AUD21M0: Auditing 2 Course Notes

Auditing 2 (AUD21M0) builds on foundational auditing by focusing on higher-risk areas, deeper evidence evaluation, and more advanced professional judgment. These course notes are designed to support exam preparation with practical, exam-relevant structure and South African–centric examples that reflect how audits are performed in real organisations across universities, colleges, and TVET institutions. Emphasis is placed on audit planning, risk assessment, internal controls, audit evidence, documentation, and reporting—linking theory to the way auditors evaluate assertions and conclude.

Section 1: Framework, Professional Responsibilities, and Audit Risk (with South African Context)

Auditing 2 typically expects you to demonstrate not only knowledge of standards, but also the ability to apply them to scenario-based questions. At university exam level, marks often come from (a) clearly stating the audit objective, (b) identifying relevant risks and assertions, (c) selecting appropriate procedures, and (d) justifying conclusions using evidence quality concepts.

Understanding the Audit Framework: From Assertions to Conclusions

At the core of any audit is the link between financial statement assertions and audit procedures. Even when audit techniques change (sampling, data analytics, control testing, substantive testing), the logic stays consistent:

Identify what management claims through the financial statements (assertions).
Identify where those assertions could be materially misstated (risks).
Design and perform procedures to address the risks.
Evaluate evidence to reach a conclusion and form an audit opinion.

In South Africa, students commonly encounter audits of:

Public entities and entities receiving grants (e.g., training institutions, TVET colleges).
Education providers with significant revenue streams (tuition, government subsidies, bursaries).
Research and project funding where compliance requirements create audit risk.
Asset-heavy environments (campuses, buildings, learning resources, IT systems).

These settings are important because they create patterns of risk: segregation of duties gaps, manual processes, procurement complexity, and compliance-driven transactions.

Professional Ethical Requirements and Objectivity

Although “ethics” can appear in multiple courses, Auditing 2 often pushes deeper into independence threats and how auditors respond. In exam scenarios, you may be asked to identify threats such as:

Self-interest threats (e.g., fee dependence).
Self-review threats (e.g., auditing services where the firm also maintains accounting records).
Advocacy threats (promoting a client’s position without evidence).
Familiarity threats (long association with the client).
Intimidation threats (fear of losing the client).

In a South African institutional context, independence threats can show up when an auditing firm is also contracted for internal systems work, bookkeeping support, or advisory assignments that are too close to management’s judgments. For example, if an external audit firm helps a college with accounting policy interpretation and later audits those same judgments without sufficient safeguards, the audit becomes vulnerable to self-review.

Exam technique: In a question, always show the threat, then the safeguard. Safeguards can include independent review by a senior partner, removing the audit team member, separate engagement teams, quality control review, and stronger governance oversight.

Audit Risk Model and Materiality

A classic Auditing 2 expectation is the audit risk model:

Audit Risk (AR) = Inherent Risk (IR) × Control Risk (CR) × Detection Risk (DR)

While different lecturers may discuss the model with slight variations, the exam-friendly message is that auditors reduce audit risk by reducing detection risk through better evidence.

How this plays out in practice (example scenario):
Consider a TVET college where:

Inherent risk is high for revenue recognition because bursaries and subsidies may have complex rules and timing issues.
Control risk may be high if the institution lacks strong segregation of duties between admissions, billing, and payment processing.
Detection risk is reduced by performing detailed substantive procedures such as:
- verifying bursary eligibility,
- matching recorded revenue to supporting confirmations,
- recalculating revenue timing.

Materiality links to whether misstatements could influence users’ decisions. Examiners like answers that mention:

Overall materiality for the financial statements,
Performance materiality (often lower than overall materiality),
Clearly trivial matters (no need for audit response if truly trivial and not aggregated).

In South African public education environments, auditors often use materiality considerations for:

compliance-related disclosures,
restricted funds and grants,
procurement and expenses that may be governed by specific policies.

