORATE SOCIAL RESPONSIBILITY (CSR) IN ORGANISATIONS - CONCEPT &

IMPORTANCE
Meaning of CSR
Corporate social responsibility (CSR) goes beyond the normal term off ―giving back to society‖ and by
challenging businesses accountable for the consequences of their actions affecting the stake-holders while
they pursue economic goals. The general public expects business to be "socially responsible and many
companies have responded by making social goals a part of their overall business operations.
Accountability implies that negative business impacts on people and society should be acknowledged &
corrected if at all possible. Social responsibilities of business grow directly out of two features of the
modern corporation; (i) essential function it performs for a variety of stakeholders; and (ii) the immense
influence it has on the lives of the stakeholders.

Society counts on corporations for job creation, community well-being, standards of living, tax to finance
public services, and generally, corporate citizenship. The modern form of corporate social responsibility is
an evolvement from two principals.
A Charity principle: This principle advocates that wealthier members of society should be
charitable towards those less fortunate. The modern expression of the charity principle is corporate
philanthropy.
A Stewardship principle: Today's corporate executives see themselves as stewards or trustees who
act in the general public's interest. The company's management see themselves being placed in a
position of public trust and they control vast resources whose use can affect society in fundamental
ways. They have a responsibility to use these in ways that are good not /only to stockholders but
also for society generally- taking the welfare of society at large.
Note: Corporate Citizenship concept; (CPAAug2015 Qn2a)
This is the business strategy that shapes the values underpinning a company's mission and the choices made
each day by its executives', managers and employees as they engage with society.
Matten et al (2003) affirmed three (3) core principles/perspectives which define the essence of corporate
citizenship and every company should apply them in a manner appropriate to its distinct needs. These
include; the limited view (minimizing harm, motivated by economic), the equivalent view (maximising
benefit, motivated by ethical & legal), and the extended view (being accountable and responsive to
stakeholders, motivated by economic& political).

CPA Page 108

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

Need for CSR - Arguments "For" & "Against" CSR (CPAJun2017Qn1d)

Arguments for:
Businesses are unavoidably involved in social issues. Businesses are either part of the solution or part of
the problem e.g. unemployment, inflation, & pollution Businesses have the resources to tackle today's
complex societal problems. Private business sectors can play a decisive role in solving the society's more
troubling problems. A better society makes a better environment for doing business. A business can
enhance its long- run profitability by making an investment in society today.
Corporate social actions will prevent government intervention. Government will force business to do what
it fails to do voluntarily.
Arguments against:
■ Profit maximization ensures the efficient use of society resources. When consumers purchase goods and
services, they ultimately dictate where assets should be deployed.
■ As economic institutions, businesses generally lack the ability to pursue social goals. Gross inefficiencies
can be expected if managers divert their attention from pursuit of economic goals
■ Businesses already have enough power. Businesses already exercise influence over where and how we
work, live, purchase goods and perceive value. There is no need to hand them over more powers.
Since managers are not elected, they are not directly accountable for the people. Corporate social programs
can easily become misguided.
2.E.6 KEY DEVELOPMENTS IN CSR, MECHANISMS & CSR AUDIT
Emerging trends in CSR - 4 basic trends
(i) Moving 'from reporting to engagement. It's no longer a mere reporting but rather focusing on
the engagement side. Since customers, employees & suppliers generally don't read reports,
companies are beginning to experiment with ways to interest, entice & even seduce those
stakeholders into wanting to engage with the company about what it's doing.
(ii) It's about the business model. More companies are starting to understand a little more about the
scale of the challenge that faces businesses in terms of sustainability, and they are wondering
what this means for their business model.
(iii) Finding own identity & respect. CSR Executives have been asking themselves for some time
whether they are part of a proper professional discipline or not. When Accountability was first
formed in the late 1990s, it was styled the Institute of Social & Environmental Accountability
with a view that it would become the professional body for 'accountability professionals'. Thus,
CSR officials need recognition of CSR as a unique discipline.
(iv) Taking the role of global citizens. Businesses have always taken an interest in influencing
public policy agenda, but historically purely from defensive purpose of fending off potential
restrictions on its ability to make profit. But as physical evidence for climate change increases
and the urgency of taking action keeps pace, companies are starting to re-evaluate what is their
role as change agents while responding to global env'tal challenges.
Global trends in CSR
 What drives companies to become more socially responsible? These include among the following;
cost management, customer demand, being the right thing to do, brand building, staff recruitment &
retention, and tax relief.

CPA Page 109

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

 Main activities of corporate social responsibility. The vast majority of businesses are now involved
with local charities, either through donating time, money or products/services.
 Drive to reduce environmental impact. Businesses are working to reduce their environmental
impact, with increasing numbers calculating the carbon footprint of their operations.
 How to report CSR. Sustainability reporting has increased since 2011, with more than half of
businesses now viewing integrated reporting as best practice.
Other specific trends driving CSR
 Collaboration continues to be key
 Business is galvanizing around climate change
 Social justice is no longer considered off limits for businesses
 Transparency - even luxury brands are becoming more transparent
 Trust - business entrusted to be responsible
 Community participation - health, education, community investment & env'tal stewardship
 Accessing new market responsibility - moving from resource taker to market builder
 Initiatives to engage companies - increased means of engaging in corporate sustainability
CSR Mechanisms
Five Fundamental Elements to effective CSR approach - CSR Mechanisms
 Identification & selection of relevant norms of behavior. Identification and selection by a firm of
relevant substantive CSR norms and principles
 Techniques for engaging stakeholders. Techniques for engaging full range of stakeholders impacted
by firm's activities in firm-level CSR development & implementation approaches
 Processes & systems to ensure effective opemtionalization - of CSR commitments, objectives, and
measurable & verifiable results.
 Techniques for verification of progress. Techniques for verification of progress toward CR
 commitments and objectives
 Techniques for stakeholder and public reporting & communication
Key steps of CSR Audit;
 Situational analysis,
 Benchmarking
 Brainstorming
 Evaluation of alternatives & selecting the best alternative,
 Create the action plan
2.E.7 CSR FRAMEWORK VIEWS - GRAY, OWEN & ADAMS, AND CARROLL'S PYRAMID
Gray, Owen & Adam's 7 Positions on CSR (CPA Nov20I2 Qn6)
The said authors raised academic concerns that companies pay too little attention to social and environment
matters. In particular, they believe that the accounting profession is aligned with business and morally
supporting unethical entities that put profits before people and the planet. Gray, Owen, & Adams pointed
out lack of interest in corporate social responsibility, reporting as evidence of immorality. They see CRS
reporting as a way of exposing corporate behaviour or misbehavior as they see to it that pressures will then
be exerted to cause companies to change. They effectively see a stakeholder led revolution. They also

CPA Page 110

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

recognize the importance of assurance reporting to support reliability of CSR reporting since they clearly
doubt the objectivity of current reports.

Stakeholder theories: Gray, Owen, and Adams, describe two stakeholder views.
The 1st view is Accountability Model where society views a company as having responsibility and an
accountability requirement to all stakeholders. The responsibility and accountability are determined by the
strength of the relationship.

The 2nd view is Empirical Accountability Model viewed from the perspective organization that determines
the extent to, which it needs to show responsibility and accountability to its stakeholders. The company can
be selective and may use reporting to manage, influence and manipulate. The seven positions are:
1. Pristine capitalists (CPA Jun2015 Qn3a)
2. Expedients
3. Supporters of the social contractors (CPA Jun2BI5CnCaJ
4. Social ecologists
5. Socialists
6. Radical feminists
7. Deep ecologist

Pristine capitalists. Underpinning value is shareholder wealth maximization. Anything that reduces
shareholder wealth (e.g. acting in socially responsible way) is theft from shareholders. Pristine capitalists
see the free market system with entrepreneurs seeking opportunities for profit as the key to economic
success. Profit is therefore the motivator for entrepreneur activity. Pristine capitalists will recognize that
social and environmental costs of entrepreneurial activity exist but will see them as externalities that are
costs of society not costs for firms. However they may see a role for government to intervene in markets to
legislate, penalize and tax firms for social irresponsibility and environmental damage that makes the social
costs real costs that will be taken account during profit maximization. Thus, social & env'tal compliance
will occur.

CPA Page 111

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

 The conclusions however that, firms will only comply with the minimum social and environmental
requirements that have a cash cost to them.
Expedients. Recognise some social responsibility expenditure may be necessary to strategically position
an organisation so as to maximise profits. This is back to the concept of enlightened self-interest'. Gray,
Owen and Adams suggest that some capitalist supporters take an expedient view of CSR. This is the classic
"ethics pays" viewpoint. The view of expedients is that they will contribute to CSR only in so far as it reaps
commercial gain. The expedient takes a long term that by investing in social and environmental protection
and improvement that shareholder wealth will increase as ethical customers and investors see the company
in a positive light.
 The conclusion is that, CSR is done for commercial as opposed to moral reasons.
Supporters of the social contract. Businesses enjoy a license to operate granted by society so long as the
business acts in an appropriate way. Social contractions believe that economic systems, legal systems, laws
and regulations are held together by the will of society and such individuals have economic, social and
environmental responsibilities.
 The conclusion is that in essence, companies only exist at the will of people and have
responsibilities to society as a result.
Social ecologists: Recognizes that a business has a social and environmental footprint and therefore bears
responsibility for minimizing that footprint. Social-ecologists are those concerned with human environment
who assert that since large organizations have had significant negative effects on society they should, be
the ones who must have responsibility for righting the wrongs
 The conclusion is that, organizations should accept responsibility for resource misuse, pollution,
waste creation and the like.
Socialists: Actions of business are those of the capitalist class oppressing other classes of people. Business
should be conducted so as to redress imbalances in society. Socialists believe that capital is dominant in
social, economic and political life, and this needs to change in order to reduce the extent of this dominance.
They distrust accounting systems and CSR systems but does not necessarily have a clear idea of how to
achieve their objectives.
 The conclusion is that, the production of goods should be a secondary consideration, (Social
responsibility should be number one.
Radical feminists: Society and business should be based on feminine characteristics such as equity,
dialogue, compassion and fairness. They believe that the whole culture and language of a business in
masculine and" that is at the heart of the negative issues arising from business. Variables determining
cultural context include; Economic-focus on profitability; Legal-compliance with law; Ethical-focus on
doing 'what is right'; and Philanthropic-focus on doing 'what is desired'.
 The conclusion is that, radical feminists believe that the world is lacking the softer traits of
compassion, cooperation, tenderness and love.
Deep ecologists: Humans have no more intrinsic right to exist than any other species. These are people
who take the view that man has no more right to life than any other living thing. We should not destroy
natural habitats to build roads or new airport terminals.
 The conclusion is that, the farming of such natural resources like fish or timber should at the very
least be sustainable,
Carroll's Social Responsiveness Strategies & CSR Pyramid Model(CPAJun20I2 Qn7a; Aug2015Qn2b)
Carroll's Responsiveness Strategies. According to Carroll, Social Responsiveness refers to capacity of the
corporation to respond to social pressure, and the manner in which it does so.
Carroll suggests four possible strategies: reaction, defence, accommodation and pro-action.
► Reaction. The corporation denies any responsibility for social issues.

CPA Page 112

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

►Defence: The corporation admits responsibility but fights.it, doing the very least that seems to be
required.
►Accommodation: The corporation accepts responsibility and does what is demanded of it by relevant
groups.
►Proaction: The corporation seeks to go beyond industry norms.

Carroll's CSR Pyramid. According to Carroll (1983:608), "corporate social responsibility (CSR) involves
the conduct of a business so that it is economically profitable, law abiding, ethical and socially supportive.
To be socially responsible, then it means that profitability and obedience to the law are foremost conditions
when discussing the firm's ethics and the extent to which it supports the society in which it exists with
contributions of money, time and talent". This forms a basis for Carroll's CSR pyramid whose different
layers help managers see the different types of obligations that society expects of businesses. Carroll
devised a four-part model of CSR; economic responsibility, legal responsibility, ethical responsibility &
philanthropic responsibility. True CSR requires satisfying all four parts consecutively. From this, Carroll
offers the following definition of CSR: "CSR encompasses the economic, legal, ethical and philanthropic
expectations placed on organisations by society at a given point in time."

Carroll’s CSR Pyramid

Economic responsibility: Shareholders demand a reasonable return, employees want safe and fairly paid
jobs, and customers demand quality at a fair price. It concerns the responsibility of business of producing
goods and services needed by society and selling them making a profit. Companies have shareholders who
demand a reasonable return on their investments, they have employees who want safe and fairly paid jobs,
and they have customers who demand good quality products at a fair price. So, here comes the first
responsibility of the business as it is to be a properly functioning economic unit and stay in business. And
this is the base of the pyramid, where all the other layers rest on.

Legal responsibility: The law is a base line for operating within society, and it's an accepted rule book for
company operations. Company's legal responsibility demands that businesses abide by the law & play by
the rules of the game. Should companies choose to "bend" or even ignore their legal responsibilities, price
can be very high for business. US software giant Microsoft has faced a long running anti-trust case in

CPA Page 113

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

Europe for abusing its monopolistic position to disadvantage its competitors which resulted in tough
settlements against it.

Ethical responsibility: This relates to doing what is right, just and fair. Actions taken in this area provide
reaffirmation of social legitimacy, & this is naturally beyond the previous 2 levels. The main concept of
ethical responsibility as defined and expressed by Carroll (1991) is that the ethical responsibility consists of
what is generally expected by society over and above economic and legal expectations. Ethical
responsibilities are not necessarily imposed by law, but they are expected from ethical companies by the
public and governments. And this case was seen in the example of Shell, where the decision of the
government was reversed for disposing of oil platform after a campaign and disagreement by the society
and public.

Philanthropic responsibility: Relates to discretionary behaviour to improve lives of others, charitable

donations, recreational facilities, and sponsoring the arts and sports events. As it is on the top of the
pyramid, it focuses on more luxurious things such as improving the quality of life of employees, local
communities and ultimately society in general. Some points of the philanthropic responsibilities of the
businesses can be controversial and requires separate studies aimed to it e.g. who should decide on what
cause to spend the money, how much & on what decision basis.

2.E.8 BENEFITS & IMITATIONS ASSOCIATED WITH CSR

 Benefits of CSR to the business (CPA Nov20I7 Qn2c; Nov2018 Qn2b)
 Contributing to winning new businesses
 Increasing customer engagement & retention
 Developing & enhancing relationships with customers, suppliers and networks
 Attracting, retaining & maintaining a happy workforce & be an Employer of Choice
 Saving money on energy and operating costs and manage risk
 Differentiation of business from its competitors^
 Generating innovation & learning, and enhancing business influence
 Improving business reputation and standing y
 Provision of access to investment and funding opportunities
 Generating positive publicity & media opportunities due to media interest in ethical activities
 Long-term thinking & strategic implementation - through sustainability driven CSR

Limitations of CSR
 Legitimacy. Corporate officials often ask, "is this social problem any of our affairs?" or "will it
affect our business?" A 'yes' answer would lead the company to an understanding that it has a
legitimate obligation to take social responsible actions. A 'No' answer or 'I am not sure' answer to
the questions would make company officials think twice. Judgment about the legitimacy of any
social activity is usually made by the firm's top level executives.
 Cost. Every social action is accompanied by costs of one kind. A company's contribution to charity
could have been paid instead to shareholders as dividend or bonus for employees.

CPA Page 114

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

 Efficiency. The cost of social responsibility like all business expenses can potentially reduce a
company's efficiency and affect its ability to compete in the market place e.g. a company may be
pressured by local community not to undertake computerization as it would reduce staff via cause
retrenchment, but the company could lose out to competitors in operation efficiency.
 Scope & complexity. Some of society's problems are simple to massive, too complex and too deep
seated to be solved e.g. env'tal problems (ozone depletion & destruction of rain forests).

SECTION 2.F; ACCOUNTANTS IN PUBLIC PRACTICE

2.F.1 PROFESSIONAL IMAGE OF AN ACCOUNTANT - ACCOUNTANT'S PUBLIC IMAGE
Meaning of professional image (accountant's public image); (CPANov2012 Qn2ai Nov2013 Qn5b;
Aug2016 Qn4c).
 This refers to the professional/ethical requirement that; "a member should conduct himself or
herself in a manner that portrays a positive image of the profession. He/she should observe the
ethical/accountant's fundamental principles". In circumstances where it is not provided for by the
Code he or she should conduct himself or herself in a manner consistent with the good reputation of
the profession and the Institute.
 Members of the accountancy bodies engaged in professional practice, or who in any way provide
professional services to clients, may on occasion, need guidance on correct course to pursue in their
dealings with clients' affairs. The purpose of the Code is to provide such guidance and to lay down
standards against which the conduct may be assessed.
 Members in salaries employment are subject to the terms (including terms applied by law) of
contracts of employment, & they are in a very similar position as to practitioners in practice.
 Members of various accountancy bodies are under an obligation to avoid conduct which would
bring discredit on themselves, the accountancy body or the accountancy body or the accountancy
profession. Such conduct may involve disciplinary proceedings.
 Members are expected in normal circumstances to follow the guidance contained in the Code of
Ethics as may be published by various accountancy bodies.
2.F.2 HOW ACCOUNTANTS IN PUBLIC PRACTICE OBTAIN WORK
According to ICPAU Code of Ethics, a member should not solicit clients or professional work either
directly or indirectly, by circular, advertisement, personal communication or interview or by any other
means. The following should be considered regarding obtaining professional work;
(i) A member, who is an employee, other than an employee of a Certified Public Accountant, should not,
on behalf of his employer, carry on in his own name, any business which is normally carried on by a
Certified Public Accountant.
(ii) A member, who is employed by another member or by firm of Certified Public Accountants engaged
in public practice-should not undertake professional work on his own account or partnership with
another member(s) without the written consent of his employer
(iii) There may be cases in which members in practice are retained by organisations, which, in their turn,
offer advice to their members on accountancy matters. The member retained by the organisation may,
in relation to matters referred to him by the organisation, deal only with the organisation itself and not
directly with any of its members. The member should ensure that in any relevant literature issued/by
the organisation neither his name nor the name of his firm is given undue publicity.

CPA Page 115

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

Accountants in Public Practice Vs. Accountants in Business/Industry (CPANov2018 1c,iii)

Public Practice Accountants deal primarily with the accounting, taxation and auditing of external
companies and, individuals. Public Practice accountants will be" involved in growth areas like audit, tax
and advisory. It offers accountants the opportunity to engage with various clients each with unique
requirements, business practices and methods of engagement. Unlike;

Business Accountants (Accountants working in industry) often focus on the economics within a business
including cash flow, cost control and budgeting. Specialized areas in which accountants in the industry
work in include but not limited to; financial accounting, management and cost accounting and treasury
management. Industry accountancy roles allow one to focus on a core area of the finance function where
he/she can add real value to a company's processes while providing key commercial insight into the
strategic direction of the business

Summary of How Accountants in Public Practice Obtain Work (CPA Dec2016 Qn2b; Jun20l8 Qn2c)
Accountants in Uganda are restricted by ethical code of conduct from advertising audit services.
They have a number of restrictions with regard to advertising a firm's services.
However, accountants can obtain work through the following means:
 Referrals – from other accountants in public practice or existing clients
 Bidding/media -Bid for audit/accounting services advertised in normal procurement process
 Acceptance of allocated assignments by Auditor General -based on prequalified audit firms
 Walk-in clients and/ or Opinion shopping -approached by the client
 Restricted advertising -through ICPAU's magazines, posters, and business cards
 ICPAU's website -Clients access & selects from ICPAU's website with record of audit firms
 Partnerships and sub-contracts -with other accountants in public practice
 Networking -through ICPAU's organized workshops, and related professional events

2.F.3 COMMON ETHICAL ISSUES WHEN OBTAINING WORK – LAWBALLING & OPINION SHOPPING
Lowballing (EPA Nov2012 Qn3bi). This is the loss-leading' practice in which auditors compete for clients
by reducing their fees for statutory audits. Lower audit fees are then compensated by the auditor carrying
out more lucrative non-audit work (e.g. consultancy and tax advice). Audits may even be offered for free.
Such 'predatory pricing' may undercut an incumbent auditor to secure an appointment into which higher
price consultancy services may be sold. Lowballing is unethical.

Threat/risk of incompetence if the non-audit work does not materialize and the lowballing firm comes
under pressure to cut corners or resort to irregular practices (e.g. the falsification of audit X working
papers) in order to 'keep within budget'. Current ethical guidance is that, the fact that an accountancy firm"
quotes a lower fee than other tendering firms is not improper, providing that the prospective client is not
misled about; the precise range of services that the quoted fee is intended to cover; and the likely level of
fees for any other work undertaken. Additional ethical guidance is the legal prohibitions on the provision of
many non-audit services (e.g. bookkeeping, valuation services, internal audit (outsourced), and human

CPA Page 116

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

resource services for executive positions). Safeguard on how lowballing could be eliminated is if auditors
chose to act 'exclusively as auditors' and don't accept non-assurance services.

Opinion shopping (CPA Nov2012 Qn3b), occurs when management approach auditing firms (other than
their incumbent auditors) to ask their views on the application of accounting standards or principles to
specific circumstances or transactions. The reasons for 'opinion shopping' may be: to find alternative
auditors; or to get advice on a matter of contention with the incumbent auditor.

Threat is that the member who is not the entity's auditor must be alert to the possibility that their opinion -
if it differs from that of the incumbent auditor, may create undue pressure on the incumbent auditor's
judgment and so threaten the objectivity of the audit. By aligning with the interests of management when
negotiating taking on an engagement, an incoming auditor may compromise their objectivity even before
the audit work commences. There is a risk that the audit fee might be seen to be contingent upon a
'favourable' opinion (that is, the audit judgment coinciding with management's preferences). Current ethical
guidance requires that when asked to provide a 'second opinion' a member should seek to minimise the risk
of giving inappropriate guidance, by ensuring that they have access to all relevant information. Additional
safeguard is that a member should; ascertain why their opinion is being sought, contact the auditor to
provide any relevant facts, and with the entity's permission, provide the auditor with copy of their opinion.

2.F.4 ETHICAL FRAMEWORK - CONCEPTUAL & ETHICAL CONFLICT RESOLUTION

Ethical Conceptual Framework & Independence
The Accountants' Ethical Conceptual Framework establishes the fundamental principles of professional
ethics for professional accountants & provides a conceptual framework that professional accountants shall
apply to, in respect to safeguarding independence, & as follows;
(a) Identification of threats to compliance with the fundamental principles^-7'
(b) Evaluation of the significance of the threats identified; andv7
(c) Applying safeguards, when necessary, to eliminate the threats or reduce them to an acceptable low
level.
Note: "Acceptable level" Concept (CPAJun20l3 Qn3biv)
This is the level at which a reasonable and informed third party would be likely to conclude, weighing all
the specific facts and circumstances available to the professional accountant at that time, that compliance
with the fundamental principles is not compromised
Note: Significance of the Threat depends on Factors e.g.; (CPANov20l3 Qnlb)
 Length of time that the individual has been a member of the assurance team
 Role of the individual on the assurance team
 Structure of the firm
 Nature of the assurance engagement
 Whether the client's management team has changed,
 Whether the nature, complexity of the client's accounting and reporting issues have changed
Ethical conceptual framework approach. The Code establishes a. conceptual framework that requires a
professional accountant using professional judgment to identify, evaluate, and address threats to
compliance with the fundamental principles". When a professional accountant identifies threats to

CPA Page 117

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

compliance with the fundamental principles and, based on an evaluation of those threats, determines that
they are not at an acceptable level, the professional accountant shall determine whether appropriate
safeguards are available and can be applied to eliminate the threats or reduce them to an acceptable low
level.

Note: In case of situations in which threats can't be eliminated or reduced to an acceptable level, either
because the threat is too significant or because appropriate safeguards are not available or cannot be
applied, "the professional accountant shall decline or discontinue the specific professional service involved
or, when necessary, resign from the engagement. The case of a professional accountant in public practice)
or the" employing organization (in the case of a professional accountant in business)". (CPAJun20l4
Qn3d).

Ethical conflict resolution. A professional accountant may be required to resolve a conflict in complying
with the fundamental principles. When initiating either a formal or informal conflict resolution process, the
following factors, either individually or together with other factors, may be relevant to the resolution
process:
 Relevant facts
 Ethical issues involved
 Fundamental principles related to the matter in question
 Established internal procedures, and
 Alternative courses of action.

Detailed Process for Ethical Conflict Resolution, (CPAAug2015 Qn4d)

 When initiating either a formal or informal conflict resolution process, the following factors, either
individually or together with other factors, may be relevant to the resolution process; relevant facts,
ethical issues involved, fundamental principles related to the matter in question, established internal
procedures, & alternative courses of action.
 Having considered the relevant factors, a professional accountant shall determine the appropriate
course of action, weighing the consequences of each possible course of action. If the matter remains
unresolved, the professional accountant may wish to consult with other appropriate persons within
the firm or employing organization for help in obtaining resolution.
 Where a matter involves a conflict with, or within, an organization, a professional accountant shall
determine whether to consult with those charged with governance of the organization, such as the
board of directors or the audit committee.
 It may be in the best interests of the professional accountant to document the substance of the issue,
the details of any discussions held, and the decisions made concerning that issue.
 If a significant conflict can't be resolved, a professional accountant may consider obtaining
professional advice from relevant professional body or from legal advisors. The professional
accountant generally can obtain guidance on ethical issues without breaching fundamental principle
of confidentiality if the matter is discussed with the relevant professional body on an anonymous
basis or with a legal advisor under the protection of legal privilege.

