AACCA Prep
Sign inStart free
Home / AS · Applied Skills / AA: Audit and Assurance

ACCA·AS · Applied Skills·UnitAS · Unit 05Access: Premium

AA: Audit and Assurance

AA (Audit and Assurance) covers the audit process from planning and risk assessment through to gathering evidence and reporting. You will study the regulatory framework, internal controls, substantive procedures, and the auditor's report under International Standards on Auditing (ISAs). AA is a 3-hour session-based exam with both MCQs and constructed response questions.

Questions
1,473
Topics
6
Access
Premium

What’s in it.

6 topics
  • Topic 01

    Audit Framework and Regulation

    220 questions
  • Topic 02

    Planning and Risk Assessment

    240 questions
  • Topic 03

    Internal Control

    232 questions
  • Topic 04

    Audit Evidence

    263 questions
  • Topic 05

    Review and Reporting

    251 questions
  • Topic 06

    Employability and Technology Skills

    267 questions

Sample questions

3 of many

A few questions from this unit, with the answer and a full explanation. The complete bank is available when you start practising.

  1. During development of the audit strategy for a multinational client with operations in five countries, the engagement partner must consider how to allocate resources. Which factor is most relevant to this decision under ISA 300?

    • The characteristics of the engagement, including the locations of the entity's operations and whether component auditors will be needed
      Correct answer
    • Only the number of employees at each location, irrespective of the financial significance of operations
    • The client's preference for which locations should be visited by the audit team
    • The partner should allocate equal resources to all five countries regardless of the risk profile of each location
    Explanation

    Under ISA 300, the overall audit strategy must address the characteristics of the engagement, which includes the locations of the entity's operations. For a multinational client, the engagement partner needs to consider the financial significance of operations at each location, the risks associated with each component, whether component auditors will be needed (engaging with ISA 600 requirements for group audits), and the nature and extent of resources required. Resource allocation should be risk-based, not simply divided equally among locations.

  2. Why is evidence obtained directly by the auditor considered more reliable than evidence obtained indirectly?

    • Because the auditor can directly verify the information through their own inspection, observation, or testing, reducing the risk that the evidence has been manipulated or is inaccurate
      Correct answer
    • Because auditors are legally required to obtain all evidence directly and indirect evidence is not admissible
    • Because only evidence obtained by the engagement partner is considered direct evidence
    • Because direct evidence is always in written form while indirect evidence is always oral
    Explanation

    Evidence obtained directly by the auditor (through inspection, observation, reperformance, or recalculation) is more reliable because the auditor can personally verify the information, reducing the risk of manipulation, alteration, or inaccuracy. For example, when the auditor personally counts inventory, they can be confident the count is accurate. When the auditor relies on management's count records (indirect evidence), there is a risk that the records may contain errors or may have been manipulated. Direct evidence provides the auditor with first-hand knowledge of the matter being tested.

  3. An auditor has identified revenue recognition as a significant risk due to the presumption under ISA 240 that there are risks of fraud in revenue recognition. The audit team plans to address this risk by relying entirely on tests of controls over the revenue cycle. Is this approach sufficient?

    • Yes, because the presumption of fraud in revenue recognition is rebuttable and the auditor can choose not to perform substantive procedures
    • No, for significant risks, the auditor must perform substantive procedures specifically responsive to the risk; relying solely on tests of controls is not sufficient, even if controls are found to be effective
      Correct answer
    • No, but only because fraud risks must always be addressed by forensic specialists rather than the audit team
    • Yes, because ISA 330 allows the auditor to choose between tests of controls and substantive procedures for any risk
    Explanation

    For significant risks, ISA 330 requires the auditor to perform substantive procedures that are specifically responsive to those risks. This is because significant risks, by definition, require special audit consideration, and the inherent limitations of internal controls (particularly regarding management override) mean that controls alone cannot provide sufficient assurance. For revenue recognition identified as a significant risk under the ISA 240 fraud presumption, the auditor must design substantive procedures directly targeted at the risk — such as detailed testing of revenue transactions near the year end, testing of cut-off, analytical procedures comparing revenue with expectations, and review of journal entries affecting revenue.

Frequently asked questions

3 questions
What topics are covered in ACCA AA?

AA covers six areas: audit framework and regulation, planning and risk assessment, internal control, audit evidence, review and reporting, and employability and technology skills.

How is the AA exam structured?

AA is a 3-hour session-based exam containing a mix of MCQs and constructed response questions. The MCQ section tests knowledge of audit principles and ISAs. You need 50% to pass.

Do I need to know ISA numbers?

While you do not need to memorise every ISA number, familiarity with key standards such as ISA 200 (Overall Objectives), ISA 315 (Identifying and Assessing Risks), ISA 500 (Audit Evidence), and ISA 700 (Forming an Opinion) is expected and regularly tested.