Risk Assessment: Identifying and Responding to Risks of Material Misstatement

Auditing 2 typically differentiates between:

Risks of material misstatement at the financial statement level, and
Risks at the assertion level (where you focus audit procedures).

Common assertion-level risks include:

Occurrence: revenue and expenses recorded even though they didn’t occur.
Completeness: revenue/transactions omitted.
Accuracy: amounts incorrectly calculated.
Cut-off: transactions recorded in the wrong period.
Classification: wrong category (e.g., repairs vs capital expenditure).
Valuation: assets overstated or provisions understated.
Rights and obligations: entity doesn’t have legal ownership but books it as owned.
Presentation and disclosure: incomplete disclosures.

Education-sector examples:

Cut-off risk: student fees received late in the year but recorded in the wrong period; grant revenue allocated incorrectly.
Valuation risk: inventory/consumables used in laboratories recorded without accurate consumption data.
Completeness risk: missing expenses for outsourced campus services due to delayed invoices.

Audit Planning and the Nature, Timing, and Extent of Procedures

Once risks are identified, the auditor designs audit responses. The “nature, timing, and extent” language is exam gold:

Nature: type of procedure (inspection, observation, confirmation, recalculation, reperformance).
Timing: when procedure is performed (interim vs year-end).
Extent: sample size, coverage, and depth.

In education institutions, auditors may adjust timing based on operational cycles:

Perform inventory observation close to year-end.
Perform controls testing earlier only if evidence supports reliance on those controls up to year-end.
Use year-end confirmations for payables and receivables.

Practical exam tip: If the scenario indicates strong controls, mention reduced substantive testing (depending on evidence). If controls are weak or unreliable, mention increased substantive procedures and more persuasive evidence.

Audit Documentation: Evidence of Planning and Judgment

Auditing 2 often expects familiarity with audit documentation requirements. You should know that documentation must show:

audit plan and strategy,
risk assessment results,
rationale for materiality and performance materiality,
evidence of procedure performance,
evidence of conclusions,
identification of significant judgments and why they were made.

South African marking patterns reward candidates who use phrase-like structure:

“Documented rationale for risk assessment”
“Link between identified risks and responses”
“Conclusion supported by evaluation of evidence”

Without documentation, even correct work may not translate into defensible conclusions. For instance, if a risk of misstatement was identified for revenue cut-off, but no evidence evaluation is documented, the auditor may be unable to justify the final position.

Section 2: Audit Evidence, Sampling, and Analytical Procedures (Applied to Education Entities)

Auditing 2 commonly tests whether you can distinguish between types of evidence, how to evaluate it, and what to do when evidence is contradictory or weak. In education audits, the challenge often comes from mixed systems: legacy spreadsheets, manual approvals, and inconsistent document retention.

Types and Quality of Audit Evidence

Audit evidence can be:

Physical (inspection of assets),
Documentary (contracts, invoices, bank statements),
Electronic (system reports, logs, exports),
Oral (inquiries),
Mathematical (recalculation and reperformance).

But the key is quality, not only quantity. The most exam-relevant evidence ranking typically emphasises:

External evidence (from third parties) is generally more reliable than internally generated evidence.
Evidence from effective controls is more reliable than evidence where controls appear weak.
Direct evidence (e.g., observation of a process, confirmation) is often stronger than indirect evidence.
Consistency and corroboration matter: one piece of evidence rarely “wins” if it conflicts.

Education entity example:
A TVET college records procurement expenses for laboratory equipment. Evidence may include:

supplier invoices (documentary),
proof of receipt (goods received notes),
approvals (signed requisitions),
payment proof (bank records),
system logs for procurement workflow.

If approvals are missing and goods receipt notes don’t match invoice dates, evidence quality drops. The auditor may extend procedures (e.g., supplier confirmation, deeper cut-off testing).