CPA Page 118

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

 If, after exhausting all relevant possibilities, the ethical conflict remains unresolved, a professional
accountant shall, where possible, refuse to remain associated with the matter creating conflict. The
professional accountant shall determine whether, in the circumstances, it is appropriate to withdraw
from the engagement team or specific assignment, or to resign altogether from the engagement, the
firm or the employing organization.

2.F.5 SAFEGUARDS - GENERAL P0SSD3LE ETHICAL SAFEGUARDS

General firm-wide safeguards in the work environment include; (CPA Jun2015 Qn5b)
 Firm's leadership that stresses the importance of compliance with fundamental principles
 Leadership of the firm that establishes the expectation that members of an assurance team will act in
the public interest.
 Policies and procedures to implement and monitor quality control of engagements.
 Documented policies regarding the need to identify threats to compliance with the fundamental
principles, evaluate the significance of those threats, and apply safeguards to eliminate or reduce the
threats to an acceptable level or, when appropriate safeguards are not available or cannot be applied,
terminate or decline the relevant engagement.
 Documented internal policies/procedures requiring compliance with fundamental principles
 Policies and procedures that will enable the identification of interests or relationships between the
firm or members of engagement teams and clients.
 Policies and procedures to monitor and, if necessary, manage the reliance on revenue received from a
single client.
 Using different partners and engagement teams with separate reporting lines for the provision of non-
assurance services to an assurance client.
 Policies and procedures to prohibit individuals who are not members of an engagement team from
inappropriately influencing the outcome of the engagement.
 Timely communication of firm's policies & procedures, including any changes to them, to all
partners, professional staff, appropriate training & education on such policies & procedures
 Designating a member of senior management to be responsible for overseeing the adequate
functioning of the firm's quality control system.
 Advising partners and professional staff of assurance clients and related entities from which
independence is required.
 A disciplinary mechanism to promote compliance with policies and procedures.
 Published policies & procedures to encourage & empower staff to communicate to senior levels
within the firm any issue relating to compliance with the fundamental principles.

General engagement-specific safeguards in the work environment include,

 Having a professional accountant who was not involved with the non-assurance service review the
non-assurance work performed or otherwise advise as necessary.
 Having a professional accountant who was not a member of the assurance team review the
assurance work performed or otherwise advise as necessary.
 Consulting an independent third party, such as a committee of independent directors, a professional
regulatory body or another professional accountant.

CPA Page 119

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

 Discussing ethical issues with those charged with governance of the client.
 Disclosing to those charged with governance of the client the nature of services provided and extent
of fees charged.
 Involving another firm to perform or re-perform part of the engagement.
 Rotating senior assurance team personnel.
General safeguards within the client's systems & procedures include: (CPAJun2014 Qnlc)
 The client requires persons other than management to ratify or approve the appointment of a firm to
perform an engagement.
 Client has competent employees with experience & seniority to make managerial decisions
 The client has implemented internal procedures that ensure objective choices in commissioning
non-assurance engagements.
 Client has a corporate governance structure that provides appropriate oversight and
communications regarding the firm's services.
General examples of safeguards advised for an individual accountant
 Have a mentor, who would guide you in instances of general ethical dilemmas
 Always consult, esp. from superior/skilled workmates or other personnel for technical issues
 Seek guidance from the ICPAU, for professional guidance on how to handle ethical dilemmas
 Attend continuous professional development programs (CPDs) for ethical/technical updates
 Have a lawyer and always consult from legal practitioners, when in doubt of the decision

2.F.6 ETHICAL ISSUES - POSSIBLE ETHICAL ISSUES & SPECIFIC SAFEGUARDS

Professional Appointment: Client Acceptance
Before accepting a new client relationship, a professional accountant in public practice shall determine
whether acceptance would create any threats to (compliance with the fundamental principles-Potential
threats to integrity or professional behavior may be created from for example, questionable issues
associated with the client (its owners, management or activities).

Client issues that, if known, could threaten compliance with the fundamental principles include, for
example, client involvement in illegal activities (such as money laundering), dishonesty or questionable
financial reporting practices. A professional accountant in public practice shall evaluate the significance of
any threats and apply safeguards when necessary to eliminate them or reduce them to an acceptable level.
Examples of such safeguards include:
 Obtaining knowledge and understanding of the client, its owners, managers and those responsible
for its governance and business activities; or
 Securing client's commitment to improve corporate governance practices or internal controls
 Where it is not possible to reduce the threats to an acceptable low level, the professional accountant
in public practice shall decline to enter into the client relationship.
Professional Appointment: Engagement Acceptance
The fundamental principle of professional competence and due care imposes an obligation on a
professional accountant in public practice to provide only those services that the professional accountant in
public practice is competent to perform. Before accepting a specific client engagement, a professional
accountant in public practice shall determine whether acceptance would create any threats to compliance

CPA Page 120

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

with fundamental principles e.g. a self-interest threat to professional competence and due care is created if
the engagement team does not possess, or cannot acquire, the competencies necessary to properly carry out
the engagement.

A professional accountant in public practice shall evaluate the significance of threats and apply safeguards,
when necessary, to eliminate or reduce them to an acceptable level. Examples of such safeguards include:
 Acquiring an appropriate understanding of the nature of client's business, the complexity of its
operations, specific engagement requirements, purpose, nature & scope of the work
 Acquiring knowledge of relevant industries or subject matters
 Possessing or obtaining experience with relevant regulatory or reporting requirements
 Assigning sufficient staff with the necessary competencies
 Using experts where necessary
 Agreeing on a realistic time frame for the performance of the engagement or
 Complying with quality control procedures designed to provide reasonable assurance that specific
engagements are accepted only when they can be performed competently.

Guidance on Changes in Professional Appointment (CPAJun2012 Qn3a)

Clients have the right to choose their auditors and other professional advisers, and to change to others if
they so desire. It is necessary in the interest of the public and the existing auditor or adviser and prospective
auditor in respect of an audit or recurring reporting services to communicate with the existing auditor and
for the latter to reply promptly as to any considerations which might affect the prospective auditor's
decision on whether or not to accept appointment.

Guidance on Communication with Predecessor (Outgoing) Auditors; (CPANov2012 Qn2c; Jun2012Qn3b).

 Communication is meant to ensure that all relevant facts known to the member who, having
 considered them, is then entitled to accept the nomination if he so wishes O A member should explain
to the prospective client that he has a professional duty to
 communicate to the existing auditor or adviser O He then asks the client to inform the existing auditor
or adviser of the proposed change and at
 the time to give the latter written authority to discuss the client's affairs with the member O Seek
permission to communicate with existing auditor or adviser
 The member should then write to the existing auditor or adviser, seeking information which could
influence his decision as to whether or not he may properly accept appointment
 If the client fails or refuses to grant the existing auditor permission to discuss the client's affairs with
the proposed successor, the existing auditor should report that fact to the prospective auditor who
should not accept appointment
 Whether or not there are matters to be considered before acceptance, existing auditor should
communicate them clearly without delay, if he prefers to do it orally both parties may make their own
record of such a discussion. Key matters for communication; (i) If existing auditor believes that he was
unfairly treated by the client (ii) If he believes that the prospective auditor obtained nomination in
contravention of code of ethics, (iii) Unpaid fees (prospective auditor should assist in any way open to
him towards achieving a settlement of outstanding fees)

CPA Page 121

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

 Where the existing auditor does not respond in reasonable time, endeavour to contact him by say
telephone or email, should this fail try to send a letter by recorded delivery service stating that unless
he receives a reply within a specified time, he will assume that there are no matters of which the
existing auditor is aware that should be brought to his attention
 A member can go ahead to complain to the Institute that the existing auditor did not respond to his
inquiry letter
 If there are any conflicting viewpoints between the client and the existing auditor, the prospective
auditor should discuss them with the client and satisfy himself of those issues.
 Having been given notice of any matters which are a subject of contention between the client and the
existing auditor, a member should be prepared if requested to do so, to demonstrate to investigation
committee that proper consideration has been given by him to those matters
 If the prospective auditor is satisfied that he can properly act, he should go ahead and inform the client
Guidance on factors that may be brought to the attention of the prospective auditor by the existing
auditor for consideration before acceptance of appointment (CPAJun20l2 Qn3c)
Limitation of scope; the client or its employees deliberately withholding information required for
the audit
Disagreement unresolved differences in principal or practice arose with the client
Unlawful acts by the client, its directors or employees relevant to the assignment that need further
investigation
Unconfirmed suspicions of defrauding the Government or its agencies e.g. URA
Serious doubts regarding the integrity of the directors and/or senior managers of the client.
The existing auditor proposes to bring to the attention of members or creditors circumstances
surrounding the proposed change of auditors.
Reasons for the change advanced by the client of which the existing auditor is aware of are not in
accordance with the facts as understood by the existing auditor

Transfer of Information/Books &/ or Right of Lien; (CPAJun20l2 Qn3d)

All books or documents in possession of the outgoing auditor that belong to the client should be handed
over unless the existing auditor is exercising a right of lien over fees. Note that a right of lien can't be
exercised over books/documents which either by statute or Articles of Association of the company has to
be available for public inspection.
Circumstances under which a right of lien may be exercised:
 books on which auditors have performed work,
 must have come into their possession lawfully,
 a fee note must have been rendered,
 no fee dispute exists.

Conflict of Interest (CPAJun20l4 Qn3a; Ang20l5 Qn3b)

A professional accountant in public practice shall take reasonable steps to identify circumstances that could
pose a conflict of interest e.g. a threat to objectivity may be created when a professional accountant in
public practice competes directly with a client or has a joint venture or similar arrangement with a major

CPA Page 122

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

competitor of a client. A threat to objectivity or confidentiality may also be created when a professional
accountant in public practice performs services for clients whose interests are in conflict or the clients are
in dispute with each other in relation to the matter or transaction in question.

A professional accountant in public practice shall evaluate the significance of any threats and apply
safeguards when necessary to eliminate the threats or reduce them to an acceptable level. Before accepting
or continuing a client relationship or specific engagement, the professional accountant in public practice
shall evaluate the significance of any threats created by business interests or relationships with the client or
a third party. Depending upon circumstances giving rise to conflict, application of one of the following
safeguards (CPAJun20l4Qn2c) generally necessary:
 Notifying the client of the firm's business interest or activities that may represent a conflict of
interest and obtaining their consent to acting such circumstances; or
 Notifying all known relevant parties that the professional accountant in public practice is acting for
two or more parties in respect of a matter where their respective interests are in conflict and
obtaining their consent to so act; or
 Notifying client that the professional accountant in public practice does not act exclusively for any
one client in the provision of proposed services (for example, in a particular market sector or with
respect to a specific service) and obtaining their consent to so act.
 The use of separate engagement teams - procedures to prevent access to information (for example,
strict physical separation of such teams, confidential and secure data filing)
 Clear guidelines for members of the engagement team on issues of security & confidentiality
 The use of confidentiality agreements signed by employees and partners of the firm, &
 Regular review of the application of safeguards by a senior individual not involved with relevant
client engagements.
Specific Circumstances Resulting into Conflict of Interest (CPA Jun20l3Qn4b; Jun2014 Qn3b)
 Provision of other services to audit client
 Preparation of accounting records for audit client
 Reporting on a company that is associated/related with the audit firm
 Part taking in the reporting function (taking part) in audit where one has been employed in the
previous 2 years
 Receivership, liquidation and audit client within 3 year gap in assignments
 Previous appointment in a company reported on

Second Opinion (CPAJun20l2 Qnlbiii,; Aug20l5 Qn3a; Nov20l9 Qn4)

Situation a professional accountant in public practice is asked to provide a second opinion on the
application of accounting, auditing, reporting or other standards or principles to specific circumstances or
transactions by or on behalf of a company or an entity that is an existing client may create threats to
compliance with the fundamental, principles. For example, there may be a threat to professional
competence and due care in circumstances where the second opinion is not based on the same set of facts
that were made available to the existing accountant or is based on inadequate evidence. The existence and

CPA Page 123

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

significance of any threat will depend on the circumstances of the request and ail the other available facts
and assumptions relevant to the expression of a professional judgment.

When asked to provide such an opinion, a professional accountant in public practice shall evaluate the
significance of any threats and apply safeguards when necessary to eliminate them or reduce them to an
acceptable level e.g. seeking client permission to contact the existing accountant, describing the limitations
surrounding any opinion in communications with the client & providing the existing accountant with a
copy of the opinion.

If the company or entity seeking the opinion will not permit communication with the existing accountant, a
professional accountant in public practice shall determine whether, taking all the circumstances into
account, it is appropriate to provide the opinion sought.

Fees & Other Types of Remuneration (CPAJun20l2 Qnla & b; Aug20l5l Qn4a; Nov2019 Qn4a)
Basis of determining Fees. When entering into negotiations regarding professional services, a professional
accountant in public practice may quote whatever fee is deemed appropriate. The general major basis of
determining fees has to be based on;
(i) Scope of work
(ii) Time required
(iii) Staff required in respect to their competences (level of expertise).
The fact that one professional accountant in public practice may quote a fee lower than another is not in
itself unethical. Nevertheless, there may be threats to compliance with fundamental principles arising from
the level of fees quoted e.g. a self-interest threat to professional competence & due care is created if fee
quoted is so low that it may be difficult to perform the engagement in accordance with applicable technical
and professional standards for that price. The existence and significance of any threats created will depend
on factors such as the level of fee quoted and the services to which it applies. The significance of any threat
shall be evaluated and safeguards applied when necessary to eliminate the threat or reduce it to an
acceptable level.
Examples of such safeguards include:
 Making the client aware of the terms of the engagement and, in particular, the basis on which fees
are charged and which services are covered by the quoted fee; or
 Assigning appropriate time-and qualified staff to the task.
Contingent Fees. Contingent fees are fees calculated on a predetermined basis relating to the outcome of a
transaction or the result of the services performed by the firm. A contingent fee charged directly or
indirectly, for example through an intermediary, by a firm in respect of an audit engagement or in respect
to a non-assurance service provided to an audit client creates a self-interest threat that is so significant that
no safeguards could reduce the threat to an acceptable low level if:
a) The fee is charged by the firm expressing the opinion on the financial statements and the fee is
material or expected to be material to that firm
b) The fee is charged by a network firm that participates in a significant part of the audit and the fee is
material or expected to be material to that firm, or

CPA Page 124

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

c) The outcome of the non-assurance service, and therefore the amount of the fee, is dependent on a
future or contemporary judgment related to the audit of a material amount in the financial
statements.
Note: Accordingly, a firm shall not enter into any such fee arrangement.
Contingent fees are widely used for certain types of non-assurance engagements & they may, however,
create threats to compliance with fundamental principles in certain circumstances. They may create a self-
interest threat to objectivity. The existence and significance of such threats will depend on factors
including:
o The nature of the engagement.
o The range of possible fee amounts.
o The basis for determining the fee.
o Whether outcome/result of the transaction is to be reviewed by an independent third party

The significance of such threats shall be evaluated and safe guards applied when necessary to eliminate or
reduce them to an acceptable level. Examples of such safeguards are:
 An advance written agreement with the client as to the basis of remuneration;
 Disclosure to intended users of work performed by the professional accountant in public practice
and the basis of remuneration;
 Quality control policies and procedures; or
 Review by an independent third party of the work performed by the professional accountant in
public practice.

Fees - Relative Size When the total fees from an audit client represent a large proportion of the total fees
of the firm expressing the audit opinion, the dependence on that client and concern about losing the client
creates a self-interest or intimidation threat. The significance of the threat will depend on factors such as:
the operating structure of the firm, whether the firm is well established or new, & the significance of the
client qualitatively and/or quantitatively to the firm. The significance of the threat shall be evaluated and
safeguards applied when necessary to eliminate the threat or reduce it to an acceptable level. Examples of
safeguards include:
 Reducing the dependency on the client
 External quality control reviews; or
 Consulting a third party, such as professional regulatory body or professional accountant, on key
audit judgments.

Fees - Overdue. A self-interest threat may be created if fees due from an audit client remain unpaid for a
long time, especially if a significant part is not paid before the issue of the audit report for the following
year. Generally the firm is expected to require payment of such fees before such audit report is issued. If
fees remain unpaid after the report has been issued, the existence and significance of any threat shall be
evaluated & safeguards applied when necessary to eliminate threat or reduce it to an acceptable level.
An example of such a safeguard is having an additional professional accountant who did not take part in
the audit engagement provide advice or review the work performed. The firm shall determine whether the
overdue fees might be regarded as being equivalent to a loan to the client and whether, because of the

CPA Page 125

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

significance of the overdue fees, it is appropriate for the firm to be reappointed or continue the audit
engagement.

Referral/Commission Fees (CPANov20l2 Qn3b,i). In certain circumstances, professional accountant in

public practice may receive a referral fee/commission relating to a client e.g. where professional accountant
in public practice does not provide the specific service required, a fee may be received for referring a
continuing client to another professional accountant in public practice or other expert. A professional
accountant in public practice may receive a commission from a third party (e.g. software vendor) in
connection with the sale of goods/services to a client. However, a self-interest threat can arise as the audit
firm gains financial benefit for each audit client referred.

Accepting such a referral fee or commission rates creates a self-interest threat to objectivity and
professional competence and due care. A professional accountant in public practice may also pay a referral
fee to obtain a client, for example, where the client continues as a client of another professional accountant
in public practice but requires specialist services not offered by the existing accountant. The payment of
such a referral fee also creates a self-interest threat to objectivity and professional competence and due
care.

The significance of the threat shall be evaluated and safeguards applied when necessary to eliminate the
threat or reduce it to an acceptable level. Examples of such safeguards include:
 Disclosing to the client any arrangements to pay a referral fee to another professional accountant for
the work referred;
 Disclosing to the client any arrangements to receive a referral fee for referring the client to another
professional accountant in public practice; or
 Obtaining advance agreement from the client for commission arrangements in connection with the
sale by a third party of goods or services to the client.

Marketing Professional Services.

When a professional accountant in public practice solicits new work through advertising or other forms of
marketing, there may be a threat to compliance with the fundamental principles e.g. a self-interest threat to
compliance with the principle of professional behaviour is created if services/products & achievements are
marketed in a way that's inconsistent with that principle.

A professional accountant in public practice shall not bring the profession into disrepute when marketing
professional services. The professional accountant in public practice shall be honest & truthful & not: (a)
Make exaggerated claims for services offered, qualifications possessed, or experience gained; or (b) Make
disparaging references or unsubstantiated comparisons to the work of another.

Note: If the professional accountant in public practice is in doubt about whether a proposed form of
advertising or marketing is appropriate, the professional accountant in public practice shall consider
consulting with the relevant professional body.

CPA Page 126

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

Articles and Letters in the Press (CPAJun2013Qn3b)

A Member submitting articles, letters or other contributions to the press may use their professional
designation and/ designatory letters.
In practice, they may also mention the name of their firm, except that they should not normally do so in the
non-professional press unless the subject is one in which the firm, as such, may properly claim an interest,
e.g. a professional matter, a local issue, etc.
Excessive contributions to the non-professional press may be deemed an improper form of publicity.

Gifts & Hospitality

A professional accountant in public practice, or an immediate or close family member, may be offered gifts
and hospitality from a client. Such an offer may create threats to compliance with the fundamental
principles e.g. a self-interest or familiarity threat to objectivity may be created if a gift from a client is
accepted; an intimidation threat to objectivity may result from the possibility of such offers being made
public.

The existence and significance of any threat will depend on the nature, value, and intent of the offer. Where
gifts or hospitality are offered that a reasonable and informed third party, weighing all the specific facts &
circumstances, would consider trivial & inconsequential, a professional accountant in public practice may
conclude that the offer is made in normal course of business without the specific intent to influence
decision making or to obtain information. In such cases, the professional accountant in public practice may
generally conclude that any threat to compliance with the fundamental principles is at an acceptable level.

Note: Generally, if a firm or a member of the audit team accepts gifts or hospitality, unless the value is
trivial and inconsequential, the threats created would be so significant that no safeguards could reduce the
threats to an acceptable level. Consequently, a firm or a member of the audit team shall not accept such
gifts or hospitality.

A custody of client Assets / Monies (CPAJun2013Qn3b)

A professional accountant in public practice shall not assume custody of client monies or other assets
unless permitted to do so by law and, if so, in compliance with any additional legal duties imposed on a
professional accountant in public practice holding such assets. The holding of client assets creates threats to
compliance with the fundamental principles e.g. there is a self-interest threat to professional behaviour and
may be a self-interest threat to objectivity arising from holding client assets. A professional accountant in
public practice entrusted with money (or other assets) belonging to others shall therefore:
a. Keep such assets separately from personal or firm assets,
b. Use such assets only for the purpose for which they are intended,
c. At all times be ready to account for those assets and any income, dividends, or gains generated, to any
persons entitled to such accounting, &
d. Comply with all relevant laws and regulations relevant to the holding of and accounting for such assets.

Note: As part of client & engagement acceptance procedures for services that may involve the holding of
client assets, a professional accountant in public practice shall make appropriate inquiries about the source

CPA Page 127

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

of such assets and consider legal and regulatory obligations e.g. if assets were derived from illegal
activities, such as money laundering, a threat to compliance with the fundamental principles would be
created. In such situations, the professional accountant may consider seeking legal advice.

Objectivity - All Services

A professional accountant in public practice shall determine when providing any professional service
whether there are threats to compliance with fundamental principle of objectivity resulting from having
interests in, or relationships with, a client or its directors, officers or employees e.g. a familiarity threat to
objectivity may be created from a family or close personal or business relationship. A professional
accountant in public practice who provides assurance service shall be independent of the assurance client.
"Independence of mind & in appearance is necessary to enable the professional accountant in public
practice to express a conclusion, & be seen to express conclusion, without bias, conflict of interest or undue
influence of others".

Circumstances that may make objectivity of an auditor to be impaired or appear to be impaired in

carrying out an audit assignment; (CPA Nov20I3 Qn3n)
 Self-interest threat -arising from undue dependence on an audit client
 Financial interest -firm, partners or staffs have financial interest in audit client
 Provision of both audit & non-assurance services -audit firm providing other services to client
 Relationships between auditor & client/staff-including family & personal relationships
 Gifts & hospitality -accepting or offering gifts which might have significant or improper influence
on professional judgment which bring the profession into disrepute

A professional accountant in public practice shall evaluate significance of any threats and apply safeguards
when necessary to eliminate them or reduce them to an acceptable level. Examples of such safeguards
include: (CPAJun20I2 Qnlc; Nov2013 Qn3b)
 Withdrawing from the engagement team;
 Complying with code of ethics and other relevant laws/policies
 Supervisory procedures
 Staff rotation -using different or new team members
 Terminating the financial or business relationship giving rise to the threat;
 Discussing the issue with higher levels of management within the firm; or
 Discussing the issue with those charged with governance of the client
 Assessing the integrity of client's management & their accountancy competence
 Resign, as the last resort if the threat can't be reduced to a low acceptable level

Independence - Audit & Review Engagements (BPAJun20I3 Qn3b.ii.)

Independence requirements for audit engagements and review engagements, are assurance engagements in
which a professional accountant in public practice expresses a conclusion on financial statements. Such
engagements comprise audit and review engagements to report on a complete set of financial statements
and a single financial statement. Independence is;

CPA Page 128

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

(a) Independence of Mind - the state of mind that permits the expression of a conclusion without being
affected by influences that compromise professional judgment, thereby allowing an individual to act with
integrity and exercise objectivity and professional skepticism.
(b) Independence in Appearance - the avoidance of facts and circumstances that are so significant that a
reasonable and informed third party would be likely to conclude, weighing all the specific facts and
circumstances, that a firm's, or a member of the audit team's, integrity, objectivity or professional
skepticism has been compromised.

Note: In deciding whether to accept or continue an engagement, or whether a particular individual may be
a member of the audit team, a firm shall identify and evaluate threats to independence. In evaluating the
significance of a threat to independence, qualitative as well as quantitative factors shall be taken into
account. The firm is required by International Standards on Quality Control (ISQCs) to establish policies
and procedures designed to provide it with reasonable assurance that independence is maintained when
required by relevant ethical requirements. Also, International Standards on Auditing (ISAs) require
engagement partner to form conclusion on compliance with independence requirements that apply to the
engagement. (CPANov2011 Qn4c)
Public Interest Entities -as per ICPAU guidelines;
(a) All listed entities; and
(b) Any entity (i) defined by regulation or legislation as a public interest entity; or (ii) for which the audit is
required by regulation or legislation to be conducted in compliance with the same independence
requirements that apply to the audit of listed entities. Such regulation may be promulgated (official/public
announcement of new law) by any relevant regulator.
Firms and member bodies are encouraged to determine whether to treat additional entities, or certain
categories of entities, as public interest entities because they have a large number and wide range of
stakeholders. Factors to be considered include the nature of the business, such as the holding of assets in a
fiduciary capacity for a large number of stakeholders. Examples may include financial institutions such as
banks and insurance companies, pension funds and due to size & number of employees.

