Certified Information Systems Auditors
Unlike a security consultant, Altius IT is board certified as a Certified Information Systems Auditor to perform a security audit of your environment and issue reports and recommendations to secure your systems. After your audit, Altius IT's Auditor Opinion Letter and Secure Seal let your clients and prospects know you meet security best practice/compliance requirements.
See our In the News page for video clips of our experts on national television as well as over 40 publications featuring Altius IT. In addition to our auditor certifications, we hold many security, technical, and project management credentials. More information is available on our About Us page.
Our comprehensive audit service uncovers gaps in your existing defenses so that you can better:
- Fortify your information systems, applications, and network infrastructure
- Comply with regulatory requirements
- Protect your valuable assets
Candidates should familiarise themselves with exam terminology and tailor their answers accordingly. Taking time to consider the exact wording of the requirement will result in a focused answer which satisfies the question set.
Note that very few marks will be available in Paper P7 for rote-learning and the listing of facts, rules, or pieces of information. Instead, the application of knowledge to the specific scenario provided will score well. For example, a requirement may ask for the identification and explanation of matters (such as business or financial statement risks). As a general rule, a maximum of one-third of the available marks would be available for identification; the remaining two-thirds would be for the explanation of the matter. It is therefore not possible to pass the question requirement without application to the question scenario.
The ACCA Qualification features a core theme of ‘ethics and professionalism’, and all Professional level exams will contain some marks on this topic. In Paper P7, the professional marks will be allocated between the two Section A questions, with a maximum of five marks being available across the two questions. The requirements will clearly state how many marks are available and which
question requirement they relate to.
It is likely that Section A requirements containing professional marks will ask for the answer in a particular format, such as a report or briefing notes. The professional marks will be awarded for the following:
- structure and presentation
- clarity of explanation
- use of language appropriate to the addressee
- use of professional judgement
- discussion of both sides of a debate
- appreciation of relevant current professional issues.
CASE STUDY INFORMATION
Having read the requirements and understood exactly what has been asked for, the next step is to carefully read through the information provided, all the time bearing in mind the specific instructions given in the requirements.
The information provided in the scenario is likely to be both numeric and narrative, and could come from many different sources,
- extracts from financial statements
- information from management systems
- details taken from working papers
- verbal representations from the client or members of the audit/assurance team
- statements from third parties.
The information in the question will need to be carefully read and it is important that sufficient time is spent digesting and understanding the information provided. Candidates who skim read the information and do not take time to stop and think about the issues raised in the scenario are likely to produce a poorly focused answer which fails to identify the main points.
When reading the case study scenario it is important, therefore, to identify the following:
- What is your role? For example, are you the manager responsible for the audit, or responsible for company-wide matters such as ethics or quality control?
- What is the time scale? Are you planning an assignment prior to the client’s year end, or reviewing working papers at the conclusion of the audit?
- What does the company do? Is it involved in manufacturing, a service industry, or financial services? Does the company operate in a highly-regulated industry?
- What is the key relationship in the scenario? Is the company a long standing or potential client? Is this a one-off or a recurring engagement?
Understanding these basic facts will ensure that candidates approach the question requirements from the correct viewpoint.
When reading through the scenario it is useful to highlight or underline important pieces of information. A lot of time can be wasted by continually re-reading the scenario, so thoroughly reading and annotating the question paper should improve time management. Remember, with reading and planning time now being given at the start of the exam, there should be plenty of time to read the entire scenario carefully.
PLANNING AND TIME ALLOCATION
The case study questions will contain at least three discrete requirements. Time must be allocated between the requirements to ensure that each is addressed in sufficient depth. Failing to deal with a requirement obviously reduces the overall mark available for a question, but it also detracts from the quality of the answer as a whole. Remember, within each requirement there will be some relatively easy marks to gain, so by not attempting a requirement these marks are lost.
Is it worthwhile planning the answer? The simple answer is yes, as long as the plan is not too detailed and is then followed. A brief plan of the main points to be covered will keep the focus on the key elements of the requirements, and should avoid digressions into irrelevant matters. A good plan should prioritise the most significant issues. This is important, because if time runs short, key issues will still have been covered. A good plan will also draw out links between different pieces of information provided in the scenario. However, a plan is only worth doing if it enhances the answer. Spending too long on a very detailed plan, resulting in a lack of time to deal with the question requirements in detail, is not a good use of time in the exam. Plans should be very brief, no more than bullet points, and clearly labelled so they can not be confused with the actual answer.