Inquiries, Confirmation, Observation, and Inspection

In exam answers, make sure you match procedure type to audit objective:

Inquiries: good for understanding processes but not strong enough alone for high-risk assertions.
Confirmations: strong for existence, completeness, and rights/obligations (e.g., receivables confirmations, outstanding grant balances).
Observation: useful for process reality (e.g., counting inventory), but limited because observation is “at a point in time.”
Inspection: effective for existence and documentary support (contracts, minutes, invoices).

Example: Confirmation of Student Debtors
For an education institution with “student accounts,” the auditor may:

request confirmation of account balances from students (or administrators),
reconcile confirmed balances to ledger entries,
investigate differences (differences may arise from scholarship adjustments or account reversals).

Relevance and Reliability: The Core Evidence Evaluation Logic

Auditing 2 often expects answers structured as:

Define the assertion at risk.
Identify which evidence is relevant to that assertion.
Explain how reliability is assessed.
Conclude on what the evidence supports.

Example: Rights and Obligations for a Vehicle Used by a College

Assertion: rights/obligations (does the institution actually own or have the right to use the vehicle?).
Evidence:
- vehicle register entry,
- ownership documents or lease agreements,
- insurance policy listing the college as beneficiary.
Reliability:
- lease agreement and insurance documents provide external or documentary support.
- vehicle register is internal; it must be corroborated.

Analytical Procedures: Building Expectation and Investigating Variances

Analytical procedures include:

comparisons to prior period,
comparisons to budgets,
relationships between line items.

In Auditing 2, it’s not enough to say “use analytics.” You must explain:

what expectation is formed,
how large a variance triggers investigation,
what follow-up procedures are taken.

Education analytics example: Expense Trends
A university campus shows procurement expenses increasing by 25% YoY, while student numbers increased only by 5%. That mismatch suggests risk in:

classification (capital vs expense),
timing (one-off purchases),
potential duplication or misallocation.

The auditor may:

break expenses by department and vendor,
compare invoice timing with service delivery,
inspect a sample of high-value transactions for proper classification.

Sampling Concepts: Selecting What You Test

Sampling is central in Auditing 2. You should distinguish:

Statistical sampling (probability-based, allows quantification of sampling risk),
Non-statistical sampling (judgment-based, still requires careful planning),
Sampling risk: risk that the sample leads to an incorrect conclusion.

Common exam questions ask you to:

design a sample approach based on expected population size and risk,
interpret results and project misstatements.

Sampling Risk and Misstatement Projection

If sample results show exceptions, auditors may need to project them to the population. The general idea:

If misstatements are found in the sample, you estimate potential misstatement in the population.
Compare projected misstatement to performance materiality and determine whether the risk of material misstatement remains acceptable.

Education scenario: Inventory Test
A college has science lab consumables. The auditor tests a sample of items:

expected use and records,
physically counts items (or verifies warehouse records).

Suppose the sample reveals items recorded but not found. The auditor then:

projects potential overstated inventory,
evaluates whether the overstatement is material,
modifies subsequent procedures if needed.

Designing Procedures for Specific Assertions

Auditing 2 often emphasizes linking procedures to assertions. A practical mapping:

Occurrence: trace transactions from source documents to ledger (e.g., from admissions records to revenue).
Completeness: trace from ledger to source (e.g., from list of bursaries granted to ledger).
Accuracy: recalculate and verify totals.
Cut-off: test transactions around year-end (e.g., last month and first month after year-end).
Valuation: verify estimates (bad debts, impairment).
Presentation and disclosure: check notes for completeness and compliance with reporting requirements.

This mapping is essential in exam writing because it demonstrates audit logic rather than a checklist.

Handling Contradictory or Insufficient Evidence

When evidence contradicts itself:

the auditor cannot simply “average” the evidence.
instead, they must resolve contradictions—often by obtaining additional evidence.

Example: Grants Recognition
A university might recognize grant revenue based on receipt and project milestones. But internal reports suggest milestones were not reached. The auditor may:

inspect milestone acceptance documents,
verify correspondence with the donor,
recalculate revenue recognition based on policy,
assess whether controls over milestone reporting are effective.

