ICAG Paper 3.2 - Advanced Audit & Assurance

ICAG Level 3 - MSL Business School

Click HERE to register for ICAG Tuition at MSL Business School

ICAG Paper 3.2: Advanced Audit and Assurance

ICAG Paper 3.2 Advanced Audit and Assurance is the apex of the audit and assurance stream in the ICAG Professional Qualification. Building on the foundations laid in Paper 2.3 Audit and Assurance, this paper demands a significantly higher level of professional judgement, critical evaluation, and technical expertise. It equips candidates to take on the full responsibilities of a registered auditor in Ghana — from accepting engagements and planning audits to evaluating complex evidence, reporting on findings, and navigating the challenges of public sector and contemporary audit practice.

At MSL Business School — Ghana's number 1 and most decorated ICAG tuition provider — our Advanced Audit and Assurance classes are designed to take you beyond textbook knowledge into the kind of applied professional competence that the ICAG examiner tests. With expert lecturers drawn from real audit practice, live online sessions, and the MSL App for revision and practice, you have everything you need to pass Paper 3.2 on your first attempt.

Paper 3.2 Advanced Audit and Assurance — At a Glance

Level: ICAG Professional Level (Level 3)
Prerequisite: Paper 2.3 Audit and Assurance (Level 2)
Exam Format: Written examination — scenario-based questions requiring professional judgement, planning, reporting, and critical evaluation
Exam Duration: 3 hours
Pass Mark: 50%
Core Focus: Ethics and engagement management, audit planning, evidence gathering, reporting, public sector audit, corporate governance, and contemporary issues including AI and digital auditing
Standards Basis: International Standards on Auditing (ISAs), INTOSAI Standards, and Ghana-specific regulatory requirements

Why Paper 3.2 Advanced Audit and Assurance Matters

Audit and assurance sits at the heart of financial accountability in Ghana. Every listed company, regulated financial institution, public sector entity, and major private business requires audited financial statements. The quality of that audit — and the trust it inspires — depends entirely on the competence of the professionals behind it.

Paper 3.2 is designed to produce candidates who are ready to take on senior audit roles — as audit managers, engagement partners, or independent auditors — within the framework of Ghana's regulatory environment and international best practice. It is also highly relevant for candidates in roles adjacent to audit: internal auditors, compliance professionals, finance directors, and governance specialists.

Candidates who pass Paper 3.2 can:

Evaluate ethical and legal issues in complex audit and assurance engagements
Plan and manage audit engagements from acceptance through to completion
Apply sophisticated audit methods — including data analytics, automated tools, and risk-based approaches — to gather and evaluate evidence
Draft professional audit reports and management letters in accordance with ISAs and Ghana law
Advise on corporate governance frameworks and evaluate governance structures
Conduct public sector audits — financial, performance, and compliance — within Ghana's constitutional and statutory framework
Critically evaluate contemporary audit challenges including AI, blockchain, forensic accounting, and money laundering

Paper 3.2 Syllabus Structure and Weightings

Paper 3.2 is one of the most evenly distributed papers in the ICAG qualification — no single area dominates. This means you cannot afford to neglect any section. The distribution also reflects the breadth of competence expected of a professional-level auditor:

(A) Ethical and legal issues, accepting and managing engagements - 10%
(B) Engagement plans - 10%
(C) Audit and assurance methods to gather evidence - 20%
(D) Evaluating evidence, concluding and reporting on an engagement - 20%
(E) Statutory role of government external audit and public accountability in Ghana - 10%
(F) Corporate governance - 10%
(G) Public sector audits - 10%
(H) Contemporary issues and current developments - 10%

Note: Sections C and D — audit methods and evidence evaluation — together carry 40% of the marks and form the technical core of the paper. Combined with planning (Section B) and ethics (Section A), the engagement lifecycle accounts for 60% of total marks. The remaining 40% covers the Ghana-specific public accountability framework, corporate governance, and contemporary issues.

Section A: Ethical and Legal Issues, Accepting and Managing Engagements (10%)

Ethics is not a standalone topic in Paper 3.2 — it runs through every section of the paper. The ICAG examiner expects professional-level candidates to recognise and respond to ethical dilemmas as a matter of instinct, not just rule-following. Section A specifically tests the ethical and legal dimensions of accepting and managing audit engagements.