Financial Interest
Holding a financial interest in an audit client may create a self-interest threat. The existence and
significance of any threat created depends on:
(a) The role of the person holding the financial interest,
(b) Whether the financial interest is direct or indirect, and
(c) The materiality of the financial interest.
Financial interests may be held through an intermediary (e.g. a collective investment vehicle, estate or
trust). The determination of whether such financial interests are direct or indirect will depend upon whether
the beneficial owner has control over the investment vehicle or the ability to influence its investment
decisions. When control over the investment vehicle or the ability to influence investment decisions exists,
the Code defines that financial interest to be a direct financial interest. Conversely, when the beneficial
owner of the financial interest has no control over the investment vehicle or ability to influence its
investment decisions, the Code defines that financial interest to be an indirect financial interest.

CPA Page 129

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

If a member of the audit team, a member of that individual's immediate family, or a firm has a direct
financial interest or a material indirect financial interest in the audit client, the self-interest threat created
would be so significant that no safeguards could reduce the threat to an acceptable low level. Therefore,
none of the following shall have a direct financial interest or a material indirect financial interest in the
client: a member of the audit team; a member of that individual's immediate family; or the firm.

When a member of the audit team has a close family member who the audit team member knows has a
direct financial interest or a material indirect financial interest in the audit client, a self-interest threat is
created. The significance of the threat will depend on factors such as; nature of the relationship between the
member of the audit team and the close family member, and the materiality of the financial interest to the
close family member. The significance of the threat shall be evaluated and safeguards applied when
necessary to eliminate the threat or reduce it to an acceptable level. Examples of such safeguards include:
 The close family member disposing, as soon as practicable, of all of the financial interest or
disposing of a sufficient portion of an indirect financial interest so that the remaining interest is no
longer material;
 Having a professional accountant review the work of the member of the audit team; or
 Removing the individual from the audit team.

A self-interest threat may be created if the firm or a member of the audit team, or a member of that
individual's immediate family, has a financial interest in an entity and an audit client also has a financial
interest in that entity. However, independence is deemed not to be compromised if these interests are
immaterial and the audit client cannot exercise significant influence over the entity. If such interest is
material to any party, and the audit client can exercise significant influence over the other entity, no
safeguards could reduce the threat to an acceptable level. Accordingly, the firm shall not have such an
interest and any individual with such an interest shall, before becoming a member of the audit team, either:
 Dispose of the interest;*or
 Dispose of a sufficient amount of the interest for the remaining interest is no longer material.

A self-interest, familiarity or intimidation threat may be created if a member of the audit team, or a member
of that individual's immediate family, or the firm, has a financial interest in an entity when a director,
officer or controlling owner of the audit client is also known to have a financial interest in that entity. The
existence and significance of any threat will depend upon factors such as; the role of the professional on the
audit team, whether ownership of the entity is closely or widely held, whether the interest gives the
investor the ability to control or significantly influence the entity, and the materiality of the financial
interest. The significance of any threat shall be evaluated and safeguards applied when necessary to
eliminate the threat or reduce it to an acceptable level. Examples of such safeguards include:
 Removing the member of the audit team with the financial interest from the audit team; or
 Having a professional accountant review the work of the member of the audit team.

Loans & Guarantees (CPAJun2013 Qn3b.i)

A loan, or a guarantee of a loan, to a member of the audit team, or a member of that individual's immediate
family, or the firm from an audit client that is a bank or a similar institution may create a threat to

CPA Page 130

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

independence. If the loan or guarantee is not made under normal lending procedures, terms and conditions,
a self-interest threat would be created that would be so significant that no safeguards could reduce the
threat to an acceptable level. Accordingly, neither a member of audit team, member of that individual's
immediate family, nor firm shall accept such a loan/guarantee.

If a loan to a firm from an audit client that is a bank or similar institution is made under normal lending
procedures, terms and conditions and it is material to the audit client or firm receiving the loan, it may be
possible to apply safeguards to reduce self-interest threat to an acceptable low level. An example of such a
safeguard is having the work reviewed by a professional accountant from a network firm that is neither
involved with the audit nor received the loan.

Therefore, a loan, or a guarantee of a loan, from an audit client that is a bank or a similar institution to a
member of the audit team, or a member of that individual's immediate family, does not create a threat- to
independence if the loan or guarantee is made under normal lending procedures, terms & conditions, e.g.
home mortgages, bank overdrafts, car loans & credit cards.

On the other hand, if the firm/member of audit team, or a member of that individual's immediate family,
accepts a loan from, or has a borrowing guaranteed by, an audit client that is not a bank or similar
institution, the self-interest threat created would be so significant that no safeguards could reduce the threat
to an acceptable level, unless the loan or guarantee is immaterial to both (a) the firm or the member of the
audit team and the immediate family member, and (b) the client.

Similarly, if the firm or a member of the audit team, or a member of that individual's immediate family,
makes or guarantees a loan to an audit client, the self-interest threat created would be so significant that no
safeguards could reduce the threat to an acceptable level, unless the loan or guarantee is immaterial to both
(a) the firm or the member of the audit team and the immediate family member, & (b) the client.
A close business relationship between a firm, or a member of the audit team, or a member of that
individual's immediate family, and the audit client or its management, arises from a commercial
relationship or common financial interest & may create self-interest or intimidation threats. Examples of
such relationships include:
 Having a financial interest in a joint venture with either the client or a controlling owner, director,
officer or other individual who performs senior managerial activities for that client.
 Arrangements to combine one or more services or products of the firm with one or more services or
products of the client and to market the package with reference to both parties.
 Distribution/marketing arrangements under which the firm distributes/markets the client's products
or services, or the client distributes or markets the firm's products or services.

Note: Unless any financial interest is immaterial and the business relationship is insignificant to the firm
and the client or its management, the threat created would be so significant that no safeguards could reduce
the threat to an acceptable level. Therefore, unless the financial interest is immaterial and the business
relationship is insignificant, the business relationship shall not be entered into, or it shall be reduced to an
insignificant level or terminated.

CPA Page 131

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

The purchase of goods and services from an audit client by the firm, or a member of the audit team, or a
member of that individual's immediate family, does not generally create a threat to independence if the
transaction is in the normal course of business and is at arm's length. However, such transactions may be of
such nature/magnitude that they create a self-interest threat. The significance of threat shall be evaluated &
safeguards applied when necessary to eliminate the threat or reduce it to an acceptable level. Examples of
such safeguards include:
 Eliminating or reducing the magnitude of the transaction; or
 Removing the individual from the audit team.

Family & Personal Relationships

Family & personal relationships between a member of the audit team & a director or officer or certain
employees (depending on their role) of the audit client may create self-interest, familiarity or intimidation
threats. The existence and significance of any threats will depend on a number of factors, including the
individual's responsibilities on the audit team, the role of the family member or other individual within the
client and the closeness of the relationship.

When an immediate family member of a member of the audit team is:

(a) a director or officer of the audit client; or
(b) an employee in a position to exert significant influence over the preparation of the client's accounting
records or the financial statements on which the firm will express an opinion,
or was in such a position during any period covered by the engagement or the financial statements, the
threats to independence can only be reduced to an acceptable level by removing the individual from the
audit team. The closeness of the relationship is such that no other safeguards could reduce the threat to an
acceptable low level. Accordingly, no individual who has such a relationship shall be a member of the
audit team.

Employment with an Audit Client

Familiarity or intimidation threats may be created if a director or officer of the audit client, or an employee
in a position to exert significant influence over the preparation of client's accounting records or the
financial statements on which the firm will express an opinion, has been a member of the audit team or
partner of the firm.

If a former member/partner of audit team/firm has joined the audit client in such a position and a
significant connection remains between the firm & individual, the threat would be so significant that no
safeguards could reduce it to an acceptable level. Thus, independence would be deemed to be compromised
if a former member/partner joins the audit client as a director or officer, or as an employee in a position to
exert significant influence over the preparation of the client's accounting records or the financial statements
on which the firm will express an opinion, unless:

CPA Page 132

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

(a) The individual is not entitled to any benefits or payments from the firm, unless made in accordance
with fixed pre-determined arrangements, and any amount owed to the individual is not material to
the firm; and
(b) The individual does not continue to participate or appear to participate in the firm's business or
professional activities.
If a former member of the audit team or partner of the firm has joined the audit client in such a position, &
no significant connection remains between the firm & the individual, the existence and significance of any
familiarity or intimidation threats will depend on factors such as:
• The position the individual has taken at the client;
• Any involvement the individual will have with the audit team;
• Length of time since the individual was a member of the audit team or partner of the firm, &
• The former position of the individual within the audit team or firm e.g. whether the individual was
responsible for maintaining regular contact with the client's management or those charged with governance.

Significance of any threats created shall be evaluated & safeguards applied when necessary to eliminate
threats or reduce them to an acceptable level. Examples of such safeguards include:
 Modifying the audit plan
 Assigning individuals to the audit team who have sufficient experience in relation to the
 individual who has joined the client or
 Having a professional accountant review the work of the former member of the audit team

Temporary Staff Assignments

The lending of staff by a firm to an audit client may create a self-review threat. Such assistance be given,
but only for a short period of time & firm's personnel shall not be involved in;
(a) Providing non-assurance services that would not be permitted under this section, or
(b) Assuming management responsibilities.
According to IFAC Code of Ethics non-assurance services are (CPA Nov20I3 Qnla)
(i) preparing accounting records and financial statements (from 290.166 to 290.173)
(ii) Valuations services (from page 290.174 to page 290.179)
(iii) Provision of taxation services to financial statement audit clients (290.180)
(iv) Provision of internal audit services to financial statement audit clients (290.181-290.186)
(v) Provision of IT systems services to financial statement audit clients (290.187-290.191)
(vi) Temporary staff assignments to financial statement audit clients (290.192)
(vii) Provision of litigation support services to financial statement audit clients (290.193-290.195)
(viii) Provision of legal services to financial statement audit clients (from 290.196 to 290.202)
(ix) Recruiting senior management (290.203)
(x) Corporate finance and similar activities (from 290.204 to 290.205)

In all circumstances, audit client shall be responsible for directing and supervising activities of the loaned
staff. Significance of any threat shall be evaluated & safeguards applied when necessary to eliminate threat
or reduce it to an acceptable low level. Examples of such safeguards include;
 Conducting an additional review of the work performed by the loaned staff

CPA Page 133

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

 Not giving the loaned staff audit responsibility for any function or activity that the staff performed
during the temporary staff assignment, or
 Not including the loaned 'staff as a member of the audit team.

2.F.7 ETHICAL DILEMMAS VS ETHICAL ISSUES

Case Study: CPA Jun2015 Qn1a
Abertine Oil Limited (AOL) is a listed oil-gas company based in Uganda, with major operations along
shores of Lake Albert for upstream, downstream and corporate segments. According to recent study, air,
water soil & forest resources have been devasted by the exploitation of oil & gas resources. These
consequently caused residents to suffer from harm to their health & incomes. Little action has been taken
by AOL.
Francis (head of Safety department) has received several complaints from residents. He reported to top
management but his colleagues are not bothered. He is therefore contemplating to whistle-blow to the
petroleum industry regulatory authority. CPA Linda (head of Finance department) recently received
information from head of Legal department indicating that the company is likely to lose all environmental
court cases instituted by residents. Linda has only disclosed in the notes to the financial statements.

Peter (accounts assistant & CPA student) believes that his boss (Linda) should make a provision for the
litigations in the company's financial statements.
Meanwhile, the Managing Director promised Linda a high bonus payment if she reports a growth in profits
for the current financial year so that the company's share price can rise. Required: Examine the professional
ethical issues and ethical dilemmas (8mks)

Case Study: CPA Jun2015 Qn2b

Charles Mpendo is a new employee at ZAM Construction Ltd. He has noted a few issues which deem to be
unethical, occurring at his new workplace. These include; many employees abusing employer's time by
using the internet of Facebook, engaging in other personal activities, poor client service especially, when
the owners of the business are not in the vicinity, and inadequate safety and protection measures put in
place for employees at work.
Charles Mpendo is confused about what to do since he is new in employment whose probation is soon
ending.
Required: Discuss ethical dilemmas you would consider that Charles is faced with (8mks)

Hint: » Whether or not, to report (whistle-blow) unethical practices

» The dilemma of knowing whom to report to, either internally or externally
» Whether or not, to conform with fellow employees' unethical practices
» Whether he should resign before completing probation period or continue in employment
» Evaluating whether or not, he will be protected once he reports unethical practices

Others practice & revision questions;

CPA Jun2014 Qn.1 (ethics); etc.

CPA Page 134

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

SECTION 2.G: CORPORATE GOVERNANCE

2.G.1 HISTORY & ROLE OF CORPORATE GOVERNANCE IN UGANDA
Corporate governance became a pressing issue following the 2002 introduction of Sarbanes-Oxley Act in
the U.S., which was ushered in to restore public confidence in companies and markets after accounting
fraud bankrupted high-profile companies e.g. Enron & WorldCom. Most companies now strive to have
high level of corporate governance. Nowadays, it's not enough for a company to merely be profitable; it
also needs to demonstrate good corporate citizenship through environmental awareness, ethical behavior
and sound corporate governance practices.
Key Scandals Attributed to Enforcement of Corporate Governance
Enron Scandal (American Energy Company) in 2000 - filed for bankruptcy in 2001
(i) Mark-to-market accounting which requires that once a long-term contract was signed, income is
estimated as the present value of net future cash flow
(ii) Special purpose entities - limited partnerships or companies created to fulfil a temporary or specific
purpose to fund or manage risks associated with specific assets
WorldCom Scandal (Telecommunication Company) in 2002 - filed for bankruptcy in 2002
(i) Capitalising operating expenses - Booking "line costs" (interconnection expenses with other
telecommunication companies) as capital expenditures on balance sheet instead of expenses
(ii) Inflating... revenues with bogus accounting entries from "corporate unallocated revenue accounts"

2.G.2 CONCEPT & SCOPE OF CORPORATE GOVERNANCE

Meaning / Concept (CPAJun2015 Qn5a)
Corporate governance is the system of rules practices and processes by which a company is directed and
controlled and it essentially "involves balancing the interests of the many stakeholders in a company -
shareholders, management, customers, suppliers, financiers, government, community, etc. Since corporate
governance' also provides the framework for attaining a company's objectives, it encompasses practically
every sphere of management, from action plans and internal controls to performance measurement &
corporate disclosure.

Importance of Corporate Governance (CPAJun2013 Qn5a;Aug20l7 Qn4a)

 Eases resource mobilization or funding. A proper governance system improves a company's ability
to obtain external funding and therefore its ability to grow.
 More effective management. If there are clearly delineated roles and responsibilities within the
business, and easily understood internal processes, the company's management and operations will
improve.
 Forward planning. A properly constituted board that holds regular meetings to discuss the
company's long term strategy is vital for every company.
 Managing risk and supporting innovation. No business is without risk. By having risk management
processes in place, supported by internal controls, the company can identify, monitor and mitigate
its risks.
 Improved reputation. A company with good governance systems in place is less likely to suffer the
reputational damage that can be caused when governance failures occur.

CPA Page 135

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

 Delegation of authority. It's management (those charged with governance) who run the company,
but the owners are the shareholders and they are not involved in the running of the business.
 Saves shareholder's time while addressing their concerns. For the shareholders, their only
opportunity to raise concerns is at the annual general meeting, which only occurs once a year and
often attendance is low.

2.G.3 PRINCIPLES OF CORPORATE GOVERNANCE

Key Corporate Governance Principles (CPAAug2DI7Un4b)
 Openness / Transparency
 Integrity
 Fairness & Equity
 Responsibility
 Accountability
 Reputation
 Judgment
2.G.4 GENERAL BEST PRACTICES & RECOMMENDATIONS
Lay solid foundation for management and oversight Recognise and publish the respective roles and
responsibilities of Board and management. Formalize & disclose functions reserved to the Board & those
delegated to management. Formalize director's appointments in writing.

Structure the Board to add value. Have a Board of effective composition, size & commitment to
adequately discharge its responsibilities and duties. A majority of the Board should be independent
directors. The chairperson should be an independent director. The roles of the chairperson and chief
executive officer (or equivalent) should not be exercised by the same individual. The Board should
establish a Nomination Committee.

Promote ethical & responsible decision-making. Actively promote ethical and responsible decision-
making. Establish a Code of Conduct to guide the directors, the chief executive Officer (or equivalent), the
chief financial officer (or equivalent) and any other key executives as to; the practices necessary to
maintain confidence in the Company's integrity; and the responsibility and accountability of individuals for
reporting and investigating reports of unethical practices. Disclose the policy concerning trading in
company securities by directors, officers & employees

Safeguard integrity in financial reporting. Have a structure to independently verify and safeguard the
integrity of the company's financial reporting. Require the chief executive officer (or equivalent) and the
chief financial officer (or equivalent) to state in writing to the Board that the Company's financial reports
present a true and fair view, in all material respects, of the Company's financial condition and operational
results and are in accordance with relevant accounting standards. The Board should establish an Audit
Committee. Structure the Audit Committee so that it consists of: only non-executive directors; a majority
of independent directors; an independent chairperson, who is not chairperson to the Board; and at least
three members. The Audit Committee should have a formal charter.

CPA Page 136

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

Make timely & balanced disclosure. Promote timely and balanced disclosure of all material matters
concerning the Company. Establish written policies and procedures designed to ensure compliance with
relevant rules like stock exchange listing rule disclosure requirements and to ensure accountability at a
senior management level for that compliance.

Respect the rights of shareholders. Respect the rights of shareholders and facilitate the effective exercise
of those rights. Design and disclose a communications strategy to promote effective communication with
shareholders and encourage effective participation at general meetings. Request the external auditor to
attend the annual general meeting and be available to answer shareholder questions about the conduct of
the audit and the preparation and content of the auditor's report.

Recognise & Manage risk. Establish a sound system of risk oversight and management and internal
control. The Board or appropriate Board committee should establish policies on risk oversight and
management. The CEO (or equivalent) and the CFO (or equivalent) should state to the Board in writing
that: the statement given in accordance with best practice recommendation (the integrity of financial
statements) is founded on a sound system of risk management and internal compliance and control which
implements the policies adopted by the Board; and the Company's risk management and internal
compliance and control system is operating efficiently and effectively in all material respects.

Encourage enhanced performance. Fairly review and actively encourage enhanced Board and
management effectiveness. Disclose the process for performance evaluation of the Board, its committees
and individual directors, and key executives.

Remunerate fairly & responsibly. Ensure that the level and composition of remuneration is sufficient and
reasonable and that its relationship to corporate and individual performance is defined. Provide disclosure
in relation to the Company's remuneration policies to enable investors to understand (i) the costs and
benefits of those policies and (ii) the link between remuneration paid to directors and key executives and
corporate performance. The Board should establish a Remuneration Committee. Clearly distinguish
structure of non-executive directors' remuneration from that of executives. Ensure that payment of equity-
based executive remuneration is made in accordance with thresholds set in plans approved by shareholders.
Recognise the legitimate interests of stakeholders. Recognise legal and other obligations to all legitimate
stakeholders.

2.G.5 CODE OF CORPORATE GOVERNANCE IN THE UGANDAN COMPANIES ACT

According to Sec 14(1) of the Companies Act, 2012, laws of Uganda, a public company shall, at the time
of registration of its articles, adopt and incorporate into its articles the provisions of the code of corporate
governance contained in Table F. Sec. 14(2) further states that a private company may, at time of
registration of its articles or subsequently, adopt & incorporate into its articles, the provisions of the code
of corporate governance contained in Table F. Sec. 14(4) requires a company that has adopted the code of
corporate governance, to annually file a statement of compliance with the registrar and the Capital Markets
Authority.

CPA Page 137

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

According to the code of corporate governance under Table F of the Companies Act, 2012, laws of
Uganda, the Board (unitary Board with executive and non-executive Directors) is accountable for the
performance and affairs of the company, and in the performance of its duties is expected to act in good
faith; with due diligence and care and in the interests of the company. The Board's authority may be
delegated to management and board committees but it remains the responsibility of directors.

The code is arranged into the following sections & respective sub-sections;
 Board & Directors: board, board composition (both executive & mainly non-executives),
chairperson & CEO, directors, remuneration, board meetings, board committees, board & director
evaluation, deadlines in securities, and company secretary.
 Risk Management: responsibility, and application & reporting
 Internal Audit: status, role, and scope of internal audit
 Integrated Sustainability Reporting: sustainability reporting, and organisational integrity or code of
ethics
 Accounting & Auditing: auditing & non-audit services, reporting of financial & non-financial
information, audit committee, relations with shareholders, communication, and implementation of
the code
2.G.6 GUIDELINES OF THE INSTITUTE OF CORPORATE GOVERNANCE IN UGANDA (ICGU)
Objectives for Establishment of (CPA Nov2018 Qn2ai)
 Training and promotion of commercial probity and effective management with emphasis on
transparency and integrity in the business community.
 Enhancing performance of boards, individual directors and senior-management in the private,
public and NGO sectors by improving their knowledge, personal development and professional
skills, particularly about their rights, duties, responsibilities and liabilities.
 Building national capacity in corporate governance, by imparting good management practices to
directors and senior management.
 Broad communication on corporate governance and building awareness of ICGU.
 Advocacy for targeted laws and policies to enhance corporate governance, through developing
codes of best practice for good governance within the public, private and NGO sectors.
 Membership development and Sustainability of ICGU as an organization.
 Provision of an effective voice for company directors and senior management of enterprises in
public affairs
Guidelines advanced by ICGU (CPA Nov2018 Qn2a.ii);
 Best practices relating to the board of directors
 Best practices relating to the position of chairperson and chief executive officer
 Best practices relating to rights of shareholders
 Best practices relating to conduct of general meetings
 Best practices relating to accountability & role of audit committees

CPA Page 138

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

2.G.7 THE CADBURY CODE OF BEST PRACTICES

The Corporate Governance Committee was set up in May 1991 by the Financial Reporting Council, the
Stock Exchange and the accountancy profession in response to continuing concern about standards of
financial reporting and accountability. The committee was chaired by Sir Adrian Cadbury and had a remit
to review those aspects of corporate governance relating to financial reporting and accountability. The final
report 'The financial aspects of corporate governance' (usually known as the Cadbury Report) was
published in December 1992 & contained a number of recommendations to raise standards in corporate
governance.
Cadbury's Typical Contents of a Best Practice' corporate governance report (CPAJun2013 Qn5b)
 Reporting on the fair & balanced view of the organization. Annual reports should state whether the
organization has complied with governance regulations & codes. It is considered best practice to
give specific disclosures about the board, internal controls reviews, going concern status and
relations with stakeholders.
 Information on the board and its functioning. Usually seen as the most important corporate
governance disclosure. This concerns the details of all directors including brief biographies, career
information that makes them suitable for their appointment, and information on how the board
operates e.g. frequency of meetings & how performance evaluation is undertaken.
 Non-executive committee reports. A best practice' disclosure includes reports from the non-
executive led committees such as; remuneration - (reporting on rewards awarded to each director
including pension & bonuses), audit, risk and nominations.
 Report on risk management & effectiveness of internal controls. This is provided based on evidence
from the audit committee and provides important information for investors.
 A section on accounting & audit issues to provide maximum transparency to users. This reports on
specific content of who is responsible for the accounts & any issues that arose in their preparation
especially if there have been issues of accounting or auditor failure in the recent past e.g. changes in
accounting standards that may cause changes in reporting, change in a year-end date, cause of a
restatement of the previous accounts.
 A section containing other papers & related matters. Report on related matters appearing to be
trivial e.g. being vital part of the accountability of directors to the shareholders e.g. committees'
terms of reference, AGM matters, NED contract issues, etc.
 Sustainability reporting. This includes the nature and extent of social, transformation, ethical, safety
health and environmental management policies and practices

2.G.8 KING III'S CODE OF GOVERNANCE PRINCIPLES

General information on King Report on Corporate Governance In July 1993 the Institute of Directors in
South Africa asked retired Supreme Court of South Africa judge Mervyn E. King to chair a committee on
corporate governance. The King Report on Corporate Governance is a ground-breaking code of corporate
governance in South Africa issued by the King Committee on Corporate Governance. Four reports have
since been issued in 1994 (King I), 2002 (King il), 2009 (King III), and 2006/7 (King IV). Compliance
with the King Reports is a requirement for companies listed on the Johannesburg Stock Exchange but
optional for other companies.

CPA Page 139

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

Ethical values According to King III Report, the ethics of corporate governance requires all deliberations,
decisions and actions of the board and executive management to be based on the following four (4) ethical
values underpinning good corporate governance:
 Responsibility the board should assume responsibility for the assets and actions of the company and
be willing to take corrective actions to keep the company on a strategic path that is ethical and
sustainable.
 Accountability - the board should be able to justify its decisions & actions to shareholders and other
stakeholders. The organisation and its directors are answerable for the consequences of their
actions. The board of directors is accountable to shareholders. The accountability work is the
responsibility of both parties. The directors are accountable through the quality of information that
they provide whereas shareholders are accountable by using the available mechanisms to query and
assess the actions of the board.
 Fairness - the board should ensure that it gives fair consideration to legitimate interests and
expectations of all stakeholders of the company.
 Transparency - the board should disclose information in a manner that enables stakeholders to make
an informed analysis of company's performance, and sustainability.