If evidence remains insufficient:

the auditor may qualify the opinion or issue a modified opinion depending on materiality and pervasiveness,
or adjust audit scope to reach sufficient appropriate evidence if possible.

This links evidence evaluation to ultimate reporting—an Auditing 2 theme.

Section 3: Internal Controls, Risk Responses, and Audit Procedures for Major Cycles

A major difference between introductory auditing and Auditing 2 is the deeper treatment of internal controls and how they influence audit strategy. In education environments, internal controls can be fragmented across departments: admissions, finance, procurement, HR, estates, and IT.

Understanding Internal Control Components

Internal control systems generally include:

control environment,
risk assessment process,
information and communication,
control activities (authorizations, approvals, reconciliations),
monitoring.

Auditors focus on whether controls are:

designed effectively (likely to prevent/detect misstatement),
implemented (actually in use),
and possibly operating effectively (consistently worked over time).

Tests of Controls vs Substantive Procedures

A central Auditing 2 skill is deciding whether to:

perform tests of controls (to rely on controls),
perform mainly substantive procedures (if controls are weak), or
use a combination.

Exam reasoning pattern:

Identify a significant risk and relevant assertion.
Evaluate control design and implementation.
Determine whether controls can be relied upon.
Decide the nature/timing/extent of controls testing or substantive work.

Example: Procurement Cycle at a TVET College
The procurement cycle includes requisition approvals, vendor selection, order issuance, receiving, and payment approvals. If auditors find:

approvals are inconsistent,
purchase orders are issued after goods receipt,
receiving is not verified against delivery documentation,
then control reliability declines and substantive testing expands.

If controls appear strong:

auditors might test key controls such as approval of purchases and matching GRN to invoice.
based on results, they reduce the required extent of substantive testing.

Key Controls and Common Weaknesses in Education Settings

Common control gaps in colleges and universities may include:

inadequate segregation of duties (single staff member can initiate and approve transactions),
manual capture and rekeying of data from documents to accounting systems,
poor reconciliation practices (e.g., bank reconciliations not reviewed),
limited system access controls (users can change key rates),
weak IT governance over student information systems.

In exam scenarios, you may be asked to identify deficiencies. Strong answers go beyond “the control is weak” and explain consequences:

which assertions are affected,
what misstatement risks arise,
and what audit response is required.

Major Transaction Cycles: Revenue, Expenses, and Cash

Auditing 2 usually expects familiarity with procedures across major cycles.

Revenue from Tuition, Fees, and Government Subsidies

Revenue recognition risks are frequently tested in education contexts:

Cut-off: fees received for future terms recorded as current-year revenue.
Completeness: student accounts not fully captured in the ledger.
Accuracy: incorrect fee schedules, discounts, or bursary adjustments.
Existence/occurrence: recording revenue for students who were not enrolled or not eligible.

Control response examples:

verify fee schedule approvals,
test controls over enrollment lists,
test the accuracy of billing calculations and discount logic,
evaluate controls over student account adjustments.

Substantive response examples:

reconcile admissions/enrollment lists to revenue recorded,
confirm balances with students or bursary administrators where appropriate,
inspect bursary agreements and ensure correct recognition.

Expenses: Payroll, Procurement, and Compliance Expenditure

Payroll is often a high-risk area in South African education audits due to:

multiple pay components,
changes in HR records,
potential ghost employees,
timing of adjustments.

Controls to test might include:

HR approvals for appointments and termination,
master file changes authorization,
reconciliations between HR records and payroll output,
controls over leave and overtime approvals.

Substantive procedures:

examine payroll register changes,
test samples of payments to employees,
verify additions/deletions through HR documentation,
analytical reviews comparing payroll to headcount.

Procurement expenses also carry risk:

misclassification,
overstatement through fictitious invoices,
duplicate payments,
inappropriate vendor selection or non-compliance with procurement policy.

Audit responses:

inspect procurement documentation for authorization and supporting goods receipt,
confirm vendor balances,
test payments around year-end for cut-off and completeness.