Evaluating Ethical and Legal Issues

Candidates must be able to evaluate and advise on the full range of legal, professional, and ethical issues that can arise in an engagement. This includes:

Identifying threats to independence — self-interest, self-review, advocacy, familiarity, intimidation — and evaluating their significance
Applying the conceptual framework approach: identify the threat, evaluate its significance, apply safeguards, and document the conclusion
Knowing when threats cannot be reduced to an acceptable level — and when the auditor must decline or withdraw from the engagement
Understanding the requirements of ICAG's Code of Ethics, particularly around independence in audit and assurance engagements
Evaluating and communicating ethical issues with relevant parties — including clients, engagement partners, and regulators

Tendering, Advertising, and Fee Agreements

Candidates must understand the professional requirements around how audit firms obtain work, including:

Permitted forms of advertising and marketing under ICAG's ethical requirements
Tendering procedures — preparation of proposals, fee estimation, scope definition
Contingent fees — prohibited for audit engagements; the rationale and exceptions
Fee levels — the risk of fees that are too low (competence threat) or too high (self-interest threat)
Referral fees and commissions — disclosure requirements

Legal Liability in Audit

Auditors face significant legal exposure. Candidates must be able to evaluate:

Contractual liability: The auditor's duties to the client under the engagement letter; breach of contract claims
Tortious liability (negligence): The three-part test — duty of care, breach, and causation. Candidates from Caparo Industries v Dickman must understand foreseeability, proximity, and fairness. In Ghana, auditors' liability to third parties follows similar principles under common law tort.
Professional negligence: How to defend against negligence claims — contributory negligence, proportionate liability, and the role of professional indemnity insurance
Criminal liability: False statements in prospectuses, false accounting, money laundering — how auditors can face criminal exposure
Mitigation strategies: Engagement letters, liability caps, use of disclaimers, thorough documentation

Engagement Acceptance Considerations

Before accepting any engagement, the auditor must evaluate:

Business risk issues — including those arising from technological advances, cyber security risks, and fraud
Audit risk at the entity level — inherent risk factors specific to the client's industry, operations, and governance
Resources — does the firm have sufficient staff, skills, and time to complete the engagement to the required standard?
Quality management requirements under ISQM 1 (International Standard on Quality Management)
Use of internal audit, component auditors, and specialists
Joint audit requirements — when the engagement involves both private sector and public sector auditors
How engagement terms are agreed and recorded — the engagement letter as a contract

Section B: Engagement Plans (10%)

Planning is the foundation of every quality audit. Section B tests the ability to evaluate and prepare comprehensive audit plans that are tailored to the specific risks of the entity under review. The emphasis at Paper 3.2 level is on justification and professional judgement — not just listing procedures, but explaining why each element of the plan is appropriate given the identified risks.

The Audit Planning Process

A comprehensive audit plan addresses the following:

Risk Assessment

The auditor must identify and assess the risks of material misstatement at both the financial statement level and the assertion level. This involves:

Inherent risk — the susceptibility of an assertion to misstatement before considering controls
Control risk — the risk that the entity's internal controls will not prevent or detect and correct a material misstatement
Detection risk — the risk that the auditor's procedures will fail to detect a misstatement that exists (this is what the auditor controls through their response)
Significant risks — risks that require special audit consideration, typically high inherent risk areas or fraud risks
Understanding the entity — business model, industry, regulatory environment, internal and external factors, governance

Materiality

Materiality is both a planning concept and a completion concept. At the planning stage:

Overall (planning) materiality — typically based on a benchmark such as 5% of profit before tax, 0.5-1% of revenue, or 1-2% of total assets, depending on the primary users of the financial statements
Performance materiality — set below overall materiality to reduce the risk that uncorrected misstatements in aggregate exceed the overall threshold (typically 50-75% of overall materiality)
Specific materiality — for transactions or disclosures where users may be particularly sensitive (e.g., related party transactions, directors' remuneration)

Internal Controls Assessment

The auditor must evaluate the entity's system of internal controls, including:

Control environment — tone at the top, governance, HR policies
Risk assessment processes — how management identifies and responds to business risks
Control activities — authorisation, reconciliations, segregation of duties, physical controls
Information and communication systems — especially IT general controls and application controls
Monitoring activities — internal audit function, management review

IT controls are specifically examinable at Paper 3.2 level — both IT general controls (access controls, change management, backup and recovery) and IT application controls (input validation, processing controls, output controls).

