IAU300 – Semester 1 Notes
Contents
LA 1: Chapter 2 (AAAP): Governance.............................................................................. 3
1. Introduction ................................................................................................................. 3
2. History/ Development ................................................................................................. 3
3. Governance and stakeholders .................................................................................. 3
4. Governance and theories .......................................................................................... 3
5. Defining governance .................................................................................................. 4
6. Approaches ................................................................................................................. 4
7. GOVERNANCE Structures ........................................................................................... 5
8. Role of assurance ........................................................................................................ 6
9. Three lines of defence model .................................................................................... 7
10. Combined Assurance ............................................................................................... 9
11. Information technology governance ...................................................................... 9
12. Sarbanes-Oxley Act of 2002 ..................................................................................... 9
LA 2: Chapter (PIAE): IT Controls ...................................................................................... 11
4. Application controls .................................................................................................. 15
5. Master files ................................................................................................................. 18
6. Specific computer environments............................................................................. 18
7. ICT Governance ........................................................................................................ 19
LA 3.1: Chapter 3 + 4 (PIAE): Risk Based Auditing .......................................................... 20
1. Definitions ................................................................................................................... 20
2. Roles/ Responsibilities ................................................................................................ 20
3. Approach .................................................................................................................. 20
4. Example ..................................................................................................................... 21
LA 3.2: Chapter 9 (AAAP): Sustainability ......................................................................... 22
1. introduction ............................................................................................................... 22
2. Sustainable development ........................................................................................ 22
3. Sustainability report – Key performance areas ....................................................... 22
4. ESG Reporting ............................................................................................................ 22
5. Integrated reporting ................................................................................................. 23
6. Sustainability reporting .............................................................................................. 23
7. environment .............................................................................................................. 24
8. environmental audit ................................................................................................. 25
9. types of environmental audit engagements .......................................................... 26
LA 3.3: Chapter 3+4 (PIAE): Financial Audit .................................................................... 26
1
, 1. Introduction ............................................................................................................... 27
2. revenue/ receipts ...................................................................................................... 27
3. purchases/ payments ............................................................................................... 29
LA 3.4: Chapter 6 (AAAP): Forensic Auditing ................................................................. 31
1. Introduction ............................................................................................................... 31
2. Fraud vs Corruption ................................................................................................... 31
2. Management’s role/ responsibility .......................................................................... 32
3. Considerations for assurance providers .................................................................. 32
4. Fraud risk management – Deterrence cycle .......................................................... 33
LA 3.5: Chapter 3 (AAAP): Performance audit .............................................................. 34
1. Introduction ............................................................................................................... 34
2. Operational audit ..................................................................................................... 34
3. Criteria ........................................................................................................................ 35
4. Internal vs Performance auditing............................................................................. 35
5. Advantages vs Disadvantages ................................................................................ 36
6. Analyses ..................................................................................................................... 36
7. Management actions ............................................................................................... 36
8. Process ....................................................................................................................... 37
2
