April 2026 CPA Advanced Auditing and Assurance Past papers with answers

Original price was: KSh600.Current price is: KSh499.

Download April 2026 CPA Advanced Auditing and Assurance Past papers with answers in Pdf form

Description

CERTIFIED PUBLIC ACCOUNTANTS (CPA) ADVANCED LEVEL
ADVANCED AUDITING AND ASSURANCE

WEDNESDAY: 22 April 2026. Morning Paper. Time Allowed: 3 hours.

This paper consists of five (5) questions. Answer ALL questions. Marks allocated to each question are shown at the end of the question. Do NOT write anything on this paper.
QUESTION ONE
New Energy Ltd. is a Kenyan renewable energy company listed at the Nairobi Securities Exchange. During the year ended 31 December 2025, the company acquired a solar generation subsidiary in Tanzania for Sh. 850 million. The company also entered into long-term power purchase agreements with the Government of Kenya. During the year ended 31 December 2025, the company recognised Sh.120 million in carbon credit revenue for the first time. New Energy Ltd. also implemented a new cloud-based financial reporting system across all subsidiaries.

During the audit planning stage, the audit team noted the following issues:
1 The acquisition accounting had been performed by management using internally developed valuation models.
2 Revenue from carbon credits was recognised based on management estimates of future verification approvals.
3 Migration to the new cloud-based financial system was completed two weeks before year end.
4 Internal auditors reported weaknesses in user access controls within the new system.

Required:
(a) Explain THREE audit risks arising from the acquisition of the Tanzanian subsidiary. (6 marks)
(b) Evaluate TWO IFRS-related financial reporting risks associated with carbon credit revenue recognition. (4 marks)

(c) Describe FOUR audit procedures to address risks arising from the implementation of the new cloud-based system.
(4 marks)
(d) Discuss THREE matters that the auditor should communicate with the board of directors in accordance with International Standard on Auditing (ISA) 260 ‘Communication with Those Charged with Governance’.
(6 marks)
(Total: 20 marks)
QUESTION TWO
Johari Mining Corporation Ltd. operates several mineral extraction sites across Kenya under licences issued by the National Environmental Management Authority (NEMA). In September 2025, a structural failure occurred at one of its storage facilities causing toxic sludge to spill into a nearby river. Environmental activists and local farmers filed lawsuits claiming damages of up to Sh. 60 million.
The management of Johari Mining Corporation Ltd. has recognised a provision of Sh. 15 million in the draft financial statements. Legal advisers have indicated that the outcome of the litigation is uncertain, but potentially significant.

During the audit review, the following additional issues were identified:
1 Environmental compliance reports for the last two quarters were missing.
2 A whistleblower alleged that site managers deliberately suppressed internal safety reports.
3 The company had not reported the incident to NEMA.

Required:
(a) Describe THREE forensic audit procedures that could be undertaken to investigate the whistleblower allegations.
(6 marks)
(b) Analyse THREE disclosure requirements that may arise under International Accounting Standard (IAS) 37 ‘Provisions, Contingent Liabilities and Contingent Assets’ in relation to these environmental claims. (6 marks)

(c) Analyse FOUR audit implications arising from the environmental incident for the audit of Johari Mining Corporation Ltd. (8 marks)
(Total: 20 marks)

QUESTION THREE
Afro Digital Ltd. is a fast-growing e-commerce company operating across East Africa. The company processes over 2 million transactions annually through its online platform. During the year ended 31 December 2025, the company introduced:
• A blockchain-based inventory tracking system.
• Artificial Intelligence (AI)-driven dynamic pricing algorithms.
• A third-party payment gateway integrated with multiple mobile money providers.
The audit team plans to rely heavily on automated controls and system-generated reports. However, the following concerns were noted:
1 The blockchain system was maintained by an external vendor with limited transparency.
2 The AI pricing model was considered a “black box” with no clear audit trail.
3 The payment gateway experienced intermittent outages during peak sales periods.
Internal audit reported weaknesses in IT general controls, including inadequate change management procedures.

Required:
(a) Explain THREE audit procedures the auditor could perform to obtain sufficient appropriate audit evidence in a highly automated environment. (6 marks)
(b) Evaluate THREE limitations of audit evidence obtained from automated systems in this environment. (6 marks)

(c) Assess FOUR risks of material misstatement arising from the use of advanced technologies that were used by Afro Digital Ltd. (8 marks)
(Total: 20 marks)

QUESTION FOUR
Good Health Group is a multinational healthcare company with operations in Africa, Europe and Asia. The group prepares consolidated financial statements under International Financial Reporting Standards (IFRS). During the audit for the year ended 31 December 2025, the group’s auditors, Williams and Associates, identified the following complex issues:
1 The group entered into a joint arrangement with a foreign government to build and operate hospitals under a public-private partnership (PPP) model.
2 The European subsidiary recognised revenue from long-term healthcare service contracts using significant management estimates.
3 A cyber-attack in November 2025 disrupted patient billing systems and may have led to data manipulation.
4 The audit committee had raised concerns about aggressive earnings management practices by the senior management.
Required:
(a) Describe THREE audit procedures that Williams and Associates could undertake to address risks arising from the cyber-attack and potential data manipulation. (6 marks)

(b) Explain THREE responsibilities of Williams and Associates in relation to fraud risk in accordance with International Standard on Auditing (ISA) 240 ‘The Auditor’s Responsibilities Relating to Fraud in an Audit of Financial Statements’. (6 marks)
(c) Evaluate FOUR audit planning considerations specific to auditing a multinational group with complex arrangements and Information Technology risks. (8 marks) (Total: 20 marks)

QUESTION FIVE
Ujenzi Construction Ltd. is a company involved in large-scale infrastructure projects funded by international development agencies. During the audit of the year ended 31 December 2025, the following issues were identified:
1 The company recognised revenue on several long-term construction contracts using percentage-of-completion, based on internally generated cost estimates.
2 There were indications that project managers manipulated cost forecasts to accelerate revenue recognition.
3 The company failed to disclose related party transactions involving subcontractors owned by senior executives.
4 The audit firm is under pressure to complete the audit quickly due to tight reporting deadlines imposed by lenders.

Additionally, the audit partner has discovered that one of the senior audit team members previously worked for Ujenzi Construction Ltd. and was involved in preparing some of the financial estimates now under audit.

Required:
(a) Evaluate THREE ethical threats facing the audit team and recommend appropriate safeguards in line with the International Ethics and Standards Board for Accountants (IESBA) Code of Ethics. (6 marks)

(b) Discuss THREE quality control measures that the audit firm should implement in accordance with International Standard on Quality Management (ISQM) 1 (6 marks)

(c) With reference to International Financial Reporting Standard (IFRS) 15 ‘Revenue from Contracts with Customers’, analyse FOUR audit risks associated with revenue recognition on long-term construction contracts and the use of management estimates by Ujenzi Construction Ltd. (8 marks) (Total: 20 marks)
…………………………………………………………………………..

Leave a Reply

Your email address will not be published. Required fields are marked *