A general comment on time allocation: a common error is to spend too long on the first two questions, leaving very little time for the remaining questions. It is imperative that each question is properly attempted, and that sufficient time is left towards the end of the exam to attempt the final question. Candidates are advised that the quality of the overall script will be reviewed, and students are reminded to attempt the correct number of questions.
TAKE TIME TO THINK
This may sound obvious, but it is important to take time to think about the requirements, the scenario, and how to answer the question. Rushing to put pen to paper without sitting back to think an answer through is a frequent mistake in exams. The following are common examples of errors caused by not thinking about the facts in the scenario or the question requirement.
Failing to properly read and understand the question requirements could result in:
- not thinking properly about the actual question requirement and then proceeding to answer the requirement inappropriately. Not answering the question set is a major reason for failure. Linked to this, it is apparent that a question requirement is often only read briefly, and that the candidate then goes on to assume that the requirement is identical to requirements from previous exam questions. This will mean failing to answer the specific question set.
- making comments that belong to a different question requirement is a mistake which comes from not looking at the question requirements in their entirety. It is important to look at how the requirements relate to each other to ensure that an answer is logical and comments made do not refer to the wrong answer requirement.
Failing to read the scenario carefully, or failing to think it through, could result in:
- making inappropriate suggestions, as a result of not thinking clearly and professionally about the relationship between the audit/assurance provider and the client. It is imperative that candidates appreciate that Paper P7 examines not just technical concepts, but also the ability to make commercial and professional comments and recommendations. This is one area where stopping and thinking about the relationships between individuals within the scenario is crucial. For example, if the candidate is given the role of an audit manager or partner, it is important not to defer to more junior members of the team. Equally, inappropriate comments to the client must be avoided. For example, the management of the client company should not be ‘asked if they are corrupt’ or ‘asked to prove their technical ability to prepare accounts’. Clearly, such comments detract heavily from the quality of any answer, but can be avoided by thinking carefully about relationships and how they should be managed.
- making wholly inappropriate practical suggestions. For example, asking, as part of audit evidence, to physically verify an asset that has been sold, or requesting sight of a purchase invoice for an item bought many years ago. Think carefully about requests or recommendations and ask whether the request could actually be carried out.
- seeing a word and assuming it means something, when really it means something entirely different – this is a common mistake and results purely from not thinking before writing an answer. For example, if a scenario includes information about fines or penalties, it is important to think about whether the amount has been paid before the year end, and not to automatically assume, without taking time to think about the facts from the scenario, that a provision would be necessary.
- when performing calculations, it is crucial to think about the figures provided in the scenario and to use the correct figure in the right way. For example, when calculating materiality, make sure that the correct benchmark is used. If calculating the materiality of an asset, the materiality calculation should be based on the balance sheet, rather than on revenue as this is totally inappropriate.
PRESENTING THE ANSWER
It should go without saying that answers should be clearly presented, as this makes marking much easier. In particular, the following points should be noted:
- Use headings and sub-headings to give the answer a logical flow.
- Bullet points are only appropriate when listing facts which require little explanation, which will be rare in Paper P7.
- Illegible handwriting is a major problem for markers. If handwriting is a particular area of concern, leave a blank line between each line of writing, and write more slowly.
- Start each answer on a new page of the answer booklet.
Remember that some requirements contain professional marks, as discussed earlier, and in these requirements the presentation and layout of the answer is particularly important.
This article has focused on the case study questions which will appear in Section A of the Paper P7 exam, but many of the points made could equally apply to the Section B questions. It is hoped that candidates will have already developed good exam technique in order to reach this final stage in their professional exams. However, in every sitting, many relatively easy marks are not gained because of a poor approach to answering questions. It is recommended that candidates practise as many questions as possible in preparation for the exam; bearing in mind the points made in this article while practising questions should improve performance significantly.
Written by a member of the Paper P7 examining team