Cash, Bank Balances, and Transfers

Cash audits often rely on:

bank confirmations,
reconciliations evaluation,
substantive testing for completeness and completeness of recorded cash receipts.

Education entity example:
A university may have multiple bank accounts: tuition account, donation account, project account. Each account could have restrictions. Audit risk relates to:

misclassification of restricted funds,
unrecorded receipts,
incorrect allocation between unrestricted and restricted funds.

Procedure design:

confirm bank balances,
review bank reconciliations and investigation of reconciling items,
trace receipts to source and bank records to ledger.

Risk Responses at Assertion Level: Connecting Controls to Evidence

The most effective exam answers explicitly connect:

risk of misstatement → assertion → control → test of control/substantive procedure → evidence evaluation.

Example answer skeleton (adaptable to scenarios):

Risk: revenue completeness risk due to manual student account updates.
Assertion: completeness.
Control: documented reconciliation of enrollment list to revenue ledger.
Audit response:
- test control operating effectiveness,
- or if weak, expand substantive testing by tracing enrollment records to revenue.

Examiners reward this “chain of logic.” It’s more than listing procedures; it shows you understand why each procedure is selected.

Evaluating Control Deficiencies and Their Implications

Auditors must assess whether deficiencies are:

significant deficiency,
material weakness (if the framework uses that language),
or otherwise impactful to the financial statements.

In education audits, where governance can be complex, a deficiency in procurement approvals might be significant for expenses and payables. A deficiency in IT access controls might be pervasive, affecting multiple assertions: valuation, completeness, accuracy, and disclosures.

Your exam writing should connect deficiency severity to:

which financial statement areas are affected,
the likely impact on audit strategy,
and whether a modified opinion might become necessary (depending on materiality).

Section 4: Audit of Estimates, Impairment, Provisions, and Compliance-Sensitive Areas in South African Institutions

Auditing 2 often includes a strong component on estimates and judgment-heavy areas. South African education institutions have many estimate-driven transactions due to:

provisioning for doubtful debts (students and receivables),
impairment of assets (computers, facilities, specialized equipment),
provisioning for legal and compliance matters,
actuarial or complex calculations where applicable (e.g., staff benefits, if relevant).

Why Estimates Are High Risk

Estimates are inherently uncertain due to:

reliance on assumptions,
subjectivity in method selection,
susceptibility to management bias,
potential lack of historical data.

In exam cases, management bias can appear through:

under-provisioning to present stronger financial performance,
over-capitalization of expenses to reduce short-term expense recognition,
inconsistent application of policies across departments.

Auditing Management’s Estimates: Approach and Procedures

Auditors often assess:

Whether the estimation process is relevant and appropriate.
Whether assumptions are reasonable.
Whether the method is applied consistently.
Whether disclosure is adequate.

A typical evidence set includes:

historical data,
budgets and approved plans,
contracts and external confirmations where applicable,
subsequent events evidence.

Estimating Doubtful Debts (Students and Other Receivables)

Education entities frequently maintain receivables ledgers for:

student fees,
transport or residence payments,
grants receivable.

Audit objectives for the receivable impairment:

Valuation and allocation to impairment accounts,
completeness of impairment recognition.

Procedures:

evaluate aging schedules accuracy (trace to underlying ledger),
test credit control processes,
re-compute impairment using management’s model,
compare impairment rates to historical recovery patterns,
corroborate key assumptions (e.g., collection policies).

Exam scenario example:
A college’s impairment ratio increases sharply in Year 2 without a matching change in collection outcomes. The auditor questions assumption reasonableness. They might:

inspect collection reports and cash receipts trend,
analyze post-year-end collections,
check if write-offs occurred but were not reflected.

If evidence supports management’s increased risk, impairment may be reasonable. If not, the auditor may conclude misstatement.

Provisions and Contingent Liabilities: Legal, Contractual, and Compliance Risk

Provision and contingent liability audits are commonly tested because of:

uncertain timing and amount,
reliance on legal advice,
interplay with compliance frameworks.

