Business Level – 2

AUDIT, BUSINESS PROCESSES AND DIGITALIZATION

Pilot Paper

Instruction to candidates

1) Time Allowed 2 Hours

2) Total 100 marks

3) 50 Questions. All Questions are compulsory

4) All answers should be in ONE Language and the medium applied for

1.” Corporate Governance” is best described as?

A The system by which companies assess business risks. B The system by which companies prepare financial statements. C The system by which companies are directed and controlled. D The system by which stakeholders are engaged by business organizations.

2. Which of the following is not a “duty and responsibility “ of Audit committee of a businessorganization?

A Review and Monitor external auditor’s independence and objectivity. B Review significant financial reporting Judgements. C Be responsible for reappointment of external auditor D Assuring confidentiality to whistle-blowing employees.

3.Which of the following would impair the independence of “Non-Executive Directors (NED)” ?

(1) Representing a significant shareholder.(2) Serving longer than nine years in the board.(3) Employment with the company in the two years preceding appointment(4) Close family ties with significant shareholder

A.(1), (2) and (4) B.(1) and (2) C.(1), (2) and (3) D. (1),(2).(3),(4)

4. Which of the following are included as responsibilities of the directors in respect of riskmanagement and internal control in “The Code of Best Practice on Corporate Governance (2017)?

(1) The board should ensure that the internal control system provides absolute assuranceregarding the achievement of the company's objectives.(2) The board of directors should have a process of risk management and maintain a soundsystem of internal control to safeguard the investments of the shareholders and the company'sassets.(3) The board should review the risk management system and design and operating effectivenessof the system of internal control annually.(4) The board should review annually whether the company requires an internal audit function

A (1) and (2) B (3) and (4) C (1) and (4) D (2) and (3)

5. Which of the following documents should be matched with each other when making a

payment to a supplier?

A. Supplier invoice, purchase requisition and GRN

B. Purchase requisition, purchase order and GRN

C. Purchase order, supplier invoice and purchase requisition.

D. Supplier invoice, purchase order and GRN

6. Which of the following best describes an internal control system?

A. Process put into effect by internal auditors of an organization.B. Processes to provide absolute assurance about the achievement of the organisation'sobjectives including operational effectiveness, reliability of financial reporting and compliancewith laws and regulationsC. Processes to provide reasonable assurance about the achievement of the organisation'sobjectives including operational effectiveness, reliability of financial reporting and compliancewith laws and regulationsD. Processes introduced to ensure that frauds and errors will not take place

7. An issue note, a gate pass and a delivery note are raised for each sale and are checked with

the customer order and the packing list. Which of the following is the risk addressed by the above

procedure relating to the sales process?

A. Risk of selling products at a price lower than the standard selling price.

B. Risk of an excess or a shortage in the quantity delivered

C. Risk of delay in delivering products.

D. Risk of supplying damaged goods

8. Why is it important to reconcile suppliers’ statements to their payables account record?

A. To identify long overdue invoices and settle them.B. To identify all invoices and inventories received from suppliers.C. To ensure that all suppliers are settled on due dates.D. To identify discrepancies between the payables ledger and what the supplier says is owed

9. To prevent a non-existent employee being added to the employee master file in order to payhim/her fraudulently, the master file should be checked against:

A Detailed payroll B Payroll summary C Appointment letters D Resignation letters

10. THARU Plc has been in the business of retail trade and has 50 shopping outlets under the

brand name “Western food City”. The management of the company is keen to increase the range

of assignments that the company’s internal audit should undertake.

Which of the following assignments could the internal audit department be asked to perform by

management?

A. Asist the external auditors by requesting bank confirmation letters.

B. Provide advice on the implementation of new ERP system of the company.

C. Undertake 'mystery shopper' reviews, where they enter the store as a customer, purchase goods and rate the overall

shopping experience

D. Review the company’s financial statements on behalf of the board.

11. Application controls are manual or automated procedures that operate over accountingapplications to ensure that all transactions are complete and accurate. Which two of thefollowing are application controls?

(1) Password protection controls(2) Existence checks(3) One for one checking(4) Regular back up of programsA (1) and (4)B (3) and (4)C (1) and (2)D (2) and (3)

12. Which TWO of the following controls in a purchase process could be implemented to reduce

the risk of payment of goods not received?

1 Purchase requisitions are sequentially numbered and sequence checked.

2 Goods received notes are matched with purchase order and the invoices.

3 Goods are agreed to purchase order before being accepted.

4 Inventory system is updated daily.

A.1 and 2

B.2 and 3

C.2 and 4

D.3 and 4

13. When using CAAT’s, the auditor may use test data or audit software. Which of the following

best describes test data?