Ethical duties King III Report further emphasized that as a steward of the company, each director should
also discharge the following five (5) moral duties:
 Conscience: A director should act with intellectual honesty and independence of mind in the best
interests of the company and all its stakeholders, in accordance with the inclusive stakeholder
approach to corporate governance. Conflicts of interest should be avoided.
 Inclusivity of stakeholders: This is vital to achieving sustainability, legitimate interests &
expectations of stakeholders must be taken into account in decision-making and strategy.
 Competence: A director should have the knowledge and skills required for governing a company
effectively. This competence should be continually developed.
 Commitment: A director should be diligent in performing his duties & devote sufficient time to
company affairs. Ensuring company performance and compliance requires unwavering dedication
and appropriate effort.
 Courage: A director should have the courage to take the risks associated with directing and
controlling a successful, sustainable enterprise, and also the courage to act with integrity in all
board decisions and activities.

Approach (as per King III). Unlike most corporate governance codes like Sarbanes-Oxley, the code is
non-legislative, and is based on principles and practices. It also espouses an ―apply'' or "explain" approach.
The philosophy of the code consists of the three key elements of; leadership, sustainability and good
corporate citizenship. King believes that leaders should direct the company to achieve sustainable
economic, social and environmental performance. It views sustainability as the primary imperative of this
21st century; the code's view on corporate citizenship flows from a company's standing as a juristic person
under the South African constitution and should operate in a sustainable manner.
King III Report (CPA Aug2016 Qn3b, Aug20l8 Qn5a)

CPA Page 140

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

The chairperson of the committee Mervin King, considered King II report was wrong to include
sustainability as a separate chapter, leading companies to report separately from other factors. It's upon this
that the 2009 King III report, governance, strategy and sustainability were integrated. The report
recommends that organisations produce an integrated report in place of an annual financial report, separate
sustainability report, & that companies create sustainability reports according to the Global Reporting
Initiative's Sustainability Reporting Guidelines.

In contrast to the earlier versions, King III is applicable to all entities, public, private and non-profit. King
encourages all entities to adopt the King III principles and explain how these have been applied or are not
applicable. The code of governance was applicable from March 2010. The report incorporated a number of
global emerging governance trends: alternative dispute resolution; risk-based internal audit; shareholder
approval of non-executive directors' remuneration; and evaluation of board & directors' performance. It
also incorporated a number of new principles to address elements not previously included in the King
reports: IT governance; business rescue; and fundamental & affected transactions in terms of director's
responsibilities during mergers, acquisitions and amalgamations.

Governance framework & Application of the Code King III has opted for an apply or explain'
governance framework. Where the board believes it to be in the best interests of the company, it can adopt
a practice different from that recommended in King III, but must explain it. Explaining the different
practice adopted & an acceptable reason for it, results in consistency with King III principles. The
framework recommended by King III is principles-based and there is no 'one size fits all' solution. Entities
are encouraged to tailor the principles of the Code as appropriate to the size, nature and complexity of their
organisation. Therefore, King III applies to all entities regardless of the manner and form of incorporation
or establishment. Principles are drafted on the basis that, if they are adhered to, any entity would have
practiced good governance. It is recommended that all entities disclose which principles and/or practices
they have decided not to apply or explain. This level of disclosure allows stakeholders to comment on and
challenge the board to improve the level of governance within an organisation.

Key Governance Principles - in line with King III Report

 Good governance & Leaders. Good governance is essentially about effective leadership based on
ethical foundation. Leaders need to define strategy, provide direction and establish ethics & values
that influence & guide practices and behaviour with regard to sustainability 'performance.
 Sustainability. This is one the primary moral and economic imperative and it is one of the most
important sources of both opportunities & risks for businesses as per King III. Nature, society, and
business are interconnected in complex ways that heed to be understood by decision makers.
Incremental changes towards sustainability are not sufficient - we need a fundamental shift in the
way companies and directors act and organize themselves.
 Innovation, fairness, & collaboration, these are key aspects of transition to sustainability.
Innovation provides new ways of doing things, including profitable responses to sustainability.
 Fairness is vital because social injustice is unsustainable and collaboration is often a prerequisite for
large-scale change.

CPA Page 141

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

 Social transformation. With social transformation and redress, it's important and needs to be 1
integrated within the broader transition to sustainability. Integrating sustainability and social
"transformation in a strategic and coherent manner will give rise to greater opportunities,
efficiencies and benefits, for both the company and society.

Governance Elements including Roles & Responsibilities

Ethical leadership Corporate Citizenship: Key requirements, (CPA Aug2018 Qn5a)
 The board should ensure that the company is and is seen to be a responsible corporate citizen
through the development and implementation of strategies and polices in relation to economic,
social and environmental impacts.
 Leadership should be effective and based on an ethical foundation.
 The board should ensure that management cultivates a culture of ethical conduct through the
creation of an ethics risk profile, establishment of code of conduct, through integration of ethics
into all company practices, procedures, policies and conduct and through the assessment,
monitoring, reporting and disclosure of the company's ethics performance.
 The assurance of the company's ethics performance supported by an assurance statement in the
integrated report is recommended.

Boards and Directors: Key requirements;

 All companies should be headed by a unitary board comprised of majority of NEDs.
 There should be a minimum of two executive directors on the board - the Chief Executive Officer
(CEO) and the director responsible for the finance function.
 The board chairman should be an independent non-executive director.
 The board should appoint the CEO, who should be separate from the chairman.
 The board should meet as often as required to fulfill their duties, preferably at least four times per
annum.
 The board should appreciate that sustainability is not separate from strategy, risk and performance
& should link long term sustainability to strategy to create business opportunities.
 The board should ensure an effective risk-based internal audit and the integrity of the integrated
report.
 The board should ensure that there is transparent and effective communication with stakeholders on
both positive and negative aspects of the business.
 The board should report on the effectiveness of the company's system of internal controls in the
integrated report.

The following should be disclosed in the integrated report:

• Board & board committee's composition, number of meetings held, attendance & activities
• The length of service and age of directors
• Significant directorships of each board member
• The reasons for the cessation of appointment of directors
• The education, qualification and experience of directors
• Any actual or potential connections or Exposure

CPA Page 142

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

• Whether supervising of management is required in which case retention of board experience should be
called for.
 The board should appoint an audit, risk, and remuneration and nomination committee.
 Board committees, other than the risk committee, should comprise only of board members and
should have a majority of non-executive directors (NEDs). The majority of these NEDs should be
independent. Other than the executive committee which is usually chaired by the CEO, all
committees should be chaired by an independent non-executive director.
 The performance of the board, its committees and individual directors should be assessed annually
and the results thereof should be disclosed in the integrated report, along with actions plans to be
implemented, if any.
 A policy to pay salaries on average above the median requires special justification.
 Non-Executive Director. This is an individual not involved in the management of the company. An
individual in the full-time employment of the holding company is also considered to be a non-
executive director of a subsidiary company unless the individual, by his conduct or executive
authority, is involved in the day-to-day management of the subsidiary.

Note: Independent Non-executive Director is an individual who;

 Is not a representative of a major shareholder who can control or significantly influence management or
the board
 Does not have a material direct or indirect interest in the company/group which:
 Is greater than 5% of the group's total number of shares in issue
 Is less than 5% of the group's total number of shares in issue, but is material to his/her personal
wealth
• Has not been employed by the group or appointed as designated auditor or partner in the group's
external audit firm, or senior legal adviser in the previous 3 financial years
• Is not related (immediate family) to someone who has been employed by the group in an executive
capacity in the, previous 3 financial years
• Is not a professional advisor to the group
• Is free from any other business or relationship that could be a conflict, such as being a director of a
material customer of or supplier to the company
• Does not receive remuneration based on the company's performance
 The memorandum of incorporation should allow the board to remove any director including
executive directors.
 Adopting & implementing policies & procedures of the holding company in the operations of the
subsidiary company should be a matter for the board of the subsidiary company to consider and
approve, if the subsidiary company's board considers it appropriate. The subsidiary company should
disclose this adoption & implementation in its integrated report.
 The retired CEO should not become chairman of the board of the same company until three years
have passed since the end of his/her tenure as an executive director and an assessment of his/her
independence has been performed.
 The remuneration of each individual director and the three most highly paid employees who are not
directors of the company should be disclosed.

CPA Page 143

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

 Every year, the chairman and the board should evaluate the independence of independent
nonexecutive directors. The classification of directors in the integrated report as independent should
be done on the basis of this assessment.
 If an independent non-executive director has served on the board for more than nine years, the
board should assess if his/her independence has been impaired. If not, a statement that the
independent director's independence of character and judgment has not been affected or impaired
should be included in the integrated report.
 The integrated report should disclose any external advisers who regularly attend or are invited to
attend committee meetings.

Audit Committees: Key requirements;

 The board should ensure that an effective and independent committee consisting of at least three
members established that complies with the Companies Act requirements in terms of appointment
and membership.
 The audit committee should be chaired by an/independent non-executive director of and not the
board chairman.
 The board chairman should not be an audit committee member, but may attend meetings by
invitation
 Audit committee members should collectively have an understanding of integrated reporting
(including financial reporting), internal financial controls, the external and internal audit process,
corporate law, management, sustainability issues, information technology governance and the
governance processes within the company.
 The audit committee is responsible for the oversight of integrated reporting, internal audit and
external audit and should determine annually whether the expertise, resources and experience of the
finance function is appropriate.
 The audit committee should recommend to the board to engage an external assurance provider to
provide assurance over material elements of the sustainability part of the integrated report. The
audit 'committee should evaluate the independence and credentials of the external assurance
provider.
 The audit committee should ensure that a combined assurance model is applied to provide a
coordinated approach to all assurance activities.
 The audit committee must recommend to shareholders the appointment, reappointment and removal
of external auditors. For listed companies, the audit committee should ensure that the external
auditor that is recommended is approved by the JSE.
 The audit committee must develop a policy for board approval as to the nature, extent and terms
under which the external auditor may perform non-audit services.
 Regardless of whether the audit committee has been assigned responsibility by the board for the
oversight of risk management, it should satisfy itself that financial reporting risks, internal financial
controls and fraud and IT risks as they relate to financial reporting have been appropriately
addressed.
 The audit committee should evaluate the nature and extent of a formal documented review of
internal financial controls to be performed by internal audit. The audit committee must conclude

CPA Page 144

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

and report yearly to the board and stakeholders on the effectiveness of the company's internal
financial controls.

The Governance of Risk: Key requirements;

The board is ultimately responsible for the governance of risk and is required to approve the risk
management policy and plan.
Risk tolerance and Risk appetite limits should be set and monitored by the board.
Execution of the risk strategy should be delegated to management and an experience Chief Risk Officer
(CRO) can assist with this. However, ownership cannot reside in one person or function. Risk management
has to be embedded into company's day-to-day operations
The board should appoint a risk committee or it may be assigned to the audit committee. The risk
committee should comprise a minimum of three members (non-exec and exec) and the committees
responsibilities should be defined in its terms of reference.
The board should disclose its views on the effectiveness of the company's risk management in the
integrated report. Furthermore it should include undue, unexpected or unusual risks it has taken in the
pursuit of reward as well as any material losses and the causes of the losses, with due regard to the
company's commercially privileged information.

The Governance of Information Technology: Key requirements;

 Information Technology (IT) governance should be part of a company's governance structures and
responsibility rests with the board.
 The board should ensure that the company's IT strategy is integrated with overall business strategy
& processes. IT should be leveraged to improve the performance and sustainability.
 The board should delegate to management the responsibility of implementing an IT % governance
framework. The CEO should appoint a person responsible for the management of IT, i.e. Chief
Information Officer (CIO). The CIO should be a suitable qualified and experienced person that has
access to regularly interact on strategic IT matters.
 The board should monitor and evaluate significant IT investments and expenditure. This eludes
monitoring the value delivery of IT and the ROI of significant IT projects. In addition, independent
assurance should be obtained on the IT governance practices of IT services outsourced to a third
party.
 IT should form an integral part of the company's risk management practices and management
should regularly demonstrate to the board that adequate business resilience arrangements are in
place for disaster recovery. In addition, the board is responsible for ensuring that the company
complies with relevant IT laws, rules, codes and standards.
 It is the board's responsibility to ensure that information assets are managed effectively. This
includes information security, information management and information privacy.
 The risk & audit committee should assist the board in carrying out its IT responsibilities. Risk
committee should ensure and obtain assurance that IT risks are adequately addressed.
 The audit committee should consider IT risks as it relates to financial reporting and the going
concern of the company. In addition, technology should be used to improve audit coverage and
efficiency.

CPA Page 145

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

Compliance with Laws, Codes, Rules & Standards: Key requirements;

 Compliance should be part of the risk management process, the culture of the company and the
detailed policies and procedures.
 The structure, size, role and reporting line of the compliance function should be considered to
ensure that it is appropriate for the company and should reflect the company's decision on how
compliance is integrated with its ethics and risk management.
 Compliance is a board responsibility and should be a standing agenda item.
 The board should disclose in the integrated report how it has discharged its responsibility to ensure
the establishment of an effective compliance framework and process.
Internal Audit: Key requirements;
 Companies should establish and maintain an effective internal audit function and if the board
decides not to establish an internal audit function, full reasons should be provided in the company's
integrated report.
 As part of its key responsibilities, internal audit is required to evaluate the company's governance
processes including ethics, especially "tone at the top".
 Where outsourcing of the internal audit function is selected, a senior executive or director should be
responsible for the effective functioning of the internal audit activities.
 Internal audit should adopt a risk based approach and should be informed by and aligned to the
strategy of the company.
 Internal audit, as a significant role player in the governance process, should contribute to the effort
to achieve strategic objectives and should provide effective challenge to all aspects of the
governance, risk management and internal control environment.
 An internal audit function should consider risks that may prevent or slow down realisation of
strategic goals & opportunities that will promote the realisation of strategic goals.
 The audit committee should ensure the internal audit function is subject to an independent quality
assurance review in line with the MA standards.
 The Chief Audit Executive (CAE) should develop a sound working relationship with the audit
committee by positioning internal audit as a trusted strategic adviser to the audit committee.
Governing Stakeholder Relationships: Key requirements; (CPA Aug20l8 Qn5a)
 Management should develop for adoption by the board a stakeholder management strategy and
policy.
 Communication With stakeholders should be transparent, simple language, understandable, and in
accordance with a responsible communication programme adopted by the board.
 A company should consider disclosing in its integrated report number & reasons for refusals of
requests for information lodged in terms of Promotion of Access to Information Act, 2000.
 The board should ensure that internal and external disputes are resolved efficiently and effectively.
Arbitration, mediation and conciliation are dispute resolution processes that the board can consider
as alternatives to formal legal proceedings in court.
Integrated Reporting & Disclosure: Key requirements; (CPA Aug2018 Qn5a)
 Companies should report annually, through an integrated report, on the operations of the company,
the sustainability issues affecting the business, the financial results, and the results of its operations
and cash flows. The report should be complete! timely, relevant, accurate, honest and accessible

CPA Page 146

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

and comparable with the company's past performance and should cover both positive and negative
aspects of the company's impacts on stakeholders.
 The annual financial statements should be included in the integrated report.
 While a truly integrated report should be presented in one document, it can be presented in more
than one document. However, if this is done, the documents should be made available at the same
time and disclosed as an integrated report.
 Sustainability reporting should be independently assured.
 The scope of assurance should be agreed and disclosed.
 The International Standard on Assurance Engagements (ISAE 3000) should be used to provide
assurance over sustainability information.
The Company Secretary (& his/her Role) (CPAMay2013 Qn4c)
 The company secretary should assist the nomination committee and ensure that the procedure for
the appointment of directors is properly carried out.
 The company secretary should assist in the proper induction, orientation, ongoing training and
education of directors, including assessing the "specific training needs of directors and executive
management in their fiduciary and other governance responsibilities.
 The individual directors, and the board collectively, should look to the company secretary for
guidance on their responsibilities and duties and how such responsibilities and duties should be
properly discharged in the best interests of the company.
 The company secretary should provide a central source of guidance & advice to the board, and
within the company, on matters of good governance and of changes in legislation.
 The company secretary should have a direct channel of communication to the chairman and should
be available to provide comprehensive practical support and guidance to directors, with particular
emphasis on supporting the non-executive directors, the chairman of the board and the chairman of
committees and the audit committee.
 The company secretary should ensure that the board and board committee charters and terms of
reference are kept up to date.
 The company secretary should be responsible for ensuring the proper compilation and timely
circulation of board papers and for assisting the chairman of the board and committees with
"grafting of yearly work plans.
 The company secretaries have the duty to obtain appropriate responses and feedback to specific
agenda items and matters arising from earlier meetings in board and board committee deliberations.
The company secretary's role should also be to raise matters that may warrant the attention of the
board.
 The company secretary should ensure that the proceedings of board and committee meetings are
properly recorded & that minutes of meetings are circulated to directors in a timely manner, after
the approval of chairman of the board or relevant board committee.
 The company secretary should assist the board with the yearly evaluation of the board, its
individual directors and senior management.

2.G.9 KING IV REPORT ON CORPORATE GOVERNANCE

Meaning of Corporate Governance as per King IV

CPA Page 147

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

Corporate governance is defined as the exercise of ethical and effective leadership by the governing body
towards the achievement of the following governance outcomes; ethical culture, good performance,
effective control, and legitimacy.
King IV Outstanding New Requirements (key take-outs)
King Committee published King IV Report on Corporate Governance for South Africa 2016 (King IV) on
1 November 2016. King IV is effective in respect of financial years commencing on/after 1 April 2017.
King IV replaces King III in its entirety. However, contents are similar except for the following key take-
outs:
(i) While King III called on companies to apply or explain, King IV assumes application of all principles,
and requires entities to explain how the principles are applied. Thus, King IV requires both apply and
explain, rather than apply explain
(ii) King IV is now principle and outcomes-based rather than rules-based
(iii) Corporate governance should be concerned with ethical leadership, attitude, mindset and
behaviour
(iv) the focus is on transparency and targeted, well-considered disclosures
(v) Remuneration receives far greater prominence, in line with international developments
(vi) King IV recognizes information in isolation of technology as a corporate asset that is part of the
company's stock of intellectual capital and confirms the need for governance structures to protect and
enhance this asset
(vii) There is a new emphasis on the roles and responsibilities of stakeholders
King IV Approach and Application
Unlike most corporate governance codes, the code is non-legislative, and is based on principles &
practices. The Code is principle & outcomes-based rather than rules-based. It also espouses an "apply" and
"explain" approach.

The philosophy of the code consists of the 5 key elements (fundamental concepts); sustainable
development (development that meets the needs of the present without compromising the ability of the
future to meet their needs in a primary ethical & economic imperative), integrated thinking (the active
consideration by an organisation of the relationships between its various operating and functional units and
capitals that the organisation uses or affects), corporate citizenship .(the organisation as an integral part of
the broader society in which it operates and accepting that the society is the licensor of the organisation,
CPA June20l3 Qnle), stakeholder inclusiveness involving all stakeholders and taking advantage of the
relationship between the organisation with stakeholders to create value), and .integrated reporting (a
process founded on integrated thinking that results in a periodic integrated report by an organisation about
value creation over time.

King IV refers to "triple context" or combined context of the economy, society & environment in which the
organisation operates. Integrated report is a concise communication about how an organization’s strategy,
governance, performance, and prospects, in the context of its external environment, lead to the creation of
value in the short, medium, and long-term. The triple context is portrayed by the forms of "six-capital
model" that the organisation uses which include; financial, manufactured, intellectual, human, social &
relationship, and natural capitals.

CPA Page 148

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

King IV Principles & Recommended Practices

Part 1: Leadership, Ethics and Corporate Citizenship
1.1. Leadership
Principle 1: The governing body should lead ethically and effectively
Recommended practices;
 Members of the governing body should individually and collectively cultivate the following
characteristics and exhibit them in their conduct; integrity, competence, responsibility,
accountability, fairness and transparency.
1.2 Organisational ethics
Principle 2: The governing body should govern the ethics of the organisation in a way that supports the
establishment of an ethical culture.
Recommended practices;
The governing body should assume responsibility, and should approve codes of conduct and ethics policies
that articulate and give effect to its direction on organisational ethics.
1.3 Responsible corporate citizenship
Principle 3: The governing body should ensure that the organisation is and is seen to be a responsible
corporate citizen
Recommended practices;
The governing body should assume responsibility for corporate citizenship by setting the direction for how
it should be approached and addressed by the organisation. Responsible corporate citizenship efforts
include; compliance with constitution, relevant laws, standards, and own codes of conduct & policies.
Part 2: Strategy, Performance, and Reporting
2.1 Strategy and Performance
Principle 4: The governing body should appreciate that the organization’s core purpose, its risks, and
opportunities, strategy, business model, performance and sustainable development are all inseparable
elements of the value creation process.
Recommended practices;
The governing body should assume responsibility for organisational performance by steering and setting
the direction for the realization of the organization’s core purpose and values through its strategy, via
delegation to management the formulation & development of short, medium or long-term strategies
2.2 Reporting
Principle 5: The governing body should ensure that reports issued by the organisation enable stakeholders
to make informed assessments of the organization’s performance and its short, medium, or long-term
projects.
Recommended practices;
The governing body should assume responsibility for the organization’s reporting by setting the direction
for how it should be approached and conducted, via approving management's determination of the
reporting framework including reporting standards.
Part 3: Governing Structures and Delegation
3.1 Primary roles and responsibilities of the governing body

CPA Page 149

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

Principle: The governing body should serve as the focal point and custodian of corporate governance in the
organisation.
Recommended practices;
The governing body should exercise its leadership role; have a charter; approve a protocol for it, its
committees and members to get professional advice; approve a protocol for non-executive members to get
documentation and meetings with management, including disclosure of the number of its meetings and
attendance thereof, whether it is satisfied that it has discharged its responsibilities in relation to its charter.
3. 2 Composition of the governing body
Principle 7: The governing body should comprise the "appropriate balance of knowledge, skills,
experience, diversity and independence for it to discharge its governance role and responsibilities
objectively and effectively.
Recommended practices;
Consider an appropriate size for itself, with reference to the optimal mix of knowledge, skills, experience,
diversity, independence (executive, non-executive & independent non-executive members), sufficiency in
committee numbers, quorum requirements, regulatory requirements and diversity targets. It should
comprise of a majority of non-executive members, most of whom should be independent. Appoint as a
minimum the independent CEO and one other lead independent non-executive member. Obtain annually
(or whenever there is significant change) from each member a declaration of all interests and related
parties.
3.3 Committees of the governing body
Principle 8: Ensure that its arrangements for delegation within its own structures promote independent
judgment, and assist with balance of power and the effective discharge of its duties.
Recommended practices;
 General: The governing body should determine if and when to delegate particular roles and
responsibilities to individual member, members of the governing body, standing or ad-hoc
committees - or else, it assumes all responsibilities.
 Audit Committee: Must in terms of law establish an audit committee for certain organisations
especially those that issue audited financial statements.
 Committee responsible for nominations of members of governing body: Consider allocating
oversight of nomination, election and appointment process of members, succession planning and
performance evaluations to a dedicated committee or another appropriate committee.
 Committee responsible for risk governance: Consider allocating oversight of risk governance to a
dedicated committee or another appropriate committee.
 Committee responsible for remuneration: Consider allocating oversight of remuneration governance
to a dedicated committee or another appropriate committee.
 Social and ethics committee: Must in terms of law establish a social and ethics committee for
certain organisations, and should consider establishing one where not law, to have oversight of and
report on organisational ethics, corporate citizenship, sustainable development and stakeholder
relationships or add this to another appropriate committee.
3.4 Evaluation of the performance of the governing body

CPA Page 150

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

Principle 9: The governing body should ensure that the evaluation of its own performance and that of its
committees, its chair and its individual members, support continued improvement in its performance and
effectiveness.
Recommended practices;
The governing body should assume performance evaluation responsibility of itself, its committees, its chair
and individual members, via ensuring that every two years an externally facilitated performance evaluation
(or one not in accordance with approved methodology of the governing body) is conducted on itself, its
committees, its chair and individual members; and every alternate year reflect on the performance of itself,
its committee, its chair and its members as a whole.
3.5 Appointment and delegation to management
Principle 10: The governing body should ensure that the appointment of, and delegation to, management
contribute to role clarity and the effective exercise of authority and responsibilities.
Recommended practices;
CEO appointment and role: Appoint the CEO, who should be responsible to lead strategy implementation,
report to the governing body & agree membership of other governing bodies
Delegation: Reserve certain powers and matters to its self and set those powers and matters to be delegated
to management via the CEO, and approve delegation of authority framework including authority to appoint
ex-official executive members and management.
Professional corporate governance services to the governing body: Ensure that it has access to professional
and independent guidance on legal and corporate governance matters and for the functioning of it and its
committees.
Part 4: Governance Functional Areas
4.1 Risk governance
Principle 11: The governing body should govern risk in a way that supports the organisation in setting and
achieving its strategic objectives.
Recommended practices;
Assume responsibility, set the approach for risk governance, including opportunities and risks when
developing strategy and the potential positive and negative effects of the same risk on the achievement of
objectives. Delegate implementation but oversee risk management. Treat risk as integral part of decision-
making and adherence to duties, approve risk policy, evaluate and agree the risks it is prepared to take (i.e.
risk appetite and risk tolerance levels).

4.2 Technology and information governance Principle 12: The governing body should govern technology
and information in a way that supports the organisation setting and achieving its strategic objectives.