In education contexts, provisions may relate to:

disputes over contracts,
claims arising from procurement and service delivery,
restructuring costs,
remediation obligations (e.g., compliance with safety standards).

Audit approach:

inspect legal correspondence and management’s assessment,
assess whether present obligations exist as of the reporting date,
evaluate whether the amount can be reliably estimated,
consider whether disclosures are sufficient (contingent liabilities are often disclosed rather than recognized).

How to handle conflicting evidence:

If management’s provision is supported by a legal opinion but amounts appear inconsistent with contract terms, auditor expands procedures:
- re-examine contract clauses,
- verify settlement history for similar matters,
- assess the reliability of management’s probability weighting.

Impairment of Non-Financial Assets: When Assets Lose Value

Auditing impairment requires attention to:

indicators of impairment,
recoverable amount calculations,
discount rates and cash flow assumptions,
whether impairment losses are properly recognized and disclosed.

For institutions with specialized equipment, impairment may be relevant if:

equipment becomes obsolete due to curriculum changes,
campuses suffer damages,
assets are idle and generate reduced usage.

Exam-relevant procedures:

assess existence of impairment indicators,
verify asset registers and usage data,
corroborate cash flow assumptions with budgets,
test the calculation model and discount rates.

Consistency of Policies and Governance Controls

Auditing estimates also involves checking for consistent application of policies:

impairment model applied consistently year to year,
provisioning policy updated and approved through governance structures,
disclosures align with the estimate method used.

In a South African university environment, governance may involve:

finance committee approvals,
audit and risk committees,
board-level sign-offs on key judgments.

Auditors often use minutes and committee reports as evidence of oversight. If management changes methods without governance approval, that might indicate higher risk of bias.

Audit of Compliance-Sensitive Disclosures and Restrictions

Education institutions often handle funds with restrictions—e.g., government grants or designated project funds. This creates audit risk at:

classification,
completeness of restricted fund disclosures,
accuracy of fund utilization reporting.

Example: Restricted Grant Recognition
If a university receives grant funds that must be spent on specific activities, auditors must:

ensure grant revenue and expenditure are presented correctly,
verify compliance with spending rules,
review reconciliation between grant drawdowns and expenditure.

The auditor might:

inspect grant agreement terms,
verify expenditure supports the grant purpose,
confirm compliance reporting to donors.

Even if the financial statements comply with accounting standards, failure to comply with grant restrictions can lead to:

disclosure issues,
potential clawbacks (creating provision risk),
audit modifications if material.

Subsequent Events: Evidence After Year-End

Subsequent events procedures help verify estimates at reporting date. For example:

post-year-end collections on student receivables,
settlement amounts for legal claims,
impairment indicator developments.

Auditors distinguish:

adjusting events (evidence about conditions existing at reporting date),
non-adjusting events (new conditions after reporting date, may require disclosure).

In exam writing, correctly categorizing subsequent events can earn marks because it shows you understand how evidence updates the estimate.

Section 5: Audit Completion, Reporting, and Exam-Grade Scenario Responses (Including South African Reporting Expectations)

Auditing 2 culminates with audit completion and reporting. Examiners often test:

how to handle unresolved issues,
evaluation of misstatements and disclosure adequacy,
management representations,
final review and the form of opinion.

This section provides exam-style guidance for concluding work and producing a coherent final reporting answer.

Audit Completion: Final Analytical Review and Evaluation

Audit completion involves several concluding steps:

Evaluate whether sufficient appropriate evidence has been obtained.
Review whether uncorrected misstatements are material.
Confirm that disclosures are complete and appropriate.
Perform a final overall review and quality control checks.

Final analytical review means:

looking for inconsistencies between financial statement balances and expectations,
understanding reasons for significant changes.

In a scenario where student fees revenue rises sharply, final review may require confirmation that:

enrollment numbers rose,
fee schedules changed,
or one-off adjustments occurred and are properly disclosed.