,LA 1: Chapter 2 (AAAP): Governance
1. INTRODUCTION
From 1980s → Increased need for effective governance
Factors → Corporate failure/ mismanagement
contributing → Consideration for all stakeholders
to need → Consideration for investors
→ Need to restore investors’ confidence
2. HISTORY/ DEVELOPMENT
Derived from → Gubernare: to steer
→ Directing/ controlling to get to desired place
Governing → Responsible to direct/ control entity/ country
body → Board of Directors/ parliaments/ councils
Development → Mismanagement/ intentional fraud still occurs
→ Governance continues to evolve in response
3. GOVERNANCE AND STAKEHOLDERS
Definition → Anyone involved/ has interest in organization
Inclusive → Recognizing responsibility to all stakeholders
approach
Exclusive → Recognizing responsibility towards shareholders
approach
Examples 1. Shareholders/ Investors
2. Board of Directors
3. Management
4. Assurance providers
5. Employees
6. Customers
7. Lenders
8. Suppliers
9. Government
10. Society/ Local communities
Conflict → Shareholders: highest return on investment
→ Management: good performance
→ Employees: higher salaries/ wages
→ Suppliers: charge highest price
→ Customers: pay lowest price
Effective → Balancing of conflicts in effective/ ethical manner
governance
4. GOVERNANCE AND THEORIES
Theory → Possible explanation for experiences/ events
Agency → Goals of principle and agent in conflict (own agendas)
→ Principles: Shareholders
→ Agents: Managers
→ Exclusive
3
, Stakeholder → Interests of more parties need to be considered
→ Inclusive
5. DEFINING GOVERNANCE
Definition → Exercise of ethical/ effective leadership by governing body
to achieve
− Ethical culture
− Good performance
− Effective control
− Legitimacy
Characteristics → Process that consists of balances/ checks
→ Includes financial aspects
→ Unique structure to each organization
→ Lead by directing rather than controlling
→ BoD/ management should drive these processes/ systems
→ Governing body’s responsibility
− Providing strategic direction
− Ensuring objectives achieved
− Ascertaining risks managed appropriately
− Verifying resources used responsibly
Importance → Stakeholders rely on effectiveness of governance
→ Good governance reduces risk of failure
→ Investors will pay premium for good governance
6. APPROACHES
Principles- → Voluntary
based → E.g., King IV
Discipline commitment by management to adhere to
correct/ proper behaviour
Transparency how effective management is at making info
available in candid/ accurate/ timely manner
Independence extent to which mechanisms have been put in
place to minimize conflicts of interest
Accountability query/ evaluate actions of those charged with
governance
Responsibility allows for corrective action/ penalizing
mismanagement
Fairness rights of all stakeholders should be
acknowledged/ respected
Social aware of social issues/ prioritize ethical standards
responsibility
Rules- → Compulsory – non-compliance: damaged reputation/ financial
based losses
Companies - Chapter 2C: transparency/ accountability
Act - Chapter 2F: shareholders/ BoD
- Chapter 3C: external auditor
- Chapter 3D: audit committee
PFMA - management of public service organisations
MFMA - management of municipalities
4
Contents
LA 1: Chapter 2 (AAAP): Governance.............................................................................. 3
1. Introduction ................................................................................................................. 3
2. History/ Development ................................................................................................. 3
3. Governance and stakeholders .................................................................................. 3
4. Governance and theories .......................................................................................... 3
5. Defining governance .................................................................................................. 4
6. Approaches ................................................................................................................. 4
7. GOVERNANCE Structures ........................................................................................... 5
8. Role of assurance ........................................................................................................ 6
9. Three lines of defence model .................................................................................... 7
10. Combined Assurance ............................................................................................... 9
11. Information technology governance ...................................................................... 9
12. Sarbanes-Oxley Act of 2002 ..................................................................................... 9
LA 2: Chapter (PIAE): IT Controls ...................................................................................... 11
4. Application controls .................................................................................................. 15
5. Master files ................................................................................................................. 18
6. Specific computer environments............................................................................. 18
7. ICT Governance ........................................................................................................ 19
LA 3.1: Chapter 3 + 4 (PIAE): Risk Based Auditing .......................................................... 20
1. Definitions ................................................................................................................... 20
2. Roles/ Responsibilities ................................................................................................ 20
3. Approach .................................................................................................................. 20
4. Example ..................................................................................................................... 21
LA 3.2: Chapter 9 (AAAP): Sustainability ......................................................................... 22
1. introduction ............................................................................................................... 22
2. Sustainable development ........................................................................................ 22