A. Scrutinizing large volumes of transactions to increase the efficiency of the audit

B. Testing the inputs and outputs of the client’s systems

C. Testing the computerized controls operating within the client’s systems

D. Scrutinizing the source code of the system for errors in programming

14. Which of the following types of internal controls, does a small limited liability company

normally have particular difficulty in implementing satisfactorily?

(1) Segregation of duties.

(2) Performance reviews.

(3) Information processing.

A.(1) only

B.(2) only

C.(3) only

D.(1) ,(2) and (3)

15. Which of the following safeguards could be implemented to address a self-review threat to

objectivity?

1 Separate teams with separate reporting lines

2 Rotation of team members

3 Independent quality control reviews

4 Information restriction among members of staff.

A.1 and 3

B.1 and 4

C.2 and 4

D.3 and 4

16. Which of the following statements is false in respect of the impact of digitalization onauditing?

A.The emergence of data analytics and big data has increased audit riskB. Audit Data Analytics (ADA) help test larger samples more quicklyC. Robotic Process Automation (RPA) can be used to help efficiently extract data to be used bythe auditorsD. Robots can run controls testing for standardized controls

17. Which of the following is the most appropriate definition of the external audit?

A. The external audit provides negative assurance on the truth and fairness of a company'sfinancial statements.B. The external audit is an exercise carried out in order to give an opinion on the effectiveness ofa company's internal control system.C. The external audit is performed to identify areas of deficiency within a company and to makerecommendations to mitigate those deficiencies.D. The external audit is an exercise carried out by auditors in order to give an opinion on whetherthe financial statements of a company provide true and fair view.

18. You are the partner in charge of the audit of Tharuka Fashions (Pvt) Limited for the year ended31st March 2019. Accountant of Tharuka Fashion has left the company on 20th March 2019. As aresult the management has requested you to prepare the financial statements of the companybefore auditing them. What type of threat might this give rise to?

A A self-interest threat B. A familiarity threatC . A self-review threatD . An intimidation threat

19. Which of the following is the correct definition of 'integrity' in accordance with the code ofethics of the Institute of Chartered Accountants of Sri Lanka?

A To not allow bias, conflicts of interest or undue influence of others to override professional or business judgements B. To maintain professional knowledge and skill at the level required to ensure that a client oremployer receives competent professional services.C To comply with relevant laws and regulations and avoid any action that discredits theprofessionD To be straightforward and honest in all business and professional Relationships

20. Ruwan who is a Chartered Accountant, is the accountant of Nethu Plc. He has agreed torequest made by his chairman to falsify accounting records to increase the profits of his company.Which is the most likely fundamental principle Ruwan is breaching?

A. Professional CompetenceB. IntegrityC. ObjectivityD. Confidentiality.

21. You have been the engagement partner of the audit of Nethu PLC continuously for nine years.The company has requested you to undertake the audit of the company accounts for 10th timebeing the engagement partner for the year ended 31st March 2020 as well. Which of the followingsafeguards should be implemented by you in order to comply with Code of Ethics of the Instituteof Chartered Accountants of Sri Lanka ?

A. An independent review partner should be appointed to the audit of accounts for the year ended 31st March 2020.B. You should resign from being the audit engagement partner but may serve as a quality control reviewer.C. Your firm should not undertake the 2019/2020 audit of Nethu PLC D. You should resign from being the audit engagement partner and should not serve as quality control reviewer.

22. Which of the following must be included in an audit engagement letter?

(i) Objectives and scope of the audit(ii) Auditor’s responsibilities(iii) Basis on which the fee is calculated(iv) Management’s responsibilitiesA (i) and (ii) onlyB (i), (ii) and (iv)C (i), (iii) and (iv)D (ii), (iii) and (iv)

23. Hiru PLC is in the process of acquiring Tharu PLC. The management of Tharu PLC intends to

obtain a report on the financial risk, prospects and forecasts Tharu PLC for the nine months

ended 31st December 2019 from a firm of Chartered Accountants. The most appropriate service,

the firm of Chartered Accountants can provide is:

A. Financial audit for the period.

B. Factual finding report for the period.

C. Compilation of financial statements for the period.

D. Financial due diligence for the period

24. The auditors of Tharu PLC obtained direct confirmations from selected trade debtors

appearing in the statement of financial position as at 31 March 2019. Which of the following

financial statement assertion(s) is/are covered by the above procedure?

A. Rights & obligations and existence.

B. Existence only.

C. Existence, valuation & allocation and occurrence.

D. Completeness, rights & obligations and existence.

25. Sampath is the Chief Financial Officer (CFO) of Colombo PLC. He is entitled to a bonus based

on the annual profit of the company. Which of the following is the likely threat he may be facing

as a result of this?

A. Self-review threat

B. Advocacy threat

C. Self-interest threat

D. Familiarity threat

26. Which of the following would be the most appropriate method of evaluating whether the

supplier is reliable?