Recommended practices;
Assume responsibility, set the approach and approve the policy for technology & information governance
(plus adoption of appropriate frameworks & standards). Delegate to management implementation but
oversee results of management's implementation (including integration, business resilience, monitoring for
responsiveness to cyber security and social media risks, 3rd-party and outsourced service provider risks,
value delivered from technology investments and projects, protection of privacy, disposal of obsolete

CPA Page 151

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

technology and information, ethical and responsible use and compliance with laws pertaining entity's
information technology).

4.3 Compliance governance Principle 13: The governing body should govern compliance with applicable
laws and adopted, non-binding rules, codes and standards in a way that supports the organisation being
ethical and a good corporate citizen.
Recommended practices;
Approve policy that directs compliance, direct the governance of compliance to laws, adopted non-binding
rules, codes & standards. Delegate to management but oversee implementation.

4.4 Remuneration governance

Principle 14: The governing body should ensure that the organisation remunerates fairly, responsibly and
transparently so as to promote the achievement of strategic objectives and positive outcomes in the short,
medium and long term.
Recommended practices;
 Remuneration policy: Assume responsibility for governance of remuneration; by setting the
direction and approach for organization’s remuneration, by designing/approving remuneration
policy that aspires to fairness, responsibility and transparency aimed at attracting & retaining
human capital, promote achievement of strategic objectives, positive outcomes, an ethical culture
and responsible corporate citizenship.
 Remuneration report: Disclose the remuneration report in three parts; background statement, main
policy provisions (overview), and an implementation report of all remuneration to members and
executive management.
 Voting on remuneration: For companies, comply with the Companies Act provisions relating to
shareholder special resolution approval every two years for non-executive members, record voting
results at the AGM, and measures taken to address dissenting votes where they are 25% or more
against the policy and/or the implementation report.

4.5 Assurance
Principle 15: The governing body should ensure that assurance services and functions enable an effective
control environment, and that these support the integrity of information for internal decision-making and of
the organization’s external reports.
Recommended practices;
 Combined Assurance: Assume assurance responsibility by setting the direction concerning
assurance services and functions, via delegating oversight role to audit committee to ensure an
effective internal control environment, integrity of information for management decision making
and external reporting.
 Assurance of external reports: Assume responsibility for the integrity of external reports by setting
the direction on approach e.g. directing how assurance of external reports should be done taking
account of legal requirements as well as whether assurance is provided over the underlying data or
the process of preparing and reporting or both, suitability of the assurance, specifications for
evaluating the contents of the report.
CPA Page 152

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

 Internal audit: Assume responsibility, direct internal audit, delegate oversight to the audit
committee, approve an internal audit charter and ensure internal audit has sufficient and adequate
skills, including supplementary specialists.

Part 5: Stakeholder Relationships

5.1 Stakeholders
Principle 16: In the execution of its governance role & responsibilities, the governing body should adopt a
stakeholder-inclusive approach that balances the needs, interests and expectations of material stakeholders
in the best interests of the organisation over time.

Recommended practices;
 Stakeholders' relationships: assume responsibility, direct stakeholder approach and approve policies
to this effect. Delegate but oversee mgt of stakeholder relationships including methodology for
identification of material stakeholders, stakeholder risk, formal mechanisms for engagement and
communication, and measurement of quality of stakeholder engagement.
 Shareholder relationships: In the case of a company that has shareholders, oversee that there is
encouragement of proactive shareholder engagements, ensure equal treatment of all shareholders
including protecting interests of minority, and ensure that all directors are available at the AGM,
that the external audit partner is at the AGM and that the minutes of the AGM of listed companies
are made publically available.
 Relationships within a group of companies: In the case of a holding company, direct the group
relationships and power and approve a group governance framework that does not contain any
conflicts, ensure that the subsidiary company board are included in developing the group
governance framework, and ensure that there is recognition of the subsidiary as a separate person to
whom the subsidiary board owes fiduciary duties
5.2 Responsibilities of institutional investors
Principle 17: The governing body of an institutional investor organisation should ensure that responsible
investment is practiced by the organisation to promote the good governance and the creation of value by
the companies in which it invests.
Recommended practices;
The governing body of an institutional investor should assume responsibility for governing responsible
investing by setting direction for how it should be approached (how responsible investing will take place),
via approving policy for responsible investing, oversee delegation to management and/or outsource
manager for implementation of responsible investing policy.
What should be disclosed on the application of King IV?
Specific disclosure recommendations are included under each principle of the King IV Code. These
recommendations are intended as guidance and a starting point for disclosure on the particular principle.
The detail of information to be provided in the narrative should be guided by materiality, and should enable
stakeholders to make an informed assessment of the quality of the organization’s governance. There is no
need to disclose whether each practice has been implemented or not, & no need to disclose against the
outcomes, as it can be left to the user to draw inferences from the narrative provided.

CPA Page 153

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

Where should King IV disclosure be made?

The governing body has the discretion to determine where the King IV disclosures will be made e.g. in the
integrated report, sustainability report, social and ethics committee report, or other online or printed
information or reports. The governing body may also choose to disclose its application of King IV in more
than one of these reports. Group companies should also make use of cross-referencing to avoid duplicate
disclosures. King IV disclosure should be updated at least annually, formally approved by governing body
& be publicized.

Roadmap to disclosure on the application of King IV

has been carried out under auspices of OECD Corporate Governance Committee with all G20 countries
invited to participate in the review on an equal footing with OECD Member countries, including; experts
from key international institutions, notably Basel Committee, Financial Stability Board (FSB), & World
Bank Group.
The Principles are intended to help policy makers evaluate and improve the legal, regulatory, &
institutional framework for corporate governance, with a view to support economic efficiency, sustainable
growth and financial stability. This is primarily achieved by providing shareholders, board members and
executives as well as financial intermediaries and service providers with the right incentives to perform
their roles within a framework of checks and balances.
The Principles provide, recommendations for national policymakers on shareholder rights, executive
remuneration, financial disclosure the behaviours of institutional investors and how stock markets should
function: I he Principles are non-binding, they are intended to "provide a robust but flexible reference for
policy makers and market participants to develop their own frameworks for corporate governance". OECD
Principles provide guidance via recommendations and annotations across six areas; (CPA Nov2018 Qn2a, iii)
Principle 1. Ensuring the basis for an effective corporate governance framework. The corporate
governance framework should promote transparent, fair markets, & efficient allocation of resources, & role
of stock markets in supporting good corporate governance. It should be consistent with the rule of law and
support effective supervision and enforcement.

CPA Page 154

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

Principle 2. The rights & equitable treatment of shareholders and key ownership functions The corporate
governance framework should protect & facilitate the exercise of shareholders' rights, deals with disclosure
of control structures e.g. different voting rights, and ensure the equitable treatment of all shareholders,
including minority and foreign shareholders. All shareholders should have the opportunity to obtain
effective redress for violation of their rights.
Principle 3. Institutional investors, stock markets and other intermediaries The corporate governance
framework should provide sound incentives throughout the investment chain, with a particular focus on
institutional investors acting in a fiduciary capacity, & provide for stock markets (including stock border
listing) to function in a way that contributes to good corporate governance. It also highlights the need to
disclose and minimize conflicts of interest that may compromise the integrity of proxy advisors, analysts,
brokers, rating agencies and others that provide analysis and advice that is relevant to investors.
Principle 4. The role of stakeholders in corporate governance
The corporate governance framework should recognise the rights of stakeholders established by law or via
mutual agreements. It also encourages active co-operation between corporations & stakeholders in creating
wealth, jobs, and the sustainability of financially sound enterprises. It equally supports stakeholders' access
to information on a timely & regular basis, and their rights to obtain redress for violations of their rights.
Principle 5: Disclosure & transparency
The corporate governance framework should ensure that timely & accurate disclosure is made on all
material matters regarding the corporation, including the financial situation, performance, ownership, and
governance of the company. Key areas of disclosure are; financial & operating results, company objectives,
major share ownership, remuneration, related party transactions, risk factors, board members, etc.
Principle 6: The responsibilities of the board
The corporate governance framework should ensure the strategic guidance of the company, the effective
monitoring of management by the board, and the board's accountability to the company and the
shareholders. It identifies key functions of the board of directors including; the review of corporate
strategy, selecting & compensating management, overseeing major corporate acquisitions & divestitures,
risk management, tax planning and internal audit, and ensuring the integrity of the corporation's accounting
& financial reporting systems.
2.G.11 THE SARBANES-OXLEY ACT
Following a number of corporate and accounting scandals in the USA, Congress passed the Sarbanes-
Oxley Act 2002 (Sarbanes-Oxley). Sarbanes-Oxley established new standards for corporate accountability
in the USA. Sarbanes-Oxley Act of 2002 (SOX) is an act passed by U.S. Congress in 2002 to protect
investors from possibility of fraudulent accounting activities by corporations. The Sarbanes-Oxley Act
(SOX) mandated strict reforms to improve financial disclosures from corporations and prevent accounting
fraud. SOX was enacted in response to the accounting scandals in the early 2000s e.g. Enron, Tyco, &
WorldCom, which shook investor confidence in financial statements and required an overhaul of regulatory
standards.
Rules & enforcement policies outlined by SOX Act amend or supplement existing legislation dealing with
security regulations. The two key provisions of the Sarbanes-Oxley Act are:
i) Section 302: A mandate that requires senior management to certify the accuracy of the reported financial
statement.

CPA Page 155

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

ii) Section 404: A requirement that management & auditors establish internal contraband / methods on
adequacy of those controls. Section 404 had very costly implications for publicly traded companies as it is
expensive to establish and maintain internal controls.
The Sarbanes-Oxley Code of Ethics (CPA Jun20I7 Qnb). Any company that formulates its Code of
Ethics based on a Sarbanes-Oxley recommendations needs to focus around 7 policies
(i) Code of conduct
(ii) Company assets and proprietary information
(iii) External communications to investors & media, speaking engagements & publications
(iv) Political contributions
(v) Preventing corrupt practices and maintaining standards of documentation
(vi) Risk management and legal compliance
(vii) Share dealing s
2.G.12 ROLE OF BOARD OF DIRECTORS IN CORPORATE GOVERNANCE - EXECUTIVES &
NON-EXECUTIVES
Role of Board of Directors in Corporate Governance (CPA MM Ma)
As per Uganda's Companies Act, the board is responsible to;
(a) provide strategic direction
(b) retain full and effective control
(c) comply with laws and regulations
(d) define levels of materiality
(e) delegate certain powers to management
(f) if material, reserve powers to itself
(g) have access to company information and records
(h) agree on a procedure to allow directors to obtain independent professional advice
(i) decide on the number of directors required to make the board effective
(j) identify and monitor key risk and key performance areas
(k) identify and monitor non-financial aspects
(l) record facts and assumptions which lead it to conclude that the business will be a going concern in the
next financial year and if not state what steps it is taking
(m) explain the effect of all proposed resolutions to be passed at shareholders meetings;
(n) encourage shareowners to attend general meetings
(o) ensure that the chairperson of the audit and remuneration committee & as many directors as possible
attend shareholders' meetings
(p) provide curriculum vitaes of all directors who are to be appointed
(q) have a board charter setting out its responsibilities which shall be published in the annual report and
should, at least, make the board responsible for;
(i) strategic plans
(ii) monitoring operational performance
(iii) monitoring performance of management
(iv) determining policies and procedures
(v) risk management
(vi) internal controls

CPA Page 156

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

(vii) communications policy

(viii) director selection
(ix) induction of directors, &
(x) evaluation of directors.
(r) determine a balance between governance constraints and entrepreneurial performance
(s) review major plans of action
(t) review and guide annual budget and business plans of the company
(u) oversee major capital expenditures, acquisitions and divestiture
(v) ensure formal and transparent board nominations and elections
(w) ensure the integrity of the company's accounting and financial reporting systems, &
(x) oversee the process of disclosure and communication.
Role of Non-Executive Directors (NEDs) In Corporate Governance (CPA Jun2011 Qn1b)
Non-executive directors (NEDs) have no executive (managerial) responsibilities. NEDs should provide a
balancing influence, & play a key role in reducing conflicts of interest between management (plus
executive directors) & shareholders. They should provide reassurance to shareholders particularly
institutional shareholders that management is acting in the interests of the organization. Key roles of NEDs
(CPA Aug2016 Qn3c)
 Strategy. NEDs should contribute to, and challenge the direction of strategy.
 Scrutiny. NEDs should scrutinize the performance of executive management in meeting goals &
objectives, and monitor the reporting of performance. They should represent shareholders' interests
to ensure agency issues don't arise to reduce shareholder value.
 Risk management. NEDs should satisfy themselves that financial information is accurate and that
financial controls and systems of risk management are robust.
 People. NEDs are responsible for; determining appropriate levels of remuneration for executives,
appointment & removal of senior managers, and in succession planning.
Note: Safeguards to ensure Independence of NEDs, (CPAAug2015 Qn6b)
 Non-executive directors should have no business, financial or other connection with the company,
apart from fees and shareholdings.
 Prohibit cross-directorships. This is where an executive director of company A is a non-executive
director of company B, and an executive director of company B is a non-executive director of
company A. It creates threat to independence. This is often increased by cross-shareholdings. The
problem is that non-executive directors will sit in judgment on executive directors when for
example they consider their remuneration. Having one director sit in judgment on another who in
turn is sitting in judgment on him is an obvious conflict of interest, with directors being concerned
with their own interests rather than shareholders.
 Restrict them from share options schemes pensionable services. NEDs should not take part in share
option schemes and their service should not be pensionable, to maintain their independent status
and independence decision making.
 Enforce non-automatic term limits. Appointments for NEDs should be for a specified term and
reappointment should not be automatic. The board as a whole or its delegated committee, should
decide on their nomination and selection.

CPA Page 157

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

 Have clear policies esp involving expenses incurred by NEDs. Procedures should exist where by
non-executive directors may take independent advice, at company's expense if necessary.
Advantages of Non-Executive Directors (NEDs), (CPA Nov2012 Qn4)
 Offer wider perspective. NEDs may have external experience and knowledge which executive
directors do not possess. The experience they bring can be in many different fields. They may be
executive directors of other companies.
 They've seen it all before. A NED is an experienced business person who has probably helped a
number of companies find their feet or survive through some tough times. There will not be many
things that a NED has not experienced and dealt with before.
 Comfort of third parties especially .shareholders. Good NED is often a comfort factor for third
parties such as investors or creditors.
 NEDs are trusted by many stakeholders. There are certain roles NEDs are well suited to play;
father-confessor (being a confidant for the chairman and other directors), 'oil-can' (intervening to
make the board run more effectively) and acting as 'high-sheriff (if necessary taking steps to
remove the chairman of CEO). Dual nature of the NED's role. NED are full board members who are
expected to have the level of knowledge that full board membership implies.
 They enforce independence. NEDs are meant to provide strong independent element on the board.
They should ably assess the remuneration of EDs when serving on the remuneration committee &
ably discuss with auditors about company's affairs on audit committee.
 They are not afraid to be honest. Because NEDs are experts who don't work with management day
to day, don't engage in office politics, and retain their independence, they are able to offer unbiased,
constructive criticism at all times.
 Fulfillment of the requirement of corporate governance. Appointing NED ensures compliance with
corporate governance regulations or codes.
 Improved board conduct, by reducing Board conflict during the meetings, and strengthens the
Board through strategic input. They additionally help to identify key issues and prevent wasting
time while discussing items not agenda or conversions which are sidetracked.
 NEDs help to increase company's connections. The most successful businesses are connected.
Networking involves making-great connections and keeping them.
 NEDs help to look at the big picture. They have no interest in the day to day running of the
company
 Are targets being met? Who is growing competition, and what are the plans to keep ahead?
 Raise company profile and they bring out the best. A good board is one with a broad range of
personalities, strengths and experiences, possessed by a NED.

Difficulties Connected (CPAJun20ll Qn1bi,; Nov2012 Qn4)

 In many organisations, NEDs may lack independence. There are in practice a number of ways in
which NED can be linked a company, as suppliers or customers for example.
 There may be a prejudice in certain companies against widening recruitment of NED to include
people proposed other than by the board or to include stakeholder representatives.

CPA Page 158

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

 High-calibre NED may gravitate / go towards the best-run companies, rather than companies which
are more in heed of in need of input from good non-executives.
 NED may have difficulty imposing their views to the board. It's easy to dismiss NED's views as
irrelevant to the company's needs. Thus, NED needs good persuasive skills to influence EDs.
 Not enough emphasis is given to the role of NED, in preventing trouble, in warning early on of
potential problems. Contra-wise, when trouble does arise NED, may be expected to play a major
role in rescuing the situation, which they may not be able to do.
 NED have limited time to fully execute their role, to act as NED, contribute as knowledgeable
members of the full board, fulfill their legal tasks as directors, and serve on board committees.
 Some NEDs can damage company's performance, by weakening board unity and stifling
entrepreneurship. It's said that boards are often expanded for political reasons, to include
stakeholder representatives with concerns other than maximization of financial performance.
2.G.13 ROLE OF CHAIRMAN BOARD & CHIEF EXECUTIVE OFFICER IN CORPORATE GOVERNANCE
Role of Chairman Hoard in Corporate Governance - roles & responsibilities; (CPAJun2013 Qn6a)
 He or she is responsible for ensuring the boards effectiveness as a unit, in the service of the f
shareholders - being the leader of the board of directors in a private or public company
 Setting the board's agenda & ensuring that board meetings take place on a regular basis
 Representing the company to investors and other outside stakeholders/constituents. He or she is
often the 'public face' of the organisation.
 Communication with shareholders. This occurs in a statutory sense in the annual report (where, in
many jurisdictions, the chairman must write to shareholders each year in the form of a chairman's
statement) and at annual and extraordinary general meetings.
 Ensuring that directors receive relevant information in advance of meetings for discussions and
decisions to be made by directors fully appraised of the situation under discussion.
 His/her role extends to coordinating the contributions of non-executive directors and facilitating
good relationships between executive and non-executive directors.
Role of Chief Executive Officer (CEO) in Corporate Governance (CPAJun20ll Qn1c: May2019Qn4c)
CEO leads management team at & reports to board. In line with Code of Corporate Governance, there
should be a division of responsibilities between Chief Executive Officer (CEO) and Board Chairperson
(heads the board of directors & reports to shareholders) to ensure no one has unfettered (unregulated)
power or authority. CEO's performance is expected to be evaluated by board chairperson or delegated sub-
committee, not less than once a year. Key roles are;
 Responsible for implementing Board corporate decisions and there should be a clear flow of
information between management and the Board in order to facilitate both quantitative and
qualitative evaluation and appraisal of the company's performance.
 Undertake a primary responsibility of organizing information necessary for the Board to deal with
and for providing necessary information to the Directors on a timely basis.
 Obliged to provide such necessary quality information to the Board in the discharge of the f
Board's business.

2.G.14 ROLE OF COMPANY SECRETARY, ACCOUNTANT & AUDIT COMMITTEE IN CORPORATE

GOVERNANCE
Role of Company secretary in Corporate Governance (CPA May20l9 Qn4c)
CPA Page 159

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

As per the Companies Act, the company secretary shall be empowered by the board to enable him/her
properly perform his/her duties, who shall;
 provide directors individually and collectively with detailed guidance on discharging their
responsibilities
 shall induct or participate in the induction of directors
 assist the chairperson and the chief executive officer in setting the annual board plan, &
 administer other strategic board level matters
 provide a central source of guidance on ethics and good governance
 be subject to a fit and proper test, as also directors.
Role of an Accountant in Corporate Governance
Roles performed by accountants (CPAs) can broadly be classified; creators, enablers, preservers, and
reporters of sustainable value for their organizations. It's recognized that CPAs operate in both performance
& conformance dimensions which cover corporate governance as delineated;
 Creators of value. Accountants take leadership roles in the design and implementation of strategies,
policies, plans, structures, and governance measures that set the course for delivering sustainable
value creation.
 Enablers of value. Accountants inform and guide managerial and operational decision making and
implementation of strategy for achieving sustainable value creation, and the planning, monitoring,
and improvement of supporting processes.
 Preservers of value. Accountants ensure the protection of a sustainable value creation strategy
against strategic, operational, and financial risks, and ensuring compliance with regulations,
standards, and good practices.
 Reporters of value. Accountants enable the transparent communication of the delivery of
sustainable value to stakeholders.
Role of Audit Committee in Corporate Governance - Roles & responsibilities; (CPAJun20l2 Qn6c)
 Oversight of the external auditor. This includes; approval for change of external auditor, review
external auditor's opinion on the entity's annual financial statements, ensure the external auditor is
independent, and the statutory auditor reports to the audit committee on key matters arising from
the statutory audit, and in particular on material weaknesses in internal control in relation to the
financial reporting process.
 Role in oversight of regulator}[compliance ^and whistleblower hotlines. Audit committees ^discuss
litigation of regulatory compliance risks with management, generally via briefings or reports from
the General Counsel (entity's top lawyer) or chief compliance officer or ethics officer that reports
incidents or risks related to the entity's code of conduct.
 Role in monitoring effectiveness of internal control process & internal audit - whose effectiveness
& efficiency is reported on by management, internal auditor & external auditor. Internal control
includes the policies and practices used to control the operations, accounting, and regulatory
compliance of the entity.
 Role in oversight of risk assessment & risk management. Organizations have a variety of functions
that perform activities to understand & address risks that threaten the achievement of the
organization's objectives. Policies & practices used by the entity to identify, prioritize, and respond
to the risks (or opportunities) are typically discussed with the audit committee.

CPA Page 160

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

 Overseeing the financial reporting and disclosure process.

 Monitoring choice of accounting policies and principles.
2.G.15 OTHER KEY BOARD COMMITTEES - SUMMARY
Internal audit committee - arguably the most important committee, responsible for liaising with external
audit, supervising internal audit, reviewing the annual accounts & internal controls.
Nomination committee - responsible for recommending the appointments of new directors to the board of
directors .
Remuneration committee - responsible for advising on executive director remuneration policy and the
specific package for each director.
Risk committee - responsible for overseeing the organization's risk response & management strategies.

2.G.16 CHAIRMAN BOARD VS. CHIEF EXECUTIVE OFFICER

 Reasons for Separation of Board Chairman & CEO (CPA Jun2012 Qn5b; Jun2013 Qn6b; Aug2018
Qn5b) Executive & Compensation. The board is directly responsible for hiring and firing of the
CEO, and is charged with general oversight of the corporation's affairs and its management. As a
result, installing the CEO, the one person directly responsible for that management, as Chairman
could indicate a conflict of interest. An increase in executive pay generally gets the attention of
company shareholders. Increases come at the expense of shareholder profits, although most
understand that competitive pay helps to keep talent in the business. However, it is the board of
directors that votes to increase executive pay. When the CEO is also the chairman, a conflict of
interest arises, as the CEO is voting on his or her own compensation. Although a board is required
by legislation to have some members who are independent of management, the chair can influence
the activities of the board, which allows for abuse of the chair position.
 Independence in Authority. An independent Chairman of the Board can create an independent
source of authority with tangible authority to address the concerns of the board. This independent
perspective creates an opportunity for the board to more effectively address any abuses that may
occur, and to address any concerns about the performance of the CEO. But when an independent
Chairman of the Board lacks information, authority or respect of the management, any perceived
value in independence for independence's sake diminishes. An independent chairman may have less
access to the facts and insufficient industry knowledge or institutional respect because of his lack of
day-to-day involvement in running the corporation, thus impinging on the ability to provide
informed, effective feedback and oversight.
 Corporate Governance. One of the board's main roles is to monitor the operations of the company
and to ensure that it is being run in conjunction with the mandate of the company and the will of the
shareholders. As CEO is the management position responsible for driving those operations, having
a combined role results in monitoring oneself, which opens the door for abuse of position. A board
led by an independent chair is more likely to identify and monitor areas of the company that are
drifting from its mandate and to put into place corrective measures to get it back on track.
 Audit Committee Independence. In 2002, the Sarbanes Oxley Act, legislated as a response to
several high-profile corporate failures, set out stronger regulations for corporate oversight,
including a requirement that the audit committee consist of only external board members. This
means that no member of management can sit on the audit committee. However, because the

CPA Page 161

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

committee is a sub-group of the board of directors and reports to the chair, having the CEO in the
chair role limits the effectiveness of the committee. This is especially true for the whistleblower
clause. Sarbanes-Oxley requires that the audit committee have a procedure where employees and
other connected individuals can report fraud and other abuse directly to the committee without
reprisal. When the board is led by management, employees may be less likely to report such
activities and the audit committee may be less likely to act on such reports.

 Differentiating role of the Board and Management. Clearly distinguishes between the roles of the
board led by the Chairman Board of Directors and management led by the CEO.
 Facilitating Focus. Allows the CEO to focus completely on operations, and organizational issues in
strategy execution.
 Openness and critical thinking. Ensures that board meetings encourage others to share their
viewpoints and raise questions that challenge and cause the CEO to think differently. This results
into conducting executive sessions that allow for open and candid conversations between the
independent directors and the CEO.
 Crisis management and effective communication. Helps in a crisis situation by coordinating
communications between the board and management, as well as communications between the
company and external groups, such as investors or members of the media.
Reasons against role separation of Board Chairman & CEO (CPAJun20l3Qn6b; Aug2018Qn5b)
 The CEO, as the manager of the corporation, has a superior knowledge of the operations of the
business. When that role is unified with his role as Chairman of the Board, one person occupying
both of these roles may better be able to lead the corporation and to identify any problems that may
arise.
 This can provide superior knowledge to the board and increase the information available to it. This
unified leadership structure creates efficiency by allowing the unified executive to operate in both
capacities at once. The other board members can have confidence that their Chairman/CEO is fully
aware of the corporation's strengths and weaknesses, along with what issues need to be addressed
moving forward.