Reliance on Internal Audit and Other Auditors

When can the external auditor rely on the work of internal audit? — ISA 610 criteria: objectivity, competence, systematic approach
Using the work of an auditor's expert — ISA 620: evaluating competence, capability, objectivity, and the adequacy of the expert's work
Component auditors in group audits — ISA 600: directions, supervision, and review

Automated Tools and Techniques (ATT)

Data analytics and automated audit tools have transformed modern auditing. Paper 3.2 tests knowledge of:

Computer-Assisted Audit Techniques (CAATs) — audit software and test data
Data analytics — using 100% population testing rather than sampling, anomaly detection, trend analysis, and predictive analytics
Automated Tools and Techniques (ATT) — the ICAG syllabus specifically references ATT for selecting and evaluating audit evidence
Advantages: greater coverage, faster testing, ability to identify unusual items. Limitations: data quality dependency, expertise required, not suitable for all assertions

Audit of CSR and Sustainability Reports

Candidates must understand the procedures for assurance engagements on corporate social responsibility (CSR) and sustainability reports — a growing area of practice. Key considerations include: the applicable criteria (GRI, ISSB standards), the level of assurance (limited vs. reasonable), materiality in the sustainability context, and the evidence available for non-financial data.

Section C: Audit and Assurance Methods to Gather Evidence (20%)

Section C carries the joint-highest weighting in Paper 3.2 and tests the practical application of audit procedures to gather sufficient appropriate evidence. At the professional level, candidates must not only know what procedures to perform but must be able to develop detailed audit plans with full justification, linked to identified risks and assertions.

The Audit Assertions Framework

All audit procedures are designed to address one or more financial statement assertions. For transactions and events:

Occurrence — recorded transactions actually occurred
Completeness — all transactions that should be recorded have been
Accuracy — transactions are recorded at the correct amounts
Cutoff — transactions are recorded in the correct period
Classification — transactions are recorded in the appropriate accounts

For account balances at period end:

Existence — assets and liabilities exist at the reporting date
Rights and obligations — the entity holds rights to assets and has obligations for liabilities
Completeness — all assets and liabilities are recorded
Valuation and allocation — assets and liabilities are at appropriate carrying values

For presentation and disclosure:

Occurrence and rights and obligations — disclosed events have occurred and relate to the entity
Completeness — all required disclosures are included
Classification and understandability — information is appropriately presented
Accuracy and valuation — information is disclosed at appropriate amounts

Types of Audit Procedures

Tests of Controls

Designed to evaluate the operating effectiveness of internal controls. Applied when the auditor plans to rely on controls to reduce the extent of substantive procedures. Procedures include:

Inspection of documents and records — e.g., reviewing signed authorisation forms
Re-performance — re-executing a control procedure
Observation — watching a control being performed
Enquiry — asking management or staff about controls
CAATs — using audit software to test all transactions for compliance with controls

Substantive Procedures

Designed to detect material misstatements at the assertion level. Two types:

Tests of detail: Directly testing the amounts in transactions, balances, or disclosures — e.g., confirming receivables directly with customers, physically counting inventory, inspecting title deeds for property
Substantive analytical procedures: Evaluating financial information by studying plausible relationships — e.g., comparing gross margin to prior year and industry, reconciling revenue to VAT returns, or comparing payroll cost per employee across periods

Audit Sampling

When testing less than 100% of a population, auditors must apply sampling methods:

Statistical sampling — random sampling, systematic sampling, monetary unit sampling (MUS/PPS). Allows statistical extrapolation of results.
Non-statistical sampling — judgement-based selection; cannot support statistical extrapolation
Risk of incorrect acceptance (Type II error) and risk of incorrect rejection (Type I error)
Projecting misstatements to the population and evaluating whether they are material

Detailed Audit Procedures by Balance Sheet Area

Candidates at Paper 3.2 level must be able to design and justify specific audit procedures for all major financial statement areas. Key areas include:

Revenue and Receivables

Directional testing — test completeness of revenue (understatement risk) by tracing from goods dispatched/services delivered to invoices raised
Cutoff testing — examine invoices either side of year-end to verify correct period allocation
Receivables confirmation — direct external confirmation (positive vs. negative) to test existence and rights
Aged receivables analysis — evaluate recoverability and the adequacy of bad debt provisions
Analytical procedures — compare revenue month-by-month, gross margin analysis, average selling price analysis