A. Ask the supplier to confirm in writing that he will fulfill the terms of the agreement

B. Ask the supplier to provide samples of the goods

C. Ask the supplier to provide references from other customers

D. Ask the supplier to provide a reference from his bank

27. You are the senior in charge of the audit of Rathnapura Gems (Pvt) Limited. Which of the

following audit tests provides the most reliable audit evidence relating to the value of gem stock

appearing in the statement of financial position of the company as at 31st March 2019.

A. Obtaining a confirmation from management.

B. Obtaining an expert’s opinion.

C. Physical verification of gem stock.

D. Comparing values with the market prices.

28. The procedure that helps the auditor to understand the entity and determine the key areas

more susceptible to material misstatements during the audit is known as;

A. Substantive Procedures

B. Substantive Analytical Procedures

C. Risk assessment procedure

D. Audit planning procedures

29. Which of the following is the level of assurance provided by the auditor in an external audit

engagement?

A. Moderate assurance

B. High, but not absolute assurance

C. Absolute assurance

D. Negative assurance

30.Audit evidence should be ………………. and ………………. to enable the auditor to reach an opinion

on the financial statements audited. Which of the following order of words are the most

appropriate to fill the above blanks?

A. Relevant and reliable

B. relevant and sufficient

C. Sufficient and appropriate

D. cost effective and efficient

31. TR Associates, a firm of chartered accountants was requested to provide an assurance report

on information prepared by Tharu PLC, about its internal controls. The level of assurance that

could be provided based on CA Sri Lanka technical standards on the internal controls of Tharu

PLC is:

A. Reasonable assurance B. Limited assurance

C. Absolute assurance D. No assurance can be provided

32. Which of the following will result in an advocacy threat?

A. The Accountant was warned about his employment if he does not agree to manipulate the

accounting records.

B. The directors requested the accountant to perform a comprehensive analysis on the impact of

recent tax changes on the company. The accountant does not possess any knowledge or

experience in tax-related matters.

C. The finance director is entitled for profit sharing bonuses and he can influence the financial

reporting of the entity.

D. The auditor was asked by an audit client to represent the entity in negotiating a loan with the

bank.

33. You are in the process of planning the audit of Tharu PLC. This is the first year your firm is

auditing Tharu PLC. As a result, there is a lack of cumulative audit knowledge and experience,

increasing detection risk. Which of the following is an appropriate auditor’s response to address

the risk described?

A Extended controls testing should be performed.

B Support of independent expert should be obtained to get better understanding

about Tharu PLC.

C More time and resource will need to be devoted to obtain an understanding of Tharu

PLC at the start of the audit.

D Increase substantive tests.

34. Audit planning is an important element of the auditing process. Which of the following is

not a purpose of planning an audit?

A. To ensure that appropriate team members are selected to carry out the audit.

B. To organize and manage the audit in an efficient and effective manner.

C. To ensure that the client obtains added value from the audit.

D. To reduce the risk of giving an inappropriate audit opinion.

35. Which one of the following best describes a test of control?

A. A procedure performed by the external auditor to detect material misstatement atan assertion level

B. A procedure performed by the external auditor to verify whether a control is inplace and operating effectively

C. A process implemented by the management of an entity to mitigate a risk

D. An evaluation of conflicting relationships between financial and non-financial data

36. Which two of the following are potential indicators that an entity is not a going concern?

1 Current liabilities have exceeded the current assets.

2 One customer from a larger customer portfolio of the company has become bankrupt.

3 Banks have disagreed to renew borrowing facilities.

4 Inland Revenue department has issued a material assessment to the company

A.1 and 2

B.1 and 3

C.2 and 3

D.3 and 4

37. Which of the following appropriately explains the difference between a limited assuranceengagement and a reasonable assurance engagement?

A. Limited assurance is given when a material misstatement has been identified in the subjectmatter but some assurance can still be given, whereas reasonable assurance is given when nomaterial misstatements have been identified.B. In a limited assurance engagement, the practitioner will gather limited evidence. In areasonable assurance engagement, the practitioner will gather sufficient appropriate evidence.C. In a reasonable assurance engagement, the practitioner is fully liable if the financial statementsare later found to contain a material misstatement; in a limited assurance engagement, thepractitioner has limited liability.D. In a limited assurance engagement the practitioner will conclude whether the subject matter,with respect to identified suitable criteria, is plausible in the circumstances. In a reasonableassurance engagement, the practitioner will conclude whether the subject matter conforms inall material respects, with identified suitable criteria.