SECTION 2.H: FRAUD & MONEY LAUNDERING

2.H.1 FRAUD - MEANING, FRAUD TRIANGLE & TYPES OF FRAUD
Fraud (CPAJun20l5 Qn4b) is defined by Black's Law Dictionary as: A knowing misrepresentation of the
truth or concealment of a material fact to induce another to act to his or her detriment. Fraud includes any
intentional or deliberate act to deprive another of property or money by guile, deception, or other unfair
means. People commit fraud because; they are motivated to do so, there is an opportunity to commit fraud,
& due to their attitude/rationalization - i.e. fraud triangle.
3 elements of fraud triangle (Junl5 Qn4c, Augl9 Qn3a), opportunity, pressure/motivation &
rationalization. Opportunity element over which business owners have most control. The opportunity to
commit fraud is possible when employees have access to assets and information that allows them to both
commit and conceal fraud. Limiting opportunities for fraud is one way a company can reduce it e.g.
monitoring employees' activities regularly, and instituting sound internal control systems.

CPA Page 162

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

Pressure/motivation/incentive or a "need" felt by the person who commits fraud. It might be a real
financial or other type of need, such as high medical bills or debts. Or it could be a perceived financial
need, such as a person who has a desire for material goods but not the means to get them. Motivators can
also be nonfinancial e.g. high pressure for good results at work or a need to cover up someone's poor
performance. Addictions such as gambling and drugs may also motivate someone to commit fraud. This
can be managed by; setting realistic individual targets, and an organisation having stringent policies to curb
unethical behaviour.
Rationalization (attitude/character) - employees may rationalize behaviour by determining that
committing fraud is okay for a variety of reasons e.g. for those who are generally dishonest, it's probably
easier to rationalize a fraud. For those with higher moral standards, it's probably not so easy. They have to
convince themselves that fraud, is okay with "excuses" for their behaviour. Common rationalizations
include making up for being underpaid or replacing a bonus that was deserved but not-received. Others
believe that the company "deserves" to have money stolen because of bad acts against employees. This can
be managed by; employee screening before recruitment, and through training staff in ethical matters.

General Symptoms of Fraud (CPAJun20l8Qn1a.ii)

 Failed or inefficient operating systems
 Document manipulation
 Employee's unexplained lifestyle change
 Employee's behavioural drastic change
 Rationalization (employee's mindset)
Types of Fraud (CPAJun20l8Qnla.1 Nov20l3Qn5a)
i) Fraudulent financial reporting. Misstatements due to fraudulent financial reporting, where management
or owners are usually involved, and the fraud is facilitated by overriding internal controls. Misstatements
in the financial statements arising from fraudulent financial reporting are intentional misstatements made
to mislead, including omission of information from the financial statements and misapplication of
accounting principles.
ii) Misappropriate of company assets. Misstatements because of the misappropriation of assets, usually
perpetrated by non-management employees. Misstatements arising from the misappropriation of assets
include theft, embezzlement, and any action that causes the company to expend cash for goods &
services that do not benefit or give value to company.
Note: Common Ways of Asset Misappropriation; (CPA Nov20l3 Qn5aii)
i) Theft of cash or other assets from the company, for example the stealing of physical cash, f e.g.
petty cash.
ii) Fraudulent disbursements. Company funds being used to make fraudulent payments, especially
billing schemes, where payments are made to a fictitious supplier, and payroll schemes, where
payments are made to fictitious employees (often known as 'ghost employees')
iii) Inventory frauds - the theft of inventory from the company
iv) Misuse of assets - employees using company assets for their own personal interest
v) Improper utilization of company credit cards, cash, cheques, money orders
vi) Misuse of vouchers, time sheets, invoices, and benefits claims to access company funds and
property for personal benefits

CPA Page 163

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

vii) Embezzlement/fraud. Generally described as intentional misuse or misappropriation of funds or

property entrusted to an employee, esp employee stealing money/property from employer
(iii) Corruption. This includes illegal gratuities, bribes, kickbacks, conflict of interest, or economic /
extortion. Corruption schemes happen when employees use their influence in business transactions for their
own benefit while violating their duty to employer e.g. bribery, extortion, & conflict of interest. Key
Ugandan anti-corruption institutions; Director of Public Prosecutions (DPP), Inspector General of
Government (IGG), Criminal Investigations Department (CID), Auditor General (OAG), Public
Procurement and Disposal of Assets Authority (PPDA), Public Accounts Committee of Parliament (PAC),
and Anti-Corruption Unit (CPAJun2013Qn2a).

2.B.2 FRAUD VS. ERROR

The distinguishing factor between fraud and error is whether the underlying action that results in the
misstatement in the financial statements is intentional or unintentional.

Unlike error, fraud is intentional and usually involves deliberate concealment of the facts. Fraud occurs
when someone purposefully produces deceptive data. Examples of fraud include; the theft of assets (e.g.
cash, inventory, or equipment), paying personal expenses out of the company checking account, taking
company computers home to use personally, falsification or alteration of accounting records or the
financial statements, deliberately making a mistake when coding expense checks, intentionally booking a
lower allowance for bad debt than is deemed reasonable by normal estimation methods, intentional
omissions of significant information e.g. if a company knows its largest customer is getting ready to close
its doors and doesn't disclose this fact, and not properly disclosing loss contingencies e.g. if a company
doesn't disclose that it's likely going to lose a lawsuit brought against it and the damages can be reasonably
estimated.

Error refers to an unintentional misstatement in the financial statements, including the omission of an
amount or disclosure. "Examples of errors are inadvertently taking an expense to the wrong account,
booking an unreasonable accounting estimate for allowance for bad debt expense, incorrectly applying
accounting principles, etc.

CPA Page 164

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

Fraud Tree Vs Fraud Triangle - Illustration (CPAAug20I5 Qn3a)

THE FRAUD TREE
OCCUPATIONAL FRAUD AND ABUSE CLASSIFICATION SYSTEM

Fraud Tree is a complete classification of fraud types i.e. different types of fraud with examples. The
various types of fraud are equally referred to asf occupational frauds" due to the fact that 'they are specific
classes of fraud which an employee or manager or owner of the organisation is likely to commit fir his/her
direct benefit (himself/herself) indirect benefit (another person) to the detriment of the organisation or
another party.

CPA Page 165

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

THE FRAUD TRIANGLE

Pressure
Rationalization
Motivation or Incentive to
Commit Fraud Justification of Dishonest
Action
FRAUD

Opportunity
The Knowledge and Ability to
Carry Out Fraud

The Fraud Triangle by Donald r. Cressey

Financial pressure Perceived  Weak internal control

 Greed  Ineffective monitoring of
Opportunity
 Addictions controls
 Poor credit rating or  Assets susceptible to fraud
cash management
Work pressure
 Dissatisfaction with pay
 Overlooked for
promotion  I’ll pay it back
 ―I deserve a pay raise
 ―It’s for a good purpose
Fraud
Triangle
Perceived Rationalization
pressure

Fraud Triangle is a framework designed to explain the reasoning behind a worker's decision to commit
workplace (occupational) fraud, and the framework has three (3) stages categorized by the effect on the
individual as; pressure (incentive/motivation), opportunity and rationalization (character/attitude).

CPA Page 166

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

2.B.3 IMPLEMENTATION OF FRAUD PREVENTION PROGRAMS - FRAUD PREVENTION MEASURES

Various fraud prevention strategies include amongst the following; CPA Jun2017 Qn1c)
 Knowing employees. Fraud perpetrators often display behavioral traits that can indicate the intention
to commit fraud. It's important for management to be involved with their employees & take time to get
to know them e.g. if an employee feels lack of appreciation from business owner or anger at his boss,
this could lead him to commit fraud as revenge.
 Appropriate oversight. This can be done by audit committees, internal auditors, external auditors, etc.
Thus, a need for especially audit committee to evaluate, oversee senior management & assist with
oversight of the financial reporting process & internal controls
 Setting-up reporting system & make employees aware. Everyone within an organization should be
aware of the fraud risk policy "including types of fraud and the consequences associated with them.
Those who are planning to commit fraud will know that management is watching and will hopefully be
deterred by this. Since many employees are hesitant to report incidents to their employers, consider
setting up an anonymous reporting system e.g. via website which keeps their identity safe or by using a
tip hotline.
 Conducting fraud prevention education programs. Antifraud education programs should be
conducted at least once a year to review your jurisdiction's fraud statement. New hires, as well as,
current employees should be involved in this ongoing education program.
 Implement internal controls Internal controls are the plans and/or programs implemented to safeguard
company's assets, ensure the integrity of its accounting records, deter and detect fraud - especially with
enforcing segregation of duties. Internal control programs should be monitored and revised on a
consistent basis to ensure they are effective and current with technological and other advances.
 Monitoring vacation balances. One might be impressed by the employees who haven't missed a day
of work in years. While these may sound like loyal employees, it could be a sign that these employees
have something to hide and are worried that someone will detect their fraud if they were out of the
office for a period of time. It is also a good idea to rotate employees to various jobs within a company.
This may also reveal fraudulent activity as it allows a second employee to review the activities of the
first.
 Hiring experts e.g. certified fraud examiners (CFE), certified public accountants (CPA) and CPAs who
are certified in financial forensics (CFF). These can help in establishing antifraud policies &
procedures. These professionals can provide a wide range of services from complete internal control
audits and forensic analysis to general and basic consultations.
 Instituting & living a good corporate culture. A positive work environment can prevent employee
fraud. There should be clear organizational structure, written policies, procedures & fair employment
practices. An open-door policy can also provide a great fraud prevention system as it gives employees
open lines of communication with management.

CPA Page 167

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

2.H.4 MONEY LAUNDERING - MEANING & WAYS IT IS CARRIED OUT

Meaning (CPAHav2DI3Mw Jun2017Qnla)
Money laundering refers to the process of turning illegitimately obtained property into seemingly
legitimate property and it includes concealing or disguising the nature, source, location, disposition or
movements of the proceeds of crime.
Money laundering is defined as the process by which criminals attempt to conceal the true origin and
ownership of the proceeds of their criminal activity ('dirty' money) allowing them to maintain control over
the proceeds and, ultimately, providing a legitimate cover for their sources of income.

Development of programs against money laundering. According to Anti-Money Laundering

Act, 2010, laws of Uganda, Every Financial institution in Uganda shall develop programmes against
money laundering, which include;
 internal controls, policies, procedures & designation of compliance officers as managers
 " Know your Customer‖ rules and procedures
 record keeping
 recognition and reporting of suspicious transactions, and
 education and training of relevant employees.
Reportable transactions (CPAJun2017Qnlb). In line with the Act, a financial institution shall report as
suspicious the following transactions;
 outward remittances without visible lawful purpose.
 inward remittances without visible lawful purpose or without underlying trade transactions ^
 unusual purchases of foreign exchange without visible lawful purpose
 unusual purchases of foreign exchange whose sources are not satisfactorily established
 complex, unusual large transactions and all unusual patterns of transactions, which have no
apparent or visible lawful purpose
 deposits & any other funds managed or held in trust, if there is reasonable ground to believe that the
deposits/funds managed/held in trust are proceeds of criminal/illegal activities
 all other transactions which the financial institution may consider as suspicious based on reasons
which should be cited in the Suspicious Transactions Report.
Examples of criminal property or fraud (CPA Nov20l3 Qn2a; Nov2019 Qn5a)
 proceeds of tax evasion, under-declaring income & over-claiming expenses —
 a benefit obtained through bribery & corruption
 benefits obtained, or income received, through the operation of a criminal cartel
 benefits (saved costs) arising from a failure to comply with a regulatory requirement that is a
criminal offence.

2.H.5 PROCESS OF MONEY LAUNDERING

Steps/processes taken in money laundering; CPANov20l3 Cn2b; Aug2015 Qn7a, Jun2017Qn2.a.ii) Jun2018Qn2a.ii)
 Placement, this is the movement of cash from its source. The monies are placed into the financial
system or retail economy or are smuggled out of the country by transforming it into other asset
forms e.g. travelers cheques, postal orders, etc. On occasion the source can be easily disguised or

CPA Page 168

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

misrepresented. This is followed by placing it into circulation through financial institutions,

casinos, shops and other businesses.
 Layering. Criminals attempt to conceal the source or ownership of the funds by creating complex
layers of financial transactions designed to disguise the audit trail & provide anonymity. The
purpose of this stage is to make it more difficult to detect and uncover a laundering activity. It's
meant to make the trailing of illegal proceeds difficult for the law j enforcement agencies.
 Integration, this is the movement of previously laundered money into the economy mainly through
the banking system and back into normal business earnings. It's a stage at which the money is
integrated into the legitimate economic and financial system and is assimilated with all other assets
in the system - by making it appear to have been legally earned

What constitutes transaction with no apparent or visible legitimate economic purpose (CPA Aug2015 Qn7b)
According to Anti-Money Laundering Act, 2013 of Uganda, what constitutes a transaction with no
apparent or visible legitimate economic purpose is a transaction;
► that gives Vise to a reasonable suspicion that it may involve the laundering of money or the proceeds of
any crime and is made in circumstances of unusual or unjustified complexity
►whose form or features suggest that it might be intended for an illegal purpose, or the economic purpose
of which is not discernable
► for a customer-relationship with the financial institution that does not appear to make rational ^
economic sense, e.g. a customer having a large number of accounts with the same bank, frequent transfers
between different accounts or inordinately high liquidity in which assets are withdrawn immediately after
being deposited, unless the customer's business activities furnish plausible reason for immediate
withdrawal
►that cannot be reconciled with the usual activities of the customer(s) of the financial institution or the
branch office in question, and in which the reason for the customer's choice of that particular financial
institution or branch cannot be ascertained
►which, without plausible reason, results in intensive use of what was previously a relatively inactive
account, such as a customer's account which shows virtually no normal personal or business related
activities but is used to receive or disburse unusually large sums which have no obvious purpose or
relationship to the customer and his/ her business
►which is incompatible with the financial institution's knowledge and experience of the customer in
question or with the purpose of the business relationship.

2.H.6 CONSEQUENCES OR EFFECTS OF MONEY LAUNDERING AS UNETHICAL BEHAVIOUR

Money Laundering Effects on Economic Growth (CPANov2013 Qn2c)\
(i) Direct Effects- Money laundering distorts the investments & depresses productivity.
Resources are diverted to less-productive activities, or domestic assets or luxury imports, and
facilitating domestic corruption & crime, which in turn depress economic growth.
(ii) Effect on Corporate competitiveness & Taxation. Laundered money-is usually untaxed, meaning
that the rest of the people ultimately have to make up the loss in tax revenue. Legitimate small
businesses cannot compete with money laundering-front businesses that can afford to sell products
cheaply because their primary purpose is to clean money, not turn profit.

CPA Page 169

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

(iii)Effect on Interest & Exchange Rates. Money Laundering has adverse consequences on the interest
rates and the exchange rate volatility particularly in developing nations and dollarized nations. It
complicates the government effort to manage the economic policies. It affects income distribution,
contaminates the legal transactions, and has potential to destabilize the economy by inefficient
movements, which reduces the GDP growth.
(iv) Effect on Foreign Investment. There is a damping effect on foreign direct investment when a
country's commercial & financial sectors are perceived to be subject to the control and influence of
organized crime. Businesswise, these impedances have to be weeded out.
Money Laundering Social Effects or Consequences (CPANov2013 Qn2c)
(i) Criminals Expand their Operation. Money launderings help the criminals to expand their criminal
activities as they can successfully launder the illicit money. Thus, implying more use of drugs, more
frauds which will negatively impact the morale of common people.
(ii) Transfer of Authority. If this heinous (dreadful) practice is not addressed at the earliest by the
concerned authorities of the government, then it will gradually lead to the transfer of power from
the government and people of a democratic nation to the criminals and mafias, and in the long term,
they might capture the government.
(iii) Increased Expenses of Government. On the contrary, it increases the expense of the governments as
they have to take serious measures for strict law enforcement especially due to drug trafficking &
smuggling of public or health drugs.

2.H.7 PHISHING - MONEY LAUNDERING FORM

Phishing (CPAJun20l8Qn2a)-the act of acquiring private or sensitive data from personal computers for use
in fraudulent activities. It's the fraudulent practice of sending emails purporting to be from reputable
companies order to induce individuals to reveal personal information, e.g. passwords and credit card
numbers. Money launderers try to obtain financial or other confidential information from Internet users,
typically by sending email that looks as if it is from a legitimate organization, usually a financial
institution, but contains a link to a fake website that replicates the real one.

Phishing is usually done by sending emails that seem to appear to come from credible sources (however,
they are in no way affiliated with the actual source/company), which require users to put in personal data
such as a credit card number or social security number. This information is then transmitted to the hacker
and utilized to commit acts of fraud. Some of the criminals behind phishing scams have even gone so far as
to create websites that appear to be operated by government agencies. Many virus programs and email
providers have developed software in attempt to combat the problem.

Preventing Measures of Phishing and Money Laundering (CPAJun20l8Qn2ai)

 Have secure applications & controls. These controls must be augmented with strictly enforced
communication processes and a comprehensive user education programme which teaches users how
to recognize, resist and report phishing attacks.
 Establish an information communication & technology and data protection policy. A corporate
communications policy should define how the organisation will communicate securely with its
customers so that legitimate emails can't be confused with phishing attacks.

CPA Page 170

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

 Format and encrypt corporate communications. To effectively carry out a secure corporate
communications policy, outgoing message formats must be clear, concise and consistent. Branding
must also be consistent; using mixed brands and multiple company-owned domains generates
confusion and increases the opportunities for impersonation.
 Define acceptable communication modes/channels. As a rule of thumb, it's a good idea to
communicate with users using a corporate website rather than email. It's more secure and the
content can be in rich HTML without posing a risk.
 Embrace anti-viruses by both the company and clients. From time to time, clients should be
reminded to install the latest patches and to run an antivirus scan. Special deals on antivirus
software should be provided as low-cost protection and to show that the company does take /
security seriously.
 Establish clients' reporting platforms relating phishing scams. Customers also need an easy ^method
to report phishing scams and advice on recognizing a scam.
 Conduct regular adequate sensitizations & trainings. In addition to having a phishing incident-V
management policy, it's vital to senstise / train staff in related areas like forms of phishing scams,
data protection methods, basic system configurations, etc. Everyone in the organisation needs to
know what role*they play in restricting the damage caused by the phishing attack.

SECTION 2.1: WHISTLE-BLOWING

2.1.1 MEANING OF WHISTLEBLOWING
Whistle blowing is a practice that raises/discloses concerns about malpractice within or outside an
organization. These malpractices can take several forms and range from criminal actions such as fraud to
questionable ethical practices that are not covered by specific legislation. Whistleblowing is a vital tool for
promoting individual responsibility & organizational accountability Whistleblowers act in good faith and in
the public interest to raise concerns about suspected impropriety within their place of employment.
(CPANov2012 Qn2ci)
2.l.2 PROCEDURES FOR DISCLOSURE OF UNETHICAL BEHAVIOUR IN PUBLIC INTEREST
Procedures for disclosure of impropriety (unethical behavior) are through; (CPA Aug2017Qn4c),
(a) Oral reports
(b) Use of information communication technology
(c) Reduction of disclosure into writing. Where a whistleblower makes a disclosure orally, the person to
whom the disclosure is made shall cause the disclosure to be reduced into writing.

Note: The disclosure shall contain as far as practicable (CPAJun20l50nlc;Aug20l7Qn4c;Aug2018Qn4b,i)

► full name, address and occupation of the whistleblower
► nature of the impropriety in respect of which the disclosure is made
► name & particulars of the person alleged to have committed, who is committing or is about to commit
the impropriety;
► time & plate where the alleged impropriety is taking, took or is likely, to take place
► full name, address & description of a person who witnessed commission of the impropriety
►whether the whistleblower has made a disclosure of the same or of some other impropriety on a previous
occasion and if so, about whom and to whom the disclosure was made; and
CPA Page 171

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

► if that person is making an employment related disclosure, whether the whistleblower remains in the
same employment
2.1.3 KEY CONCEPTS - IMPROPRIETY & DISCLOSURE OF IMPROPRIETY
Impropriety - conduct which falls within any of the categories of definition of disclosure irrespective of
whether or not impropriety occurs in/out, or in-respect of laws of outside Uganda
Disclosure - means any declaration of information made by a whistleblower with regard to the conduct of
one or more persons where the whistleblower has reason to believe that information given shows or tends
to show one or more of the following;
(a) that a corrupt or criminal offence or other unlawful act has been committed being committed or is
likely to be committed
(b) that a miscarriage of justice has occurred, is occurring or is likely to occur
(c) that a person has failed is failing or is likely to fail to comply with any legal obligation to which that
person is subject.
(d) that any matter referred to above has been, is being or is likely to be deliberately concealed

2.1.4 MORAL ETHICAL ISSUES & FORMS OF WHISTLEBLOWING

Conditions for protection of disclosure of any impropriety - Any disclosure of an impropriety made by
a whistleblower is protected where he or she;
 makes the disclosure in good faith
 reasonably believes that the disclosure and any allegation of impropriety contained in it are X
substantially true
 makes the disclosure to an authorised officer
 maintains the confidentiality of his or her identity as whistleblower and takes reasonable steps to
avoid its discovery
 maintains the confidentiality of the information contained in the disclosure

Conditions under which Whistleblowing is Morally Justified (CPANov20l3 Qn5b.ii; Nov2012 Qn2c,iv.)
 in situations in which companies take actions that are illegal or unethical
 where members of public could have are adversely affected & society benefits from activity d if the
matter is significant or grave.
 If there is likelihood of repetition.
 employer doesn't want to disclose or employee's supervisor doesn't act to prevent the harm
Moral & Ethical Issues Surrounding Whistleblowing; (CPANov2012Qn2c.iv)
1) Loyalty. The most obvious issues relates to loyalty. Specifically, an employee owes a 'duty of loyalty' to
their employer. Safeguarding confidential information (loyalty requires us to keep some information
confidential).
2) Disloyalty. In one sense, whistle blowing is an act of disloyal. There is also the question of trust and the
protection of confidential information. Keeping a secret (concealing information) may amount to breaking
the law, nevertheless we may have a responsibility to "blow the whistle.

Note: The protection afforded to a whistleblower under Whistleblower Act shall not cease when his/her
identity as whistleblower has been revealed, where the whistleblower was not responsible for the
CPA Page 172

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

revelation. The Act does not prohibit making anonymous disclosures. However, a person who makes
anonymous disclosure shall not be entitled to the protection conferred under the Act.
Reward for Whistleblowing,
A whistleblower shall be rewarded for his/her disclosure five percent (5%) of the net liquidated sum of
money recovered consequent upon recovery, based on that disclosure. A whistleblower shall be paid within
six (6) months after the recovery of the money. (CPA Jun2CI5Cn/c)
Persons Qualified to Make Disclosures. Disclosures of impropriety may be made;
 by an employee in the public or private sector in respect of their employer
 by an employee in respect of another employee
 by a person in respect of another person, or
 by a person in respect of a private or public institution

Persons to whom or Institutions to which Disclosure maybe made (CPADec2016Qnld)

The first priority to be reported to by the employer goes to the employer unless otherwise. This is based on
the two forms of whistleblowing; (CPANov2012Qn2c)

Internal whistleblowing - following recognized procedures within an organization with the intention of
resolving a problem internally: it is normally required in law as a necessary avenue that needs to be
exhausted before steps are taken externally. Thus, disclosures of impropriety may be made internally to
whistleblower's employer in cases where the whistleblower's complaint pertains to his or her place of
employment.

External whistleblowing - disclosure of impropriety outside the organisation. It's equally recognized by
law but limited to specific structures of authority.

External disclosures maybe made in the following instances - moral justification;

 where the complaint does not pertain to the whistleblower's employment
 where whistleblower reasonably believes that he or she will be subjected to occupational detriment
if he or she makes a disclosure to his or her employer
 where whistleblower reasonably believes or fears that evidence relating to the impropriety will be
concealed or destroyed if he or she makes the disclosure to his or her employer, or
 where the complaint has already been made & no action has been taken or whistleblower
reasonably believes or fears that the employer will take no action.

