2 | P age

SELF REVIEW PRACTICE MONITORING TOOL

©2013

3 | P a g e

TABLE OF CONTENT.........................................................................................................PAGE NO.

SECTION ONE : OVERVIEW OF THE SELF REVIEW TOOL........................................................4SECTION TWO: FIRM DETAILS.......................................................................................................6

SECTION THREE: FIRM REVIEW.....................................................................................................73.1 Quality control procedures applied by the Practice.....................................................................7

3.2 Leadership responsibilities...........................................................................................................8

3.3 Ethical requirements.....................................................................................................................83.4 Acceptance and continuance of Client relationships and specific requirements.........................8

3.5 Human resources..........................................................................................................................93.6 Engagement performance...........................................................................................................10

3.7 Monitoring..................................................................................................................................113.8 Documentation...........................................................................................................................12

SECTION FOUR: ENGAGEMENT REVIEW...................................................................................154.1Pre-engagement...........................................................................................................................15

4.2 Planning......................................................................................................................................164.3 Understanding the entity including the internal control environment........................................17

4.4Risk assessment procedures........................................................................................................194.5 Internal audit..............................................................................................................................20

4.6 Documentation and audit evidence............................................................................................204.7 Audit Completion.......................................................................................................................22

4.8 Reporting....................................................................................................................................23

SECTION FIVE : CLIENT PROFILE INFORMATION....................................................................255.1 Regulated Clients.......................................................................................................................25

5.2 Listed Clients and other Clients of Significant Public Interest... Error! Bookmark not defined.5.3 Other Audit Clients.....................................................................Error! Bookmark not defined.

4 | P a g e

SECTION ONE : OVERVIEW OF THE SELF REVIEW TOOL

As part of the measures the Institute has put in place to monitor compliance with professional

standards and fulfill the requirements of Statement of Membership Obligation (SMO) 1, the

Institute will be rolling out this self assessment audit quality monitoring tool to small and medium

practitioners with effect from 1st November 2013.

This tool is geared towards enabling individual firms carry out a self review based on the level of

compliance with applicable