Inventory

Attendance at physical inventory count — observe procedures, perform own test counts, reconcile to records
Cut-off procedures — last goods received notes and dispatch notes around year-end
Net Realisable Value (NRV) testing — compare cost to selling price less costs to sell; review post-year-end sales
Analytical procedures — inventory turnover, gross margin analysis

Non-Current Assets (PPE)

Physical inspection and existence verification
Casting and agreeing to the non-current asset register
Additions — inspect invoices, authorisation, and capitalisation policy
Disposals — trace proceeds to bank, calculate profit/loss on disposal
Depreciation review — recalculate using stated rates and useful lives; assess reasonableness
Impairment indicators — review for indicators under IAS 36; evaluate management's impairment assessment

Liabilities and Provisions

Trade payables — supplier statement reconciliations, direct confirmations for material balances
Accruals — reperform calculations, agree to supporting documentation
Provisions — evaluate whether recognition criteria (IAS 37) are met; assess reasonableness of management's estimate
Contingent liabilities — obtain management representations, review legal correspondence, obtain direct confirmation from lawyers

Going Concern

ISA 570 requires the auditor to evaluate whether there is substantial doubt about the entity's ability to continue as a going concern. Procedures include:

Reviewing management's going concern assessment
Analysing cash flow forecasts — key assumptions, sensitivity analysis
Reviewing banking facilities and covenant compliance
Subsequent events review — any post-year-end events that affect going concern
Evaluating the adequacy of going concern disclosures in the financial statements

Section D: Evaluating Evidence, Concluding and Reporting on an Engagement (20%)

Section D — also carrying 20% of marks — tests the ability to evaluate audit evidence, form professional conclusions, and communicate findings in audit reports and management letters. This is where the auditor's professional judgement is most visible and most critical.

Evaluating Audit Evidence

Not all evidence is equal. Candidates must be able to evaluate evidence based on:

Relevance: Does the evidence address the relevant assertion?
Reliability: External evidence is generally more reliable than internal; documentary evidence more reliable than oral; original documents more reliable than copies; auditor-generated evidence more reliable than client-generated
Sufficiency: Enough evidence to support the conclusion — influenced by risk, materiality, and the quality of evidence
Appropriate professional scepticism: The auditor must not simply accept management representations — especially for significant judgements, estimates, and related party transactions

Subsequent Events (ISA 560)

After the reporting date but before the audit report is signed, two types of events may require action:

Adjusting events (Type 1): Events that provide evidence of conditions existing at the reporting date. Must be reflected in the financial statements — e.g., a customer going insolvent after year-end, confirming a year-end receivable was irrecoverable.
Non-adjusting events (Type 2): Events that arise after the reporting date. No adjustment required, but disclosure may be needed if material — e.g., a major acquisition completed after year-end, or the outbreak of conflict affecting a key market.

The auditor also has responsibilities for events discovered after the audit report has been signed but before the financial statements are issued, and for events discovered after the financial statements have been issued.

Accounting Estimates and Areas of Significant Judgement

ISA 540 (Revised) requires enhanced procedures for accounting estimates, particularly complex or highly uncertain estimates. Key considerations:

Understanding how management developed the estimate
Evaluating the reasonableness of significant assumptions
Testing the mathematical accuracy of the calculation
Considering whether the method, data, and assumptions are consistent with prior periods
Evaluating whether management's estimate falls within an acceptable range
Assessing whether there is any indication of management bias

Audit Reports — ISA 700 and Modified Opinions

Drafting appropriate audit reports is a highly examinable skill. Candidates must understand the complete structure of an unmodified audit report and all forms of modified opinion:

Unmodified (Clean) Opinion

Issued when the financial statements give a true and fair view in accordance with the applicable financial reporting framework. The report includes: title, addressee, opinion paragraph, basis for opinion, going concern section, key audit matters (listed entities), other information, responsibilities of management, responsibilities of the auditor, and the auditor's signature.

Modified Opinions — Three Types

Type of Opinion: Qualified Opinion

When Issued: Material but not pervasive misstatement OR limitation on scope

Impact on Report: Except for the matter described... the financial statements give a true and fair view

Type of Opinion: Adverse Opinion

When Issued: Material AND pervasive misstatement in the financial statements

Impact on Report: The financial statements do NOT give a true and fair view

Type of Opinion: Disclaimer of Opinion

When Issued: Material AND pervasive limitation on scope — auditor cannot obtain sufficient appropriate evidence

Impact on Report: We do not express an opinion on the financial statements

Emphasis of Matter and Other Matter Paragraphs

An Emphasis of Matter paragraph draws attention to a matter already disclosed in the financial statements that is fundamental to users' understanding — e.g., a going concern uncertainty that management has adequately disclosed. It does not modify the opinion. An Other Matter paragraph relates to matters not presented in the financial statements but relevant to users' understanding of the audit.