38. Which of the following statements is true in respect of uncorrected misstatements?

A All uncorrected misstatements must be adjusted in order for an unmodified opinion to be issued B Accumulated misstatements other than other than those that are clearly trivial shall be communicated to management and requested to adjust the financial statements. C All uncorrected misstatements must be communicated to management and requested to adjust the financial statements. D All uncorrected misstatements must be communicated to shareholders

39. Hiru PLC has been in the business of manufacturing and selling air conditioners. Thestatement of financial position as at 31st March 2019 shows an inventory balance of Rs.400Mn. In April and May 2019 all air conditioners held as at 31st March 2019 were sold forRs.320 Mn. Hiru PLC’s profit before tax for the year ended 31st March 2019 was Rs.300 Mn.Which type of audit report/opinion would be most appropriate for Hiru PLC, assuming thedirectors refused to make any adjustments in respect of the above?

A Unmodified report, as the sale happened after the year end B Unmodified report with an emphasis of matter paragraph C Adverse opinion D Qualified or Except For opinion.

40. Which type of audit opinion is illustrated by the following phrase?'We do not express an opinion on the financial statements'

A Unmodified opinion B Adverse opinion C Except for opinion D Disclaimer of opinion

41. Which TWO of the following are reasons why an auditor would need to modify the auditopinion?

1 They conclude that there is a material inconsistency between the audited financial statements and the other information contained in the annual report. 2 They wish to draw attention to a matter that is fundamental to the users’ understanding of the financial statements. 3 They conclude that the financial statements as a whole are not free from material misstatement. 4 They have been unable to obtain sufficient appropriate evidence to conclude that the financial statements as a whole are free from material misstatement. A 1 and 2

B 2 and 3 C 2 and 4 D 3 and 4

42. Which of the following circumstances would lead the auditor to give a qualified opinion?

A The matter represents a substantial proportion of the financial statements B The matter is not confined to specific elements of the financial statements C The matter is material to the financial statements D The matter relates to a disclosure that is fundamental to the users’ understanding of the financial statements

43 An other matter paragraph is used in an audit report to draw attention to a matter other than those presented or disclosed in financial statements. Which of the following are correct in relation to an Other Matter Paragraph included in the Auditor’s Report?

1.The matter is deemed to be fundamental to the users’ understanding of the financialstatements2. It is used to communicate a matter relevant to users’ understanding of the audit, theauditor's responsibilities or the audit report3.Other matter may be included as a separate para in the section on “Report on other legaland Regulatory Requirement4. It is used as an alternative to a qualified opinion

A. 1 and 2 onlyB. 2 and 3 only.C. 2 and 4 only.D. 1 and 4 only.

44.When auditing a company that is compliant with corporate governance codes ,which TWOof the following statements are correct?

1 The control environment is likely to be stronger. 2 The level of inherent risk would be lower. 3 External auditors can raise issues with an Audit Committee. 4 The auditors are more likely to be reappointed each year. A 1 and 2 B 1 and 3 C 1 and 4 D 2 and 3

45.Which of the below statements better represents the meaning of the term “FinTech”

A. It is about how technology is going to challenge the role of Chartered Accountant

B. It mainly relates to the use of digital currency such as bit coin in modern digitaltransactions

C. It represents new applications of digital financial technology

D. None of the above

46. Which is not an example of “FinTech”

A. Mobile bankingB. PayPal and Cryptocurrency

C. Cloud accounting software's application programming interface (API)D. Enterprise Resource Management System

47. Which one of the below is not a benefit of “Block chain technology”?

A. It can totally eliminate intermediaries in banking system through distributed ledger

B. Data can be transferred anonymouslyC. It offers transparency when dealing in currency because block chains are viewableD. Simplify processes as they are part of a single public ledger rather than multiple ledgers

48. Laney (2000) suggested that “Big Data” can be defined by considering the three Vs: andthis include

A. Volume, velocity and variety

B. Volume, velocity and visibility

C. Volume, velocity and versatility

D. Value, Volume and velocity

49.Which of the following best describes “Artificial Intelligence” (AI)?

A. Where humans use computer systems to complete increasingly complex tasksB. Where computer systems complete tasks humans normally wouldn't be able to doC. When computers perform tasks that would usually require human intelligenceD. When computers are able to analyze large amounts of data very quickly

50. Which of the below is not a response to directly address the threats arising from “cybersecurity issues”? A. Employing a Chief Information Security Officer

B. Implement organizational wide enterprise risk management system and employing a Chief Risk

Officer

C. Learning from past security breaches. D. Enhance the cybersecurity features of the organization’s IT/IS infrastructure

ANSWERS

1. C

2. C

3. C

4. D

5. D

6. C

7. B

8. D

9. C

10. C

11. D

12. C

13. B

14. A

15. A

16. A

17. D

18. C

19. D

20. B

21. D

22. B

23. D

24. A

25. C

26. C

27. B

28. C

29. B

30. C

31. B

32. D

33. C

34. C

35. B

36. B

37. D

38. B

39. D.

40. D

41. D

42. C

43. B

44. B

45. C

46. D

47. A

48. A

49. C

50. B