Uncorrected Misstatements and Materiality

Examiners commonly reward candidates who:

distinguish between clearly trivial items and misstatements that may accumulate,
explain how projected misstatements are compared with performance materiality.

If several small errors exist across different notes, the question becomes aggregation and whether the total effect is material.

Example: Disclosure and Classification
Suppose a college classifies certain procurement costs as capital assets instead of expenses. The amounts per transaction might be small, but over the year:

expenses are understated,
assets are overstated,
depreciation expense is affected.

Auditors evaluate whether the pattern indicates control deficiency or policy error, and whether correction is required.

Management Representations: What They Are and What They Are Not

Management representations are not a substitute for evidence. In exam scenarios:

representations should be obtained for management’s responsibilities and key assertions,
but if audit evidence conflicts with representations, audit evidence prevails.

Typical representation areas include:

responsibility for financial statements,
disclosure of fraud or suspected fraud,
completeness of information and transactions,
recognition and disclosure assessments for significant estimates.

Evaluating Going Concern

Going concern evaluation is critical, particularly in education institutions where:

funding cycles are variable,
government subsidy delays can occur,
compliance issues may affect funding continuation.

Auditors evaluate:

management’s assessment of going concern,
whether there are material uncertainties,
and whether disclosures are adequate.

Exam approach:

identify indicators: cash flow constraints, breach of funding covenants, persistent losses, delayed grants.
describe audit procedures: review budgets, cash flow forecasts, post-year-end receipts.
conclude: whether a material uncertainty exists and whether a disclosure-only modification is required.

Forming the Audit Opinion: Key Types and Triggers

Auditors issue audit opinions based on whether financial statements are prepared, in all material respects, in accordance with the applicable framework.

Common opinion outcomes include:

Unmodified (clean) opinion: sufficient evidence obtained; no material misstatements or insufficient evidence.
Qualified opinion: material misstatement or limitation in scope, not pervasive.
Adverse opinion: material misstatement is pervasive.
Disclaimer: inability to obtain sufficient appropriate evidence.

In exam scenarios, you’ll often be asked:

“What type of opinion would be appropriate and why?”
The best answers:
cite the nature of misstatement/limitation,
evaluate materiality and pervasiveness,
link to evidence sufficiency.

Communicating with Those Charged with Governance

Although the formality may vary by course coverage, Auditing 2 often includes communication responsibilities. In scenarios, you may need to identify:

significant risks,
audit adjustments,
control deficiencies,
misstatements and their resolution status.

Exam writing technique:
When asked about communications, state:

what is communicated,
why it matters,
to whom it is communicated (audit committee/board/oversight body).

In South African higher education governance, audit and risk committees are influential in overseeing compliance, procurement discipline, and risk reporting. Auditors should communicate appropriately and ensure oversight bodies understand risks and proposed corrections.

Handling Fraud or Suspected Fraud During the Audit

Fraud scenarios are common in Auditing 2 exams. You may be asked to:

identify indicators of potential fraud,
describe audit responses,
and outline how to evaluate and report fraud findings.

Education-sector fraud risk examples:

fictitious procurement vendors leading to fake invoices,
ghost employees or unauthorized overtime claims,
manipulation of fee waivers or bursary allocations,
misreporting grant expenditure to meet compliance reporting.

Audit responses:

expand procedures around relevant accounts,
increase professional skepticism,
seek additional evidence and confirmations,
consider whistleblower or governance reports (if available in scenario),
consult internally as required.

Examiners tend to reward candidates who use structured language:

“Increased risk of misstatement due to…”
“Audit procedures should focus on…”
“Evidence must be corroborated with…”

A Full Scenario Walkthrough (Exam-Style): TVET College Audit Completion

Below is an integrated scenario that demonstrates how to write a coherent Auditing 2 conclusion. This is an example of an exam approach, not a prediction of any specific institution.