Key Audit Matters (ISA 701)

Required for audits of listed entities in Ghana. Key audit matters are those that required the most significant auditor attention — including high estimation uncertainty, significant management judgements, major transactions, and complex accounting issues. Candidates must know how to identify and communicate KAMs.

Management Letters and Communications with Governance

Beyond the audit report, the auditor must communicate:

Significant deficiencies in internal controls — to those charged with governance (ISA 265)
Overview of the planned scope and timing of the audit (ISA 260)
Significant findings including significant difficulties encountered, material misstatements corrected, significant matters discussed with management
Management representation letters — ISA 580 requires written representations as audit evidence

When to Withdraw, Refer to Expert, or Modify Opinion

Refer to an expert — when the auditor lacks the technical expertise to evaluate a specialised area (e.g., actuarial calculations for pension liabilities, property valuations)
Withdraw from the engagement — when the auditor discovers information that would have prevented acceptance, when management refuses to correct material misstatements, or when the auditor cannot obtain sufficient evidence
Whistle-blowing obligations — in Ghana, auditors have reporting obligations in respect of suspected money laundering, financial crime, and public interest matters

Section E: Statutory Role of Government External Audit and Public Accountability in Ghana (10%)

This section is uniquely Ghana-specific and represents one of MSL's strongest teaching advantages — our lecturers have direct professional experience with Ghana's public accountability framework. Understanding this section is essential for any candidate planning to work in or with the public sector, which represents a significant share of Ghana's economy.

Government External Audit in Ghana and Internationally

Supreme Audit Institutions (SAIs) Internationally

Internationally, government external audit is conducted by Supreme Audit Institutions (SAIs). The International Organisation of Supreme Audit Institutions (INTOSAI) provides the overarching framework, including:

The Lima Declaration — the foundational principles of government auditing: independence, competence, and mandate
The Mexico Declaration — eight core principles of independence for SAIs
ISSAI Standards — International Standards of Supreme Audit Institutions, covering financial audit, performance audit, and compliance audit
The relationship between SAIs and their governments and parliaments — independence is critical but must be balanced with accountability

The Auditor-General of Ghana

Ghana's Auditor-General occupies a constitutionally protected position under Article 187 of the 1992 Constitution. Key features:

The Auditor-General audits and reports on all public accounts of Ghana
Reports are submitted to Parliament for consideration by the Public Accounts Committee
The Auditor-General has power to disallow and surcharge in cases of fraud, irregularity, or waste
Independence is protected — the Auditor-General can only be removed through a process similar to that for a Supreme Court Justice

Ghana's Public Accountability Architecture

Candidates must understand the roles and relationships between all key institutions:

Controller and Accountant-General's Department (CAGD): Responsible for maintaining the public accounts, managing the government's cash and banking operations, and preparing the consolidated financial statements of government
Internal Audit Agency (IAA): Provides oversight and coordination of internal audit across Ministries, Departments and Agencies (MDAs) and Metropolitan, Municipal and District Assemblies (MMDAs). Ensures compliance with the Internal Audit Agency Act, 2003 (Act 658).
Auditor-General's Department: Conducts external audit of all public accounts — MDAs, MMDAs, state-owned enterprises, and public funds
Public Accounts Committee (PAC) of Parliament: Reviews the Auditor-General's report and holds accounting officers accountable for irregularities
Finance Committee of Parliament: Handles budget-related matters including revenue and expenditure approvals
Audit Committees of MDAs and MMDAs: Internal governance oversight bodies within government entities, strengthened under the Internal Audit Agency Act

Public Accountability Mechanisms

Candidates must understand the mechanisms that give substance to public accountability in Ghana:

Value for money (VFM) auditing — the 3Es: Economy (minimising input costs), Efficiency (maximising output per unit of input), Effectiveness (achieving intended outcomes)
Performance auditing — evaluating whether government programmes achieve their objectives
Transparency and disclosure obligations — annual reports, audit reports, public financial management reports
Corporate governance principles for public sector entities — the OECD Guidelines on Corporate Governance of State-Owned Enterprises and Ghana's own public sector governance framework

Section F: Corporate Governance (10%)

Corporate governance — the system by which companies are directed and controlled — is a pervasive theme throughout the ICAG qualification and a core competence for any professional accountant. Section F tests the ability to appraise governance mechanisms critically and apply them to specific scenarios.