3. Sustainability report – Key performance areas ....................................................... 22
4. ESG Reporting ............................................................................................................ 22
5. Integrated reporting ................................................................................................. 23
6. Sustainability reporting .............................................................................................. 23
7. environment .............................................................................................................. 24
8. environmental audit ................................................................................................. 25
9. types of environmental audit engagements .......................................................... 26
LA 3.3: Chapter 3+4 (PIAE): Financial Audit .................................................................... 26
1
, 1. Introduction ............................................................................................................... 27
2. revenue/ receipts ...................................................................................................... 27
3. purchases/ payments ............................................................................................... 29
LA 3.4: Chapter 6 (AAAP): Forensic Auditing ................................................................. 31
1. Introduction ............................................................................................................... 31
2. Fraud vs Corruption ................................................................................................... 31
2. Management’s role/ responsibility .......................................................................... 32
3. Considerations for assurance providers .................................................................. 32
4. Fraud risk management – Deterrence cycle .......................................................... 33
LA 3.5: Chapter 3 (AAAP): Performance audit .............................................................. 34
1. Introduction ............................................................................................................... 34
2. Operational audit ..................................................................................................... 34
3. Criteria ........................................................................................................................ 35
4. Internal vs Performance auditing............................................................................. 35
5. Advantages vs Disadvantages ................................................................................ 36
6. Analyses ..................................................................................................................... 36
7. Management actions ............................................................................................... 36
8. Process ....................................................................................................................... 37
2
,LA 1: Chapter 2 (AAAP): Governance
1. INTRODUCTION
From 1980s → Increased need for effective governance
Factors → Corporate failure/ mismanagement
contributing → Consideration for all stakeholders
to need → Consideration for investors
→ Need to restore investors’ confidence
2. HISTORY/ DEVELOPMENT
Derived from → Gubernare: to steer
→ Directing/ controlling to get to desired place
Governing → Responsible to direct/ control entity/ country
body → Board of Directors/ parliaments/ councils
Development → Mismanagement/ intentional fraud still occurs
→ Governance continues to evolve in response
3. GOVERNANCE AND STAKEHOLDERS
Definition → Anyone involved/ has interest in organization
Inclusive → Recognizing responsibility to all stakeholders
approach
Exclusive → Recognizing responsibility towards shareholders
approach
Examples 1. Shareholders/ Investors
2. Board of Directors
3. Management
4. Assurance providers
5. Employees
6. Customers
7. Lenders
8. Suppliers
9. Government
10. Society/ Local communities
Conflict → Shareholders: highest return on investment
→ Management: good performance
→ Employees: higher salaries/ wages
→ Suppliers: charge highest price
→ Customers: pay lowest price
Effective → Balancing of conflicts in effective/ ethical manner
governance
4. GOVERNANCE AND THEORIES
Theory → Possible explanation for experiences/ events
Agency → Goals of principle and agent in conflict (own agendas)
→ Principles: Shareholders
→ Agents: Managers
→ Exclusive
3
, Stakeholder → Interests of more parties need to be considered
→ Inclusive
5. DEFINING GOVERNANCE
Definition → Exercise of ethical/ effective leadership by governing body
to achieve
− Ethical culture
− Good performance
− Effective control
− Legitimacy
Characteristics → Process that consists of balances/ checks
→ Includes financial aspects
→ Unique structure to each organization
→ Lead by directing rather than controlling
→ BoD/ management should drive these processes/ systems
→ Governing body’s responsibility
− Providing strategic direction
− Ensuring objectives achieved
− Ascertaining risks managed appropriately
− Verifying resources used responsibly
Importance → Stakeholders rely on effectiveness of governance
→ Good governance reduces risk of failure
→ Investors will pay premium for good governance
6. APPROACHES
Principles- → Voluntary
based → E.g., King IV
Discipline commitment by management to adhere to
correct/ proper behaviour
Transparency how effective management is at making info
available in candid/ accurate/ timely manner
Independence extent to which mechanisms have been put in
place to minimize conflicts of interest
Accountability query/ evaluate actions of those charged with
governance
Responsibility allows for corrective action/ penalizing
mismanagement
Fairness rights of all stakeholders should be
acknowledged/ respected
Social aware of social issues/ prioritize ethical standards
responsibility
Rules- → Compulsory – non-compliance: damaged reputation/ financial
based losses
Companies - Chapter 2C: transparency/ accountability
Act - Chapter 2F: shareholders/ BoD
- Chapter 3C: external auditor
- Chapter 3D: audit committee
PFMA - management of public service organisations
MFMA - management of municipalities
4