External disclosures of impropriety may be made to any of the following institutions;

i) the Inspectorate of Government
ii) the Directorate of Public Prosecutions,
iii) the Uganda Human Rights Commission,
iv) the Directorate for Ethics and Integrity,
v) the office of the Resident District Commissioner,
vi) Parliament of Uganda,
vii) the National Environment Management Authority

CPA Page 173

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

viii) the Uganda Police Force

Compulsory Receipt of Disclosures (CPANov20l5Qn4b)

An authorised officer shall receive all disclosures made by a whistleblower. When a disclosure of
impropriety is made to a person in charge of the respective institution, the person shall;
 make a record of the time and place where the disclosure is made,
 give to the whistleblower an acknowledgment in writing of receipt of the disclosure, &
 keep the writing of the disclosure confidential & in safe custody pending investigation
2.1.5 INVESTIGATION PROCESS, MECHANISMS OF PROTECTION, OFFENSES &
PENALTY
Process of Investigation of impropriety (CPA Jun2016 Qn2c; May2019 Qn3b,i)
 Where a disclosure of impropriety is made internally or externally to a person in charge of the
institution, the authorised person shall investigate or cause an investigation into the matter and take
appropriate action.
 Any investigation undertaken in respect of disclosure of impropriety shall be carried out
expeditiously.
 Where authorised person (internally) to whom disclosure is made determines that he/she doesn't
have capability to undertake investigation, he or she shall, within seven working days, refer the
disclosure to a competent authority as required under external whistleblowing or to the Minister.

Mechanisms of Protecting a Whistle-Blower (CPAJun2015Qn1c May2019 Qn3b,ii)

Protection from Victimization
A person shall not be subjected to any victimization by his/her employer or by any other person on
account, or partly on account, of having made a protected disclosure. A whistleblower who honestly &
reasonably believes that he/she has been victimized as result of his/her disclosure may make a complaint to
either the Inspectorate of Government (IGG) or the Uganda Human Rights Commission (UHRC) for
redress. Furthermore, a whistleblower may seek redress for victimization by bringing a civil action in a
court of law.

A complaint made to IGG or UHRC shall contain the following particulars;

(a) the name, description and address of the whistleblower
(b) the name, description and address of the whistleblower's employer or any other person who the
whistleblower claims has victimized him or her; and
(c) the specific acts complained of as constituting victimization.

Protection against Court Action

Whistleblower shall not be liable to civil/criminal proceedings in respect of disclosure that contravenes any
duty of confidentiality or official secrecy law where the whistleblower acts in good faith.

State Protection
A whistleblower who makes a disclosure and who has reasonable cause to believe that; (a) his or her life or
property, or (b) the life or property of a member of the whistleblower's family is endangered or likely to be

CPA Page 174

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

endangered as a result of the disclosure, may request state protection and the state shall provide the
protection considered adequate.

Application to Court for Assistance

If during an investigation, the investigator has reasonable grounds to believe; (a) that evidence or
documents relevant to investigation are likely to be destroyed, concealed, tampered with, or (b) that a
person willing to provide information relevant to investigation is being restrained by pressure of obligation
to a confidentiality agreement with persons/official secrets law to which disclosure relates, the investigator
may apply to court for an order to preserve evidence or documents or to release the person willing to
provide information from the perceived restraint.

Void Employment Contracts (CPA Nov20l5 Qn2b; CPA Aug20l8 Qn4c)

A provision in any employment contract/agreement between employer & employee is void if it;
 seeks to prevent the employee from making a disclosure,
 has the effect of discouraging an employee from making a disclosure,
 precludes the employee from making a complaint in respect of victimization,
 prevents an employee from bringing an action in court or before an institution to claim relief or
remedy in respect of victimization, or
 if it has the effect of creating fear or discouraging the employee from making a disclosure.

Offences & Penalties Related To Whistle-Blowing (CPANnv2015Qn4a: May2019 Qn3b)

Disclosing Identity of a Whistleblower
A person who unlawfully discloses, directly or indirectly, the identity of a whistleblower, commits an
offence and is liable on conviction to imprisonment not exceeding five years or a fine not exceeding one
hundred and twenty currency points or both.
Disclosing Details of the Disclosure
Where a person to whom the disclosure is made fails to keep confidential the disclosure, the person
commits an offence and is liable on conviction to imprisonment not exceeding five years or a fine not
exceeding one hundred and twenty currency points or both.

Victimization of a Whistleblower (CPA Aug2018 Qn4a; May2019 Qn3a,ii)

A person shall not be subjected to any victimization by his/her employer or by any other person on
account, or partly on account, of having made a protected disclosure. Victimization include;
► Dismissal ► Suspension
► Denial of promotion ► Demotion
► Redundancy ► Harassment
► Negative discrimination measures ► intimidation
► subjected to a discriminatory or other adverse measure by employer or a fellow employee

Making False or Contravening Disclosures (CPAAug2018Qn4b,ii)

• A person who knowingly makes a disclosure containing information he or she knows to be false and
intending that information to be acted upon as a disclosed matter, commits an offence and is liable on

CPA Page 175

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

conviction to imprisonment not exceeding five years or a fine not exceeding one hundred and twenty
currency points or both.
• A whistleblower shall not be liable to civil/criminal proceedings of disclosures contravening duty of
confidentiality or official secrecy law where the whistleblower acts in good faith.
Unlawfully Failing to Take Action (CPAAug20l8Qn4b.iii)
An authorised officer, who does not take action upon receipt of a disclosure made to him or her, commits
an offence and is liable on conviction to imprisonment not exceeding five years or a fine not exceeding one
hundred and twenty currency points or both.
Steps Taken for Redress, if Victimized (CPAAug2018Qn4a)
1st step: A whistle-blower who honestly and reasonably believes that he or she has been victimized as a
result of his or her disclosure may make a complaint to either the Inspectorate of Government or the
Uganda Human Rights Commission for redress
2nd step: Whistleblower may seek redress for victimization by bringing a civil action in the courts of law

Problems associated with Whistleblowing (CPANov20l2Qn2c)

■ Whistleblowing is a selfless act. There are numerous examples in the literature of individuals whose
careers ended in ruin because they chose to act ethically and "blow the whistle" on their employer's illegal
or unethical activities.
■ On the other hand individuals make allegations about colleagues or managers which are unfounded. The
allegations might be made for reasons of malice and dislike, or because there has been an argument at
work. Malicious allegations about colleagues and managers should not be tolerated.
■ It may not be easy to obtain 'hard'/empirical evidence
■ Some whistle blowers may be arrested
■ There could be lack of/unclear reporting structures
■ How to encourage reports of illegal/unethical behaviour, by protecting honest whistleblowers, while
discouraging malicious & unfounded allegations - a great problem facing companies

PART III - Entrepreneurship

SECTION 3.A: MAKING THE BUSINESS GROW
3.A.1 MEANING, CHARACTERISTICS & MYTHS
Entrepreneurship is the entrepreneurial process or means through which the entrepreneur creates new
value as a result of the entrepreneurial venture (the project or business activity). Entrepreneurship -
capacity and willingness to develop, organize and manage a business venture along with any of its risks in
order to make a profit. The most obvious example of entrepreneurship is the starting of new businesses.
Entrepreneurial spirit is characterized by innovation and risk-taking, and is an essential part of a nation's
ability to succeed in an ever changing and increasingly competitive global marketplace.
Entrepreneurial specific characteristics for business growth or success include;
Hard work, Self-motivation
Resilience, Confidence
Assertiveness, Information seeking
Opportunistic, Receptive to change
Comfort with power Fiscal responsibility

CPA Page 176

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

Multi-skilled, Receptiveness to new ideas,

Eager to learn, Commitment to others, Innovative & creative:
Setting of personal goals (visionary)

Myths about Entrepreneurs (of Entrepreneurship)

• Entrepreneurs are mainly motivated to get rich
• Entrepreneurs are often high-tech wizards
• Entrepreneurs are often ruthless, deceptive, and miser.
• Entrepreneurs are born, not made. Some entrepreneurs are professionals and their success get attributed to
training and skills.
• Entrepreneurs are high risk takers. Not all entrepreneurs are risk takers. Instead, most of the entrepreneurs
take calculated risks and normally apply diversification strategies.
• Entrepreneurs are loners and introverts, and give little attention to their personal life due to day-to-day
business operations and aspirations
• Entrepreneurs are job hoppers. Not true. A job hopper is someone who works briefly in one position after
another rather than staying at any one job or organization long-term.
• It takes a lot of money to finance a new business. Not true. The typical startup only requires little amounts
of money.
• Venture capitalists are a good place to go for startup money. They only fund about 3,000 companies per
year & about a quarter of those companies are in the seed or startup stage.
• Most business angels are rich. Almost three quarters who are not friends, neighbors, co-workers or family
are not close to richness. In fact, 32% have a household income of $40,000 per year or less and 17% have a
negative net worth.
• Startups can't be financed with debt. According to Federal Reserve's Survey of Small Business ^
Finances, 53% of the financing of companies that are 2 years old or younger comes from debt
and only 47% comes from equity.
Banks don't lend money to startups. Again, the Federal Reserve data shows that banks and trade creditors
account for 16% & 13% respectively, of all the financing provided to companies that are 2 years old or
• Most entrepreneurs start businesses in attractive industries. The opposite is true. Most of them head right
for the worst industries for startups. That means that most entrepreneurs are picking industries in which
they are most likely to fail.
• The growth of a startup depends more on an entrepreneur's talent than on the business he chooses. There
is nothing anyone has discovered about the effects of entrepreneurial talent that has a similar magnitude
effect on the growth of new businesses.
• Most entrepreneurs are successful financially. Only top 10% of entrepreneurs earn more money than
employees. And the typical entrepreneur earns less money than he would have earned working for someone
else.
• Many startups achieve the sales growth projections that equity investors are looking for. Not even close.
Fewer than 200 out of 590,000 in the US reach the $100 million in sales in six years that venture capitalists
talk about looking for.

CPA Page 177

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

• Starting a business is easy. Seven years after beginning the process of starting a business, only one-third
of people have a new company with positive cash flow greater than the salary and expenses of the owner
for more than three consecutive months.
3.A.2 MANAGING GROWTH IN A CHANGING ENVIRONMENT - STEPS, CHALLENGES &
GROWTH MEASURES
When a company growths, the entrepreneur can no-longer represent the organization to all the parties who
have an interest in it. Desirability of growth must be reflected in the entrepreneur's vision, the potential for
growth must be recognized in the venture's mission, and the direction must be indicated by the venture's
strategy. Effective entrepreneurs recognize that the growth of the venture provides all of its stakeholders
with opportunities for personal growth & dev't. Managing business growth requires consideration of a
number of strategies like;
Top management commitment. Securing commitment from top management, motivated and hardworking
implementing team is essential for effecting & managing business growth.
Have right & sufficient resources. Managing growth effectively is all about making sure you have the
resources to deliver as demand increases.
Having effective processes for every aspect of the business. This should be in addition to a well thought-
out system for monitoring that they are working & achieving quality products.
Establish proper systems. A systems-driven business is needed to measure performance data against the
processes for business growth.
Right management team. Even when systems have been set-up, business needs to develop management
team and implemented quality control procedures.
Key Steps in Managing Business Growth are;
Step 1: Know when to grow - based on indicators e.g. market trends, financial stability, etc.
step 2: Plan for growth - knowing what's to be achieved by the business
Step 3: Finance growth - via proper cash flow management & resource management \ Step 4: Delegate -
successful entrepreneurs don't handle business growth alone
step 5: Analyze growth - if business growth is based on intended right activities
Challenges arising from Business Growth & Expansion (CPADec2016 Qn6a;Nov20l7 Qn6a; May2019 Qn6a)
Pressure on human resource needs -employee morale, employee burnout and turnover
Pressures on the management of employees -due to increased numbers
Pressures on the entrepreneurs the -due to increased activities with few staff
Pressures on existing financial resources -due to increased needs & appetite for cash
Unfavourable government policy-relating with high taxes & inflation greatly affecting growth
Limited market-due to increased production levels (more supply) to existing small market
Poor communication -it's difficult to communicate effectively to many staff & customers
Diseconomies of scale -as a result of increased costs of production due to expansion
Personal risks -inform of stress, loss of control, etc.
Business risks -in form of instability, ineffective management, financial loss, etc.
Competitive risks -in form of unknown markets, aggressive competitors, & unfamiliar terrain
Ways to expand or grow the business (CPAJun20l7Qn7a;CPAAug20l8Qn6a)
• Market penetration -Increase business sales of existing products in existing markets
•Market dev't -develop a new market segment (new customers) with existing products

CPA Page 178

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

• Product dev't -introduce new products in the existing markets, for increased market share
• Diversification -Move into new geography with new products -new products into new markets
• Joint ventures and strategic alliances - partnership between 2 or more active participants
• Acquiring another existing business -wholly or part of company, for new markets or products
• Mergers -a transaction involving 2 or more companies in which only one company survives
• Leverage buyouts -when one uses borrowed funds to purchase existing venture for cash
• Franchising -arrangement where manufacturer or sole distributor of trade marketed product or service
gives exclusive rights of focal distribution to independent retailers in return for their payment of royalties
and conformance to standardized operating procedures
• Win government contract -having government as a customer, being largest buyer of goods
• Start a chain, and distribution channels -with own; agents or distributors or outlets
• Go global -open-up markets across the globe i.e. using internet to sale products globally
3.A.3 SWOT ANALYSIS FOR BUSINESS GROWTH
 Strengths (Internal to Organization). What are we doing especially well? What resources do we
have that other businesses don't have? What are our key competitive advantages?
 Weaknesses (Internal to Organization). What do we do poorly? What activities detract from what
we do best? Where can we improve?
 Opportunities (External Environment). What opportunities exist for our business? What trends face
our industry? What changes are occurring with our customers, i.e. age, spending habits, values,
residences? What changes are coming to our industry's regulatory environment?
 Threats (External Environment). What obstacles do we face? Are there new competitors entering
the marketplace and what is their strategy? Is there a threat from planned regulatory change? Is
there a threat from global competitors?
3.A.4 BUSINESS PROTECTION - SHOPLIFTING, INTELLECTUAL PROPERTY, SAFETY &
INSURANCE
Prevention of Theft & Shoplifting (action of stealing goods from a shop while pretending to be a
customer). Strategies for preventing shoplifting include; (CPA Aug2017 Qn6a; Nov2019 Qn6a)
 Stop by the store business without warning - make periodic unannounced visits.
 Spot-check inventory/drawer during unannounced visits, do inventory double-checking
 Have an inventory-tracking system - tracking inventory automatically or, use paper-based
inventory-tracking sheets to send signal to employees that inventory is being monitored.
 Train employees - provide all employees with training on theft-prevention, both shoplifting and
employee theft. Discuss the ways the company is prepared to detect either.
 Encourage anonymous tips - publish a phone number employees can call to leave an anonymous
message if they suspect a co-worker of stealing product or cash.
 Watch for employees with calculators & receipt books - especially an employee who has a separate
receipt book tucked into a drawer or pocket.
 Check deposits - if deposit numbers match the sales figures & if deposits are being made routinely
and when expected (particularly easy to do through online banking).
 Check cash-to-credit purchase ratios. If the typical purchase ratio is 30 percent cash to 70 percent
credit, and then suddenly the ratio is 10 to 90, it's time to ask a few questions.

CPA Page 179

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

Patents, Trademarks, Copy rights, Trade secrets, & Licensing (CPA Aug2016 Qn7)
Patent - a government authority or licence conferring a right or title for a set period, especially the sole
right to exclude others from making, using, or selling an invention (intellectual property - an intangible
property that is the result of creativity or creations of the mind such as inventions, literary and artistic
works, designs, symbols, names & images used in businesses).
Trademark – a symbol, word, or words legally registered or established by use as representing a company
or product.
Copy right -the exclusive & assignable legal right, given to the originator for a fixed number of years, to
print, publish, perform, film, or record literary, artistic-or musical material.
Trade secret is a secret device/technique used by a company in manufacturing its products.
Trade secret is a formula, practice, process, design, instrument, pattern, commercial method, or
compilation of information which is not generally known or reasonably ascertainable by others, & by
which business can obtain an economic advantage over competitors/customers.
Licensing - a business arrangement in which one company gives another company permission to
manufacture its product for a specified payment:
Note: Intellectual Property (IP) (CPAAug2016 Qn7; CPAAug2018 Qn7a)
Intellectual Property is a category of property that includes intangible creations of the human intellect.
Intellectual property (IP) is divided into two (2) types of rights;
(i) Industrial property rights (trademarks, patents for inventions, designations of origin, industrial designs,
geographical indications, and models)
(ii) Copyrights. A copyright gives the creator of an original work exclusive rights to it, usually for a
limited time. Copyright may apply to a wide range of creative, intellectual, or artistic forms, or
"works". Copyright does not cover ideas and information themselves, only the form or manner in
which they are expressed.
Regulations/Measures for Safety of Employees; (CPAAug2017Qn7b)
The main provisions of health & related regulations require employers to provide;
► adequate lighting, heating, ventilation and workspace (and keep them in a clean condition)
► take a workman's compensation insurance policy
► staff facilities, including toilets, washing facilities and refreshment; and
► safe passageways, i.e. to prevent slipping and tripping hazards.
► ensure the safety and suitability of work equipment for the purpose for which it is provided;
► properly maintain the equipment, irrespective of how old it is;
► provide information, instruction and training on the use of equipment; and
► protect employees from dangerous parts of machinery.

Insurance Types & Contracts (CPAJun2017 Qn7b) Key business insurance types/policies include;
 General Liability Insurance. The policy provides both defense and damages if you, your
employees or your products or services cause or are alleged to have caused Bodily Injury or
Property Damage to a third party.
 Professional liability insurance - errors & omissions (E&O). It covers a business against
negligence claims due to harm that results from mistakes or failure to perform.

CPA Page 180

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

 Property insurance. This insurance covers equipment, signage, inventory and furniture in the event
of a fire, storm or theft.
 Workers' compensation insurance This covers medical treatment, disability & death benefits in
the event an employee is injured/dies as a result of his work with that business.
 Home-based businesses policy. Homeowner's policies don't cover home-based businesses in the
way commercial property insurance does. Thus, a need for additional insurance to cover equipment
& inventory for home-based business, in event of a problem.
 Product liability insurance. This is insurance which works to protect a business in relation to
lawsuits or damages caused by its products.
 Vehicle insurance Vehicles should be fully insured to protect businesses against liability if an
accident should occur. At the very least, businesses should insure against third-party injury, but
comprehensive insurance will cover that vehicle in an accident, as well.
 Business interruption insurance, equally known as business owner's policy (BOP) This is
insurance compensates business in case of; disaster or catastrophic event which interrupts business's
operations. Thus, compensating business for its lost income & avoiding a major financial loss due
to a lawsuit or catastrophic event.
 Directors & Officers Insurance This type of insurance protects the directors & officers of a
company against their actions that affect the profitability or operations of the company - covering
costs or damages lost as a result of a lawsuit.
 Data Breach policy. If the business stores sensitive or non-public information about employees or
clients on their computers, servers or in paper files they are responsible for protecting that
information. If a breach occurs either electronically or from a paper file a Data Breach policy will
provide protection against the loss.
 Life Insurance. Life insurance protects an individual against death. If you have life insurance, the
insurer pays a certain "amount of money to a beneficiary upon your death. You pay a premium in
exchange for the payment of benefits to the beneficiary.
 Industrial All Risks (IAR). This covers accidental loss or damage to insured property at the
location specified in the policy. The cover provided is against all perils other than those specifically
listed under excluded perils. This is a combined policy and basically incorporates fire, fire
consequential loss, theft and accidental damage perils. With this policy, there will be no need of
taking out Fire and Fire Consequential Loss Policies as well as Burglary.
Key Insurance Principles guiding the Insurer & Insured (CPAJun2018Qn7a)
1) Indemnity. This principle states that no one can get compensation exceeding the actual monetary loss
caused by the event insured against. This makes it impossible for people to gain from their misfortunes.
Insurance does not aim at benefiting a person but its objective is to compensate a person for what he has
lost.
2) Insurable interest. A person can insure only such properties whose destruction can lead to damage which
would result in a financial loss to him. The principle states that an insurance claim cannot be valid unless
an insured person can prove that he has suffered a financial loss because the insured event has occurred.
3) Utmost good faith (uberima fides). A person applying for insurance is required to disclose all relevant
and material facts about the property being insured so as to help the insurance company assess its
suitability for insurance and calculate premium accurately. If a person deliberately conceals information, or

CPA Page 181

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

gives wrong information and it is later discovered that he did so, the insurance company has a right to
refuse to pay any claim.
4) Doctrine of proximate cause. This principle states that there must be a fairly close connection between
the cause of a loss and the actual risks insured against to enable an insured seek compensation. Thus if a
person insures his house against burning down by fire but the house is burnt down by lightning, insured
would not be entitled to any compensation as the cause of loss (lightening) is not directly related to the risk
(fire) insured against.
5) Subrogation This principle states that in event of a total loss, after an insurer has fully settled the claim,
the insurer acquires the rights that the insured had in the property destroyed. It implies that if any gain can
be made out of the loss, such gain now belongs to the insurer. For instance, if a person insured his car
against accident and it is later destroyed as a result of an insured risk, he would be entitled to claim the full
sum insured or the correct value of the car. If the destroyed car can be sold as scrap, any proceeds of such a
sale would belong to the insurance company.
3.A.5 REASONS FOR BUSINESS FAILURE
 Lack of focus - lack of achievable goals or trying to be/do everything (CPAAugl9 Qn6a)
 Lack of experience & poor management - lack of managerial skills
 Insufficient capital & limited sources of capital or funding
 Poor inventory management and/ or over-investment in fixed assets
 Poor credit arrangement and cash flow management
 Unexpected growth or misconceived overexpansion i.e. growing too quickly
 Lack of proper planning and strategic business management
 Poor location - business not strategically located for customers or cost reduction
 No performance monitoring - no progress reviews in line with staff & business targets
 Insufficient knowledge of the market & failure to appreciate technological advancements
 Tax bills and related statutory obligations e.g. trade licence fees, income tax, etc.
3.A.6 SOCIAL & ETHICAL RESPONSIBILITY - BUSINESS ETHICAL RESPONSIBILITIES
Ethical Practices for Start-ups' Success, as per Markkula Centre for Applied Ethics;
 Ethical start-ups recognize the ethical dilemmas that surround them in the first few months.
 The ethical entrepreneur anticipates the ethical tensions in day-to-day decisions.
 The ethical entrepreneur welcomes ethical questions and debates.
 The ethical entrepreneur is watchful about conflicts of interest.
 The ethical entrepreneur talks about the ethical values all the time.
 The ethical entrepreneur weeds out employees who don't embrace company's ethical values.
 The ethical entrepreneur looks for opportunities to engage the company in the community.
 The ethical entrepreneur takes ethical-stock occasionally.
 Ethical start-ups make ethics a core value of enterprise -must explicitly embrace doing business
ethically to counter the temptations to fudge various standards.
 Ethical entrepreneur renews commitment to ethical behavior -ethical behavior must be recast and
re-communicated periodically, preparing the company and its employees to deal with the ethical
dilemmas currently faced.