The Nature and Purpose of Corporate Governance

Corporate governance addresses the agency problem: the separation of ownership (shareholders) from control (directors). Without effective governance, directors may act in their own interests rather than those of shareholders and other stakeholders. Good governance frameworks reduce this risk through:

Board structures — appropriate composition of executive and non-executive directors
Board committees — audit committee, remuneration committee, nominations committee, risk committee
Accountability and transparency — through financial reporting, audit, and disclosure
Shareholder rights — including voting rights and access to information
Stakeholder consideration — employees, customers, suppliers, the community

The Role of Non-Executive Directors (NEDs)

NEDs play a critical governance role — providing independent oversight of executive management. Key NED responsibilities include:

Challenging and contributing to strategy development
Scrutinising executive performance against agreed goals and objectives
Satisfying themselves on the integrity of financial information and internal controls
Determining appropriate levels of executive remuneration
Chairing or serving on the audit, remuneration, and nominations committees

The Audit Committee

The audit committee is the board committee most directly relevant to the external auditor. Candidates must understand:

Composition requirements — typically a majority of independent NEDs; at least one member with recent and relevant financial experience
Responsibilities — oversight of financial reporting, internal controls, internal audit function, and external audit
Relationship with the external auditor — the audit committee approves the appointment, reviews the audit plan, discusses findings, and assesses auditor independence
Role in monitoring the integrity of the financial statements

Corporate Governance Codes in Ghana

Ghana has developed its own corporate governance framework. Candidates must understand:

Companies Act, 2019 (Act 992): Establishes the statutory minimum requirements for governance of Ghanaian companies — director duties, disclosure requirements, shareholder rights
Ghana Corporate Governance Code for Listed Companies (2020): A principles-based code applicable to companies listed on the Ghana Stock Exchange. Follows the 'comply or explain' approach — companies must either comply with each principle or explain why they have not.
SIGA Act, 2019 (Act 990): Governance framework for state-owned enterprises — requiring SOEs to have boards, publish annual reports, and meet performance targets
Bank of Ghana Corporate Governance Directives: Specific governance requirements for banks and specialised deposit-taking institutions, including requirements on board composition, risk management, and disclosure
OECD Principles of Corporate Governance: International benchmark framework covering rights of shareholders, equitable treatment, role of stakeholders, disclosure and transparency, and responsibilities of the board

Section G: Public Sector Audits (10%)

Section G requires candidates to apply audit principles specifically to the public sector context — where the objectives, accountability relationships, and applicable standards differ from the private sector. This is particularly important in Ghana, where the public sector is a major employer and a significant source of professional accounting work.

Financial Audit in the Public Sector

A public sector financial audit evaluates whether the financial statements of a government entity present fairly, in all material respects, the financial position and performance in accordance with the applicable financial reporting framework (typically IPSAS — International Public Sector Accounting Standards — or cash basis IPSAS for entities not yet on accrual accounting).

Key differences from private sector audit: accountability to parliament and the public rather than shareholders; public sector entities do not have profit as their objective
Reporting: the Auditor-General issues a separate report on each audited entity; findings are consolidated in the annual report to Parliament

Performance Audit

Performance audit evaluates the 3Es — economy, efficiency, and effectiveness — of government programmes and activities. It goes beyond financial compliance to ask: Is the government getting value for money? Are public funds achieving their intended outcomes?

Economy audit — is the government acquiring resources at the lowest cost consistent with quality requirements?
Efficiency audit — are the resources being used effectively — producing maximum output per unit of input?
Effectiveness audit — is the government programme achieving its intended objectives?
Methodology: interviews, surveys, document review, site visits, data analysis, benchmarking

Compliance Audit

Compliance audit determines whether activities, financial transactions, and information comply with the applicable authorities — laws, regulations, and policies. In the Ghanaian public sector, this is particularly important given the requirements of the Public Financial Management Act, 2016 (Act 921) and the Procurement Act, 2003 (Act 663).