Scenario Facts

A TVET college has:

strong internal controls in payroll (regular reconciliations and approvals),
weak controls in procurement approvals (missing approvals on a portion of purchases),
complex restricted grant operations,
student fee revenue subject to bursary adjustments.

During the audit:

tests of controls for procurement found exceptions in authorization documentation.
substantive testing of procurement expenses shows two items that may be misclassified: equipment purchased but expensed.
impairment of student receivables requires judgment; management uses a model based on aging and recovery trends.
subsequent events show improved collections after year-end, but only partially.

Linking Risks to Evidence

Procurement authorization deficiencies increase risk for classification and occurrence of expenses.
Two misclassified items create potential misstatement in expenses and assets.
Restricted grant operations raise presentation and disclosure risk (and possible provision risk if non-compliance creates clawback likelihood).

Final Evaluation

In the completion phase, the auditor evaluates:

Are procurement misclassifications material individually or aggregated?
Do impairment assumptions remain reasonable given subsequent collections?
Are restricted grant disclosures accurate and complete?

Possible Conclusion Structures

If misclassifications are immaterial and disclosures correct: unmodified opinion with emphasis on governance recommendations.
If misclassifications are material but not pervasive and limited to a note: qualified opinion.
If impairment is materially overstated and affects multiple line items: more likely qualification or adverse depending on pervasiveness.
If scope is limited due to unavailable grant documentation and could be material: limitation leads to either qualified opinion or disclaimer depending on materiality.

This kind of narrative is exam-grade because it clearly connects:

what went wrong (risk and exceptions),
what evidence addressed it,
why the final conclusion is appropriate (materiality and pervasiveness).

Common Pitfalls in Exam Responses (and How to Avoid Them)

Procedure lists without rationale
Bad: “Test invoices, check bank statements.”
Better: “Test invoices and match to GRNs to address occurrence and completeness because procurement approvals are weak.”
Ignoring aggregation of small errors
Bad: “Each misstatement is small, so it’s fine.”
Better: “Assess whether misstatements aggregate to exceed performance materiality, particularly given control deficiencies.”
Treating management representations as sufficient evidence
Bad: “Management said it’s correct, so audit is done.”
Better: “Representations corroborate other evidence but do not replace substantive evidence.”
No link to assertions
Bad: “Revenue risk exists.”
Better: “Revenue completeness and cut-off risk exist; procedures target completeness by tracing enrollment to ledger and target cut-off by testing near year-end.”
No materiality/pervasiveness logic for opinion
Bad: “Audit opinion should be qualified because there is a misstatement.”
Better: “Qualified because misstatement is material but not pervasive; scope of misstatement limited to restricted grant note X and does not affect overall financial statement presentation.”

Exam Writing Blueprint for AUD21M0 “Audit Completion and Reporting” Questions

When a question asks: “What should the auditor do/ conclude/ report?” use this blueprint:

Identify the issue (e.g., misstatement, limitation, going concern uncertainty).
State the relevant standard concept (materiality, audit risk, sufficient appropriate evidence, disclosure adequacy).
Assess materiality (performance materiality and aggregation).
Assess pervasiveness (does it affect many line items/disclosures?).
Decide reporting implication (unmodified vs modified, and if so which type).
Explain supporting audit actions (what procedures were performed and what evidence shows).
Mention communication (governance and oversight bodies if asked).

This structure improves clarity and consistency—exactly what exam markers look for.

Concluding Integration: How AUD21M0 Skills Fit Together

Auditing 2 is best understood as an end-to-end discipline: starting from risk assessment and audit planning, moving into evidence design and evaluation, integrating internal control reliance decisions, dealing with estimates and compliance-sensitive matters, and finally concluding with a defensible reporting outcome. In South African education-sector contexts—universities, colleges, and TVETs—the audit challenges are often amplified by grant restrictions, procurement complexity, and mixed manual/IT processes.

If you can consistently connect:

assertions → risks → procedures → evidence quality → evaluation → reporting,
you will be well prepared for both theory and scenario-based questions in AUD21M0.