CPA Page 182

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

 The ethical entrepreneur finds early opportunities to make his or her ethical commitment real. For
instance, an ethical entrepreneur will have to refuse sending faulty financial data to the venture
capitalists, for reputation purpose.
Business' Social & Ethical Responsibilities to the Society (CPAJun2018 Qn6b)
►Efficient and effective utilization of resources. Business must utilize the available resources efficiently
and effectively for the satisfaction of society's needs. It should avoid destruction and overutilization of the
community resources through deforestation, overfishing and others.
►Promoting unity in the community. As a good citizen, an enterprise should strengthen the culture and
cohesion of the society where it operates. It should not discriminate for instance in its employment policies
basing on religion, race, gender or political affiliation. It should support community activities that promote
unity such as sports and games.
►Developing local amenities. A business is directly responsible for the development of local amenities
such as clean water, infrastructure, education, public health, housing and so on, in the town or area where it
operates.
►Maintaining a healthy and clean environment. Every business is responsible for maintaining a healthy
environment free from all types of pollution in the surrounding area and ensuring conservation of the
environment to minimise degradation.
►Providing opportunities for employment. A business can contribute to the wellbeing of local community
by providing employment to the people. This enables them to earn income and improve on their standard of
living.
►Providing goods and services. Business benefits the community by providing a variety of goods and
services to the local people. As a result the welfare of the people improves.
► Helping under privileged sections of the society. To fulfill its social responsibility, business can help the
under privileged sections of society such as widows, orphans, women and youths by providing them equal
opportunities for growth.
Social Responsibility of Business towards Shareholders (CPANov20l7 Qn7b)
 Fair return, in form of dividends and wealth maximization
 Keep enterprise stable and dynamic, with continuous business growth
 Effective use of shareholders fund, with improved financial performance
 Accurate and timely information ®° Follow all legal and procedural formalities, properly
 Pay regular returns and interest, pay interests regularly to debenture holders and financiers
 Raise public image for shareholders' benefit, business' responsibility to raise company's image
3.A.7 MARKET RESEARCH - MEANING, BENEFITS, PROCESS & MARKETING PLAN CONTENTS
Market research is the action or activity of gathering information about consumers' needs and
preferences, for further action.
Marketing research is "the process or set of processes that links the producers, customers, and end users to
the marketer through information used to identify and define marketing opportunities & problems;
generate, refine, and evaluate marketing actions; monitor marketing performance; and improve
understanding of marketing as a process.
Key Benefits of Market Research (CPAJim20l70nBa)
1) Understand where your customers are and plan ahead
2) Establish your market positioning, where you are and your reputation

CPA Page 183

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

3) Estimate the size of the market you can serve

4) Be clear on what your customers require, and identify opportunities in the marketplace
5) Identify and establish trends, for strategic planning
6) Identify and uncover potential problems, to minimise risks
7) Create a marketing plan to target them effectively
Five (5) Step Marketing Research Process
1) Define the Problem or Opportunity
2) Develop Your Research Plan
3) Collect Relevant Data and Information
4) Analyze Data and Report Findings
5) Take Action

Contents of a Marketing Plan

(i) Executive Summary
(ii) Current Marketing Situation (situational analysis)
(iii)Customer analysis
(iv) Competition and opportunity analysis
(v) Marketing objectives and strategies
(vi) Sales forecast

SECTION 3.B; CREATING OWN BUSINESS/SELF-EMPLOYMENT

3.B.1 MEANING & DEMERITS OF SELF-EMPLOYMENT
Self-employment is the act of generating one's income directly from customers through working, clients or
other organizations as opposed to being an employee of a business (or person). Self-employed people
generally find their own work rather than being provided with work by an employer, earning income from
a trade or business that they operate. In Uganda, government is placing more emphasis on clarifying
whether an individual is self-employed or engaged in disguised employment, often described as the
pretense of a contractual intra-business relationship to hide what is otherwise a simple employer-employee
relation.
Demerits/Challenges of Self-Employment (CPAJun2018 Qn6a)
■ Long and irregular hours of work, in a bid to achieve business success
■ Broad responsibilities, all business tasks are shouldered by one person
■ Must take risks individually, normally being a sole proprietorship
■ Unstable income, including losses and thus, financial difficulties
■ Uncertain future, due to loss of the source of livelihood
■ Hard to delegate work, since it's always a one-man's business
■ No fringe benefits, like medical, leave or transport in case of a one man business
■ High levels of stress, due to too much work/tasks done by one person
■ Lower quality of life, until the business gets established due to working long hours & hard work
■ Financial loss and financial ruin, in case of business failure

CPA Page 184

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

■ Discouragement, arising from different obstacles e.g. competition, unfavourable government policy,
limited market and others. Some of which appear to be insurmountable. In the face of such difficulties,
discouragement and disillusionment are common emotions.
■ Wanting decisions made, due to limited knowledge and skills possessed by sole proprietor
3.B.2 FACTORS TO CONSIDER FOR ACHIEVING BUSINESS GROWTH & SUCCESS
Factors to consider for New Business Success & Growth (CPA Jun20l8 Qn6b;Nov20l8Qn7b; May2019Qn6b)
 The idea & mind-set. The idea should be a developed & refined concept in order to exploit market
opportunities. Many people make the mistake of selecting a franchise based on what the business
does not what the person likes or where their passions lie
 The resources - which are important for setting up of the business & making it grow. Key resources
like finances, time availability, & skills especially people management skills
 Business model. A business model, simply put, is a plan for making a profit. New business owners
should know exactly where their profit comes from and how it can be enhanced over time by
increasing revenues, decreasing costs or both.
 Customer focus. Listening to feedback from customers is important in any business, but especially
for new companies whose reputations are being established in the marketplace.
 Workforce or people (founders & management team). Choosing right business partners and early-
stage employees is a critical success factor for new businesses. Employees in start-up companies
must be multi-talented, highly adaptable, committed to organizational success and willing to work
long hours for minimal pay, and willing to take on a range of duties beyond their job description
 Cost control & measures. Keeping costs under control is vital in new businesses that don't have
previous years' expense data to guide their budgeting & spending decisions. It's important to use
funds esp. borrowed money in the most productive & efficient manner.
 Leadership. The commitment & continuity of one or two individuals to lead and coordinate the
enterprise. Leaders or coordinators need to be able to work among all sectors (or types of partners)
from understanding the business aspects to building support at the community level, to negotiating
with government actors and markets.
 Partnership management. The ability to negotiate & maintain a core set of relationships for benefit
of the enterprise. Each partner's expertise & knowledge contribute to enterprise success. Many
skills needed in the business start-up can come from partners e.g. legal advice, technical &
engineering expertise, training, business planning, marketing, etc.
 Proof & clarity of innovative concept. Clear description, testing & external validation to
demonstrate that an idea has market potential. Recognition & Reward Programs can help to endorse
a concept i.e. giving an important signal that the idea has merit & opens opportunities with
investors which may otherwise have seen the enterprise as too risky.
 Business planning & marketing. Access to business planning & marketing skills or training
programs. Business plans should demonstrate that the enterprise is establishing objectives, products
and service lines; setting up supply chains; and identifying revenue targets, investment, financing
requirements & marketing strategies to meet those targets. Understanding what investors might be
looking for, and recognizing where there might be barriers to investment, is part of the larger skill
set necessary to grow the business.

CPA Page 185

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

 Triple bottom line planning. The conscious & deliberate alignment of economic benefits with social
and environmental benefits. When an enterprise identifies the desire to achieve economic, social
and environmental benefits from the outset, then the entrepreneurs needs to plan consciously,
proactively and in detail to achieve all three types of benefits.
 Community engagement. Long term success & sustainability lies with engagement of local
stakeholders & beneficiaries. Many communities are struggling with basic needs (food, shelter,
health, sanitation) & successful ventures will have helped the community to gain access to non-
enterprise related benefits e.g. health care, education, etc.
 Risk management. Demonstrated planning for mitigation of risks & externalities. Those enterprises
that anticipate and plan for risk often have an easier time of adapting to unforeseen complications or
problems which may arise. Those that plan only for the best are often surprised and unduly slowed
by the unexpected which inevitably occurs.
 Competition & market/demand. Before entering new business, information about market
competition needs to be found out e.g. their market strategy, factors required to compete, etc. In
case of monopoly, competition will not matter, otherwise, success of the business will depend upon
the demand and supply gap. Normally existing firms will always have an advantage due to the
experience they have and because they may be well equipped.
 Location. Deciding an optimum location for the business is a strategic & an important one. A good
location goes a long way in making the business successful. You can save out on taxes, water and
electricity costs if you are located in some areas. The raw materials can be easily sourced, the
manpower would be easily available and you can save out on transportation costs in case of certain
locations. Setting up a business in certain location could lead to subsidy & rebates from the
Government. In the case of a retail business one needs to be located in a well-populated area and
one which is easily accessible.
 Laws, Rules/& Regulation. Setting up a new business would require compliance with various laws
& regulations including tax laws in particular, statutory deductions like PAYE, NSSF, VAT, WHT,
etc. Each country is governed by separate laws and regulations which require that any new business
be registered with certain authorities and meets certain compliance. Non-compliance with the
statute could lead to huge fines & penalties, and this hampers the success of a new business.
 Return on Investment. Return on Investment (ROI) is calculated as Net Profit divided by the
Investment made. The ROI is low in the initial years and is expected to grow on a year on year
basis. The ROI needs to be compared with the return that would be earned from alternative business
options available. Similarly the Return on capital (ROCE) must be greater than the rate of interest
earned from a fixed deposit kept with bank or cost of debt.
 Technology. It is always better to invest in the best technology at the time of start-up itself. Post
investment, monitoring of the technology purchased is required. Technology would include
machinery as well as latest office equipment & software to monitor business.
3.B.3 GENERATING BUSINESS IDEAS & SPOTTING OPPORTUNITIES
A business idea - response of a person(s) or organization to solving an identified problem or to meeting
perceived needs in the environment (markets, community, etc.). Finding a good idea is the first step in
transforming entrepreneur's desire & creativity into business opportunity.
Sources of Business Ideas (CPA Aug20l7 Qn7a)
CPA Page 186

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

♦ Mass Media - such as Newspapers, Magazines, Television and the Internet, which are great sources
of information/ ideas.
♦ Personal skills and experience - work place experience is one of the main sources of business ideas.
A mechanic with experience of working in a large garage is likely to eventually sets up his / her
own car repair or used car business.
♦ Hobbies/Interests - e.g. travelling, sport, performance or hospitality, may make a person consider
going into the tourist trade - which is one of the largest industries in the world.
♦ Complaints - complaints & frustrations on the part of customers may lead to new products or v
services. Whenever consumers complain bitterly, there is a potential for business idea.
♦ Exhibitions & Trade Fairs - visiting exhibition & trade fairs may lead to discovery of new products
as well as meeting sales representatives, manufacturers, wholesalers, distributors & gents who can
give useful ideas/information & may help in getting started.
♦ Brainstorming - it's where several ideas are obtained from various stakeholders. Brainstorming is a
technique for creative problem-solving as well as for generating many ideas as possible e.g. "what
are the products needed in the home today which are not available?" Ideas generated can be
combined & improved to solve a particular problem.
♦ Surveys - formal or informal talking (using questionnaire, interviews or observation) to consumers,
suppliers, distributors & manufacturers, as it reveal some gaps in the market.
Methods of spotting opportunities (CPADec2016 Qn7a). Some are straightforward, entrepreneur may not
even realize that they are using them. They may be articulated in the form of;
 Heuristic or rule of thumb, (a) Analysis heuristics (breaking down the problem, to solve it) - a
problem solving method that seeks to break down the problem to solve it. Cognitive strategies that
entrepreneurs adopt in order to gain and integrate new information about the world, to understand
the patterns in this information and to spot market gaps, (b) Synthesis heuristics (building prototype
to solve the problem) - a problem solving method that seeks to solve a problem by building
prototype solutions. Using cognitive strategy to bring ideas developed from analysis back together
again in a new and creative way, generating a new perspective on customer needs and how they
might be addressed.
 Problem analysis - starts by identifying the needs that individuals or organizations have and the
problems that they face. What could be better? How might this be solved?
 Customer proposals
 Creative groups
 Market mapping - involves identifying dimensions defining a product category. Map may be used
to identify gaps in the market & specify type of product that might be used to fill them.
 Features stretching - involves identifying the principal features which define a particular product or
service and then seeing what happens if they are changed in some way.
 Features blending - involves identifying features which define particular products. Instead of just
changing individual features, however, new products are created by blending together features from
different product of services.

CPA Page 187

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

3.B.4 SELECTING TYPE OF ORGANISATION & OPPORTUNITY ASSESSMENT PLAN

Opportunity assessment plan – a short-term business plan, which focuses on opportunity rather than a
venture which relates to implementation of the opportunity. The opportunity assessment plan forms the
basis of making a decision as to whether to exploit/implement the spotted opportunity (thus, creating a
business/venture) or not.
Stages in selecting & assessing new business opportunities, (i) Spotting the opportunity, (ii) Locating it,
(iii) Measuring it, (iv) Opening it, (v) Moving through the opportunity, and (vi) Closing the
gap/opportunity. These are classified under 3 phases or 6 stages:
Phase 1: Scan the business environment (spotting the opportunity) and find out where the gaps or the
windows are (locating the opportunity).
Phase 3: Measure it (weighing the opportunity), make sure the opportunity is big enough to justify the
investment needed to open it (open the opportunity & move/implement it).
Phase 6: Closing the window (close the opportunity). If not, competitors will be able to follow through &
exploit the opportunity themselves. Closing builds competitive advantage
Contents of an Opportunity Assessment Plan (CPANov2017 Qn6b)
► Section one: Develops the product / service idea, analyses competitive products and companies, and
identifies the uniqueness of the idea in terms of its unique selling propositions.
► Section two: Focuses on the, market, that is, its size, trends, characteristics of the domestic /
international market, growth rate, market need filled, social conditions underlying the market need and any
market research data available to describe the market need.
► Section three: Focuses on the entrepreneur and the management team in terms of their background,
education, skills and experience.
► Section four: Develops time line indicating what steps need to be taken to successfully launch the
venture & translate idea into viable business. Focuses on identifying each step, determining sequence of
activities & putting these critical steps into some sequential order & others.
3.B.5 PROBLEMS (PITFALLS) IN SELECTING NEW VENTURES
Various challenges with selection & managing new businesses include amongst; (CPA Aug20IE CnEb)
■ Lack of objective evaluation & idea evaluation. Most failing ventures are established without adequate
background research & objective evaluation based on entrepreneur's interest.
■ No real insight into the market especially due to managerial shortsightedness which results into not
understanding life cycle of the product and profitability of the business
■ Inadequate understanding £)f technical requirements, which may result into failure to anticipate technical
difficulties, operational inefficiencies, and increased costs.
■ Poor financial understanding, which may result into underestimating the cost and resulting into financial
problems e.g. financial losses.
■ Lack of venture uniqueness. A good new venture should be unique, performance of its services should be
superior to competitive offerings, should consider product differentiation, & customers' awareness of
difference
■ Ignorance of legal issues e.g. legal requirements, safe working environment, reliable & safe products,
patent rights, trade marks, copy rights, etc.

CPA Page 188

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

3.B.6 THE VENTURE LIFE CYCLE - STAGES OF BUSINESSES GROWTH

Modern Business Life Cycle - stages for big ventures (CPA Aug206 Qn6a; Aug19 Qn7a)

i. Seed or Pre-venture or Idea stage. The seed stage of business life cycle is when the business is just a
thought or an idea. This is the very conception or birth of a new business. The biggest challenge is
overcoming market acceptance and pursue one niche opportunity. Focus should be on matching the
business opportunity with staff skills, experience and passions. Other focal points include: deciding on
a business ownership structure, evaluating the business idea, generating the business model followed
by proof of concept. The major skill and knowledge required are; idea generation, opportunity
evaluation, research, proof of concept, customer care, networking, knowledge of financial & cash flow
management.
ii. Start-Up (Raw start-up) stage. The business is born and now exists legally. The venture is born and
now exists legally once the venture has decided on a business ownership structure, the focus is now on
finding professional advisors, and business planning related to market research, product development.
The entrepreneurial requirement will be; getting first customers, product development (experimenting
& rapid prototyping of product), raising money, setting milestones, test business hypothesis, &
registering business as legal entity.
iii. Growth (early start-up) stage. Revenues and customers are increasing with many new opportunities
and issues. Profits are strong, but competition is surfacing. The biggest challenge for growth
companies face is increased volume of business activities, need for formal structures, increased
staffing needs, complex communication channels, etc. The venture in the early start-up life cycle stage
faces the main challenge not to burn through what the little cash it has. The entrepreneur needs do a
reality check to see if the business is on the right track and the product match the needs of the
customer. The focus should be on; identifying target market segment, refining product/service,
increase sales & customers, achieve cash-flow positive state sustainability, institutionalize tracking
cash-flow, pricing model & maintaining financial records/statements.
iv. Established stage. The business has now matured into a thriving company with a place in the market
and loyal customers. Sales growth is not explosive but manageable. Business life has become more
routine. The biggest challenge is far too easy to rest on one's laurels (achievements) during this life
stage. One has worked hard & earned a rest but marketplace is relentless and competitive in addition
to issues like the economy, competitors or changing customer tastes, which can quickly end all one's
hard-work. Focus should be on improvement & productivity via better business practices, automation
and outsourcing.
v. Expansion stage. This life cycle is characterized by a new period of growth into new markets and
distribution channels. This stage is often the choice of the business owner to gain a larger market share

CPA Page 189

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

and find new revenue and profit channels. The biggest challenge is that moving into new markets
requires the planning and research of a seed or start-up stage business. Focus should be on businesses
that complement one's existing experience and capabilities. Moving into unrelated businesses can be
disastrous. Focus should be on adding new products or services to existing markets or expand existing
business into new markets & customer types
vi. Mature stage. The venture matures into a thriving company with a place in the market and loyal
customers, as sales & profits tend to be stable. However competition remains fierce. Eventually sales
start to fall off and a decision is needed whether to expand or exit the company. The biggest
challenged the mature stage of the life cycle relate to "dropping-sales, profits, and negative cash flow.
The biggest issue is how long the business can support a negative cash flow. Focus should be on
searching for new business opportunities. Cutting costs and finding ways to sustain cash flow are vital
for the mature stage.
vii. Exit or Death or Decline stage. This is the big opportunity for one's business to cash out on all the
effort and years of hard work. Or it can mean shutting down the business. The biggest challenge is that
selling a business requires one's realistic valuation. It might have been years of hard work to build the
company, but what is its real value in current market place. Focus should be on getting proper
company's valuation based on operations, management & competitive barriers to make the company
worth more to the buyer.
3.B.7 FINANCING SOURCES, RISK ANALYSIS & EVALUATION OF NEW VENTURES
Sources of capital (Internal & external) (CPA Aug2017 Qn6b; May20I9 Qn7.i)
■Entrepreneur's own capital/savings ■Informal investors
■Internal networks (friends/relatives) ■Retained capital (earnings)
■Retail banking ■Corporate banking
■Government s ■Commercial partnerships
■Micro-finance f y ■Public flotation - offering shares to public
Business suppliers (trade credit) ■Asset-based lending (lease financing)
■Business angels (esp. individuals/small groups who offer up their own capital - owns shares)
■Venture capital (esp. firms seek investment opportunities with high rate of return in already established
businesses (unlike venture capital for start-ups), and focuses on securing high involvement in decision
making without owning shares).
Business/Financial/Credit Risks Assessment Tools (CPA Nov20l8 Qn7b)
Sensitivity analysis. This tests how sensitive the predicted performance outcome is to each of these
assumptions. It allows each of these assumptions underlying a particular strategy to be questioned and
challenged. It also seeks what would be the effect on performance of variations on these assumptions. This
helps an entrepreneur to develop a clear picture of the risks of making particular strategic decisions and
degree of confidence managers might have in a given decision.
Break-even analysis. This allows variations in assumptions about key variables in a strategy to be
examined. It demonstrates at what point in terms of revenue the business venture will cover it's fixed and
variable costs and therefore break even. It is used for assessing the risks associated with different price and
cost structures of strategies.
Financial or investment evaluation or ratio analysis. Business returns are assessed using return on
capital employed the payback period and discounted cash flow. There are no absolute standards to

CPA Page 190

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

constitute good or poor returns. It is important to establish what return is seen as acceptable by which
stakeholders since it varies between industries, countries, and stakeholders. Stakeholders value analysis.
This analysis poses very directly the question, "Which proposed strategies would most increase shareholder
value?" The measures to be used include: Total Shareholder Return (TSR) and Economic Value Added
(EVA) or economic profits. This has helped to address some of the shortcomings of traditional financial
analysis by giving greater realism and clarity to otherwise vague claims for strategic benefits.
Cost-benefit analysis. The concept suggests that money value should be put on all the costs and benefits of
a strategy including tangible and intangible returns to people and organizations other than the one
sponsoring the project or strategy. This forces managers to be explicit about the various factors that
influence strategic choice. Disagreements on value attached to costs or benefits are compromised on
common grounds by comparing the merits of the various departments.
Real options. There are situations where the strategic benefits and opportunities only become clear as
implementation proceeds. For instance, there could be other outcomes of a failed project such as the
research could create new knowledge or provide a platform from which other products or process
improvements spring up. So real options approach is a strategy seen as a series of real options, that is,
opportunities at points in time as the strategy takes shape. It is more useful where a strategy can be
structured in the form of options.
Other Tools used in Risk Assessment of a business venture include;
1) Credit analysis is the method by which one calculates the creditworthiness of a business or
organization. Thus, the evaluation of the ability of a company to honor its financial obligations. Credit
analysis involves a wide variety of financial analysis techniques, including ratio and trend analysis as well
as the creation of projections and a detailed analysis of cash flows. Credit analysis also includes an
examination of collateral and other sources of repayment as well as credit history and management ability.
Analysts attempt to predict the probability that a borrower will default on its debts, and also the severity of
losses in the event of default.
2) Enterprise Risk Management (ERM) -process of planning, organizing, leading, and controlling the
activities of an organization in order to minimize the effects of risk on an organization's capital & earnings.
For business growth & success, all businesses including new businesses need to assess relevant risks and
establish appropriate strategies to mitigate them. This can be easily done through enterprise risk
management (ERM). ERM in business includes "the methods and processes used by organizations to
manage risks and seize opportunities related to achievement of their objectives". ERM provides a
framework for risk management, which typically involves identifying particular events/circumstances
relevant to organization's objectives (risks & opportunities), assessing them in terms of likelihood &
magnitude of impact, determining a response strategy, and monitoring progress.
3) Documentation reviews (inspection). The standard practice to identify risks by reviewing client or
project related documents such as strategic plan, policies, lessons learned, articles, etc.
4) Interviewing. An interview is a meeting of people face to face, especially for consultation. An interview
is conducted with audit client's management, client's staff, project participants, stakeholders, experts, etc.,
to identify risks.
5) Brainstorming. This is the group discussion to produce ideas or solve problems. It's normally done with
a group of people who focus on identification of risk for the audit client or project.

CPA Page 191

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

6) Delphi technique. A team of experts is consulted anonymously. A list of required information is sent to
experts, responses are compiled, & results are sent back to them for further review until a consensus is
reached.
7) SWOT analysis. The analysis based on 4 dimensions; strengths, weaknesses, opportunities and threats.
Client/project's strengths & weaknesses are identified to determine risks.
8) Risk register tool. A risk register is a living document that is updated regularly throughout the life cycle
of the project (audit engagement). It becomes a part of project documents and is included in the historical
records that are used for future projects. The risk register includes: List of risks, List of potential responses,
Root causes of risks, and Updated risk categories.
9) Probability and impact matrix. The matrix helps in identifying those risks which require an immediate
response. The matrix may be customized according to the needs of client/project. Most companies do have
a standardized template for this matrix & project managers could leverage those templates as well.
10) Risk data quality assessment. Data is collated for the identified risks. The project manager will try to
find the precision of the data that must be analyzed for completing the qualitative analysis of risks. For
each risk, in risk data quality assessment, the project manager needs to determine: extent of understanding
of the risk, data available, quality and reliability of the data, and integrity of the data.
3.B.8 ACCOUNTING & FINANCIAL MANAGEMENT OF ENTREPRENEURIAL VENTURES
Business Financial Planning
Financial planning is the task of determining how a business will afford to achieve its strategic goals &
objectives. Usually, a company creates a Financial Plan immediately after the vision & objectives have
been set. Financial Plan describes each of activities, resources, equipment and materials that are needed to
achieve these objectives, as well as the timeframes involved. The Financial Planning activity involves the
following tasks;
 Assess the business environment
 Confirm the business vision and objectives
 Identify the types of resources needed to achieve these objectives
 Quantify the amount of resource (labor, equipment, materials)
 Calculate the total cost of each type of resource
 Summarize the costs to create a budget
 Identify any risks and issues with the budget set
Analysing & Managing Finances
Financial analysis (financial statement analysis or accounting analysis or analysis of finance) refers to an
assessment of the viability, stability and profitability of a business, sub-business or project. It is performed
by professionals who prepare reports using ratios that make use of information taken from financial
statements and other reports, usually to management for decision making. Financial analysis may
determine if a business will:
 Continue or discontinue its main operation or part of its business
 Make or purchase certain materials in the manufacture of its product
 Acquire or rent/lease certain machineries and equipment in the production of its goods
 Issue stocks or negotiate for a bank loan to increase its working capital
 Make decisions regarding investing or lending capital

CPA Page 192

Downloaded by Okot David (okotdavid770@gmail.com)

 lOMoARcPSD|30192311

EXCEL PROFESSIONAL TRAINERS (EPT) , CPA P12 auditing and Professional Ethics & Values

 Make other decisions that allow management to make an informed selection on various alternatives
in the conduct of its business.
Accounting & Record Keeping
The types of accounting records, financial records, information &/ or relevant documents a new business
needs to keep for accounting and tax purposes include the following;
►Business expenses ► Bank statements
►Annual tax returns ► Quarterly tax filings
►Payroll ► Inventory details
►Sales ► Income or revenue
►Petty cash ► Vehicle use log
►Invoices ► Canceled checks
►Cheque book register ► Purchase orders
Employment applications ► Emails & other business correspondences
Personnel records ► Accident reports
Articles of incorporation ► Permits
Licenses ► Trademark registrations and patents
Importance of Book Keeping to an Entrepreneur (CPA Nov2017 Qn7a)
Financial performance evaluation -records help in calculating profits or losses
Reference point -information from book keeping acts as a centre of reference
Helps in tracking credit dealings -trail of credit transactions or balances receivables
Provides information for research purposes - basis for economic statistics for research
Acts as a tool for control -saves the owner from losses caused by lack of proper records
Solves disputes among business partners-esp where owners are separate from management
Acts as a tool for planning -done better with information concerning sales stock, purchases, etc.
Acts as a base for taxation -records of the business kept act as a base for tax charge/liability
Helps in obtaining loan from financiers-records used to determine borrower's capacity
Evaluation of a Business Venture - Components of new-venture motivation; (CPANov2018 Qn7a)
►Business goals & objectives ► Management's competence & succession plan
►Initial/start-up costs (capital) ► Source of finances, & need/cost of borrowing
►Registration/legal requirements ► The need for independence - level of control
►The need for personal development ► Welfare (philanthropic) considerations
►Perception of wealth (attitude & interest) ► Taxes - tax policies, indirect benefits, etc.
How to Manage Financial Resources for Business Growth (CPA Aug2018Qn7b; N0v2018 Qn6a)
 Managing cash flow - need to have regular up-to-date assessment of inflows & outflow of cash
 Managing inventory - need to avoid holding too much inventory to drain cash or avoid stock out
 Managing non-current assets - planning funding of capital expenditures e.g. leasing alternative
 Manage costs and profits - establish cost standards & compute net income for interim periods
 Taxes - requirement to budget, withhold and pay employee related taxes
 Record keeping - using software package or employ professional accountants

…End Bless You...

***********Good Luck As You Reap What You Sow************

CPA Page 193

Downloaded by Okot David (okotdavid770@gmail.com)