The Ghana Health Sector

The syllabus specifically highlights the Ghana Health Sector as an area of particular focus for public sector audit. This reflects the significant volume of public and donor funds flowing through the health system. Key issues include:

Management of programme funds from international donors (World Bank, Global Fund, USAID) — compliance with donor requirements
National Health Insurance Authority (NHIA) — claims verification, provider payments, and fund management
Procurement in the health sector — medicines, equipment, and supplies
Internal controls in district health systems

Section H: Contemporary Issues and Current Developments in Audit (10%)

The audit profession is undergoing its most significant transformation in decades. Section H tests candidates' ability to critically evaluate current and emerging challenges — and to articulate their implications for audit practice in Ghana and globally. This section rewards candidates who are genuinely engaged with the profession, not just studying for an exam.

Recent Audit Failures and Their Impact

High-profile audit failures — including Carillion, Wirecard, Luckin Coffee, and cases closer to home in Ghana — have shaken public confidence in the audit profession. Candidates must understand:

Common themes in audit failures: independence failures, inadequate professional scepticism, audit firms providing excessive non-audit services, rotation failures, and inadequate quality control
Regulatory responses: increased scrutiny from the Financial Reporting Council (UK), PCAOB (USA), and ICAG's own quality monitoring programme in Ghana
The debate on audit reform — mandatory auditor rotation, prohibition of non-audit services, audit market concentration

Forensic Accounting

Forensic accounting applies accounting and investigative skills to legal proceedings. Paper 3.2 tests:

Recognition of fraud — the fraud triangle (pressure/motivation, opportunity, rationalisation) and indicators of fraudulent financial reporting vs. misappropriation of assets
White-collar crime — bribery, corruption, embezzlement, tax fraud, money laundering
Prevention and detection — internal controls, whistleblowing mechanisms, data analytics
When is a forensic audit required? — upon suspicion of fraud, in regulatory investigations, in litigation support, and in asset recovery proceedings
The role of the forensic accountant — investigator, expert witness, damage quantifier, asset tracer

Social and Environmental Auditing / Sustainability Audits

As sustainability reporting becomes mandatory in more jurisdictions, the demand for assurance on sustainability information is growing rapidly. Candidates must understand:

The difference between audit (reasonable assurance) and review (limited assurance) engagements on sustainability information
Applicable standards — ISAE 3000 (Revised) for assurance on non-financial information
Key challenges: subjectivity of sustainability data, lack of established criteria, complex supply chain data, and professional competence requirements

Money Laundering

Ghana's Anti-Money Laundering Act, 2008 (Act 749) and the Anti-Money Laundering (Amendment) Act, 2014 (Act 874) impose obligations on professional accountants and auditors. Candidates must understand:

The three stages of money laundering: placement (introducing illegal funds into the financial system), layering (obscuring the trail), and integration (making funds appear legitimate)
Suspicious transaction reporting obligations — accountants are 'reporting entities' under Ghanaian law
The Financial Intelligence Centre (FIC) — Ghana's AML/CFT authority
Tipping off — the offence of disclosing a suspicious transaction report to the subject
Risk-based approach to AML — customer due diligence (CDD), enhanced due diligence (EDD), and politically exposed persons (PEPs)

Auditing Digital Assets and Digital Auditing

The rise of cryptocurrencies, blockchain-based assets, and digital financial services creates new audit challenges:

Valuation of digital assets — no established market, high volatility, custody verification
Existence and ownership — how do you audit a Bitcoin wallet? Smart contracts? DeFi positions?
Blockchain as audit evidence — immutable records, but privacy features may limit verification
Digital auditing tools — AI-powered anomaly detection, natural language processing for contract review, continuous auditing
Cyber security risks — the auditor must understand cyber risks as a going concern and fraud risk factor

Artificial Intelligence and Robotic Process Automation (RPA)

AI and RPA are transforming how audits are conducted:

RPA — automates repetitive, rules-based tasks such as data extraction, reconciliation, and report generation. Frees auditors for more complex judgement tasks.
Machine learning — identifies patterns, anomalies, and risks in large datasets that human auditors would miss
Natural language processing (NLP) — reads and analyses contracts, board minutes, and disclosures
Risks: over-reliance on algorithms, black-box decision-making, data quality issues, bias in training data
The auditor's responsibility — cannot delegate professional judgement to AI; must understand AI tools sufficiently to evaluate their outputs

ICAG Audit Monitoring Unit and Quality in Ghana

ICAG operates an Audit Monitoring Unit (AMU) that conducts practice monitoring reviews of registered audit firms in Ghana. Key aspects:

The AMU reviews compliance with auditing standards, ethical requirements, and quality management systems
Findings are used to improve audit quality across the profession and may lead to disciplinary proceedings for serious non-compliance
Firms must implement ISQM 1 (International Standard on Quality Management) — which replaced ISQC 1 — covering leadership, ethics, acceptance, human resources, engagement performance, and monitoring

The Role of Regulators in Ghana

Several regulators rely on audited financial statements to protect the public and investors:

Bank of Ghana (BoG): Regulates banks and specialised deposit-taking institutions; requires audited financial statements and may direct specific audit procedures
Securities and Exchange Commission (SEC): Regulates capital markets and listed companies; requires annual audited accounts and specific disclosures
Ghana Stock Exchange (GSE): Listing rules require timely submission of audited financial statements
Insurance Commission: Regulates insurance companies; requires actuarial valuations and audited accounts
National Pensions Regulatory Authority (NPRA): Regulates pension funds and scheme administrators; requires audited financial statements and compliance with the Pensions Act, 2008 (Act 766)

How to Pass ICAG Paper 3.2 Advanced Audit and Assurance

Understand the Scenario-Based Exam Format: Paper 3.2 does not reward memorisation — it rewards application. Every question presents a scenario (a company, a situation, a problem) and asks you to apply your knowledge to that specific context. Practice reading scenarios quickly, identifying the key issues, and structuring your answer around those issues.
Learn the ISAs Deeply — Not Just the Headlines: The examiner tests beyond the headline requirements of each ISA. Know not just what ISA 570 says about going concern, but how you would actually evaluate going concern in a scenario involving a manufacturing company with declining margins and a bank covenant about to be breached. MSL's teaching goes deep on the practical application of every relevant ISA.
Master Audit Report Modifications: Audit report modification questions appear in virtually every Paper 3.2 sitting. You must be able to: identify the issue, evaluate materiality and pervasiveness, determine the correct type of modified opinion, and draft the key paragraphs. Practice drafting these under timed conditions.
4. Know Ghana's Specific Framework Inside Out: Sections E, F, and G are Ghana-specific — and they are 30% of the paper. Many candidates treat these sections lightly because they seem 'easier' than the technical audit standards. That is a mistake. Know the roles of CAGD, IAA, Auditor-General, PAC, and the Finance Committee. Know Act 992, Act 990, and the BoG governance directives.
Stay Current on Contemporary Issues: Section H rewards candidates who read beyond the syllabus. Follow developments in the Ghanaian audit profession, read ICAG's publications, and be aware of high-profile audit failures locally and globally. MSL keeps our teaching materials current — you will not be caught off guard by recent developments in our classes.

Why Study Paper 3.2 at MSL Business School?

MSL Business School has produced more successful ICAG students than any other tuition provider in Ghana — with over 2,000 successful students and 40+ national awards, including the Overall Best Graduating Student across all three ICAG sittings in 2024.

What Makes MSL Different for Paper 3.2

Lecturers with direct experience in audit practice — Big Four firm backgrounds
Ghana-specific teaching on public sector audit, the Auditor-General's role, and ICAG's own quality monitoring framework
Live online classes — interactive, high-quality, with real-time Q&A
Same-day class recordings — review complex ISA applications as many times as you need
The MSL App — AI-powered learning platform with practice questions and progress tracking
Mock examinations — full past question practice with detailed examiner-style feedback
Comprehensive study materials updated for the 2024-2029 ICAG syllabus
2,000+ successful ICAG students — Ghana's most proven tuition track record
ICAG-Approved Partner in Learning

Contact us via WhatsApp, email, or through the MSL App to enrol in our next Paper 3.2 Advanced Audit and Assurance class. Our team will help you build the right study plan to pass on your first attempt.

📞 Call or WhatsApp us: 053 050 4026

🌐 Apply online: mslbusinessschool.com/icag

Our team will confirm which papers you need to sit, advise on any exemptions, and get you enrolled in the right programme for your next sitting.

ICAG Level 3 Tuition — Overview of all four Professional Level papers
ICAG Paper 3.1 Corporate Reporting — Professional Level financial reporting
ICAG Paper 3.3 Advanced Taxation — Professional Level taxation
ICAG Paper 3.4 Strategic Case Study — Integrated strategy and governance
ICAG Level 2 Tuition — Application Level preparation
ICAG Level 1 Tuition — Knowledge Level preparation
How to Become a Chartered Accountant in Ghana — Complete ICAG Guide
MSL Business School Awards — Ghana's most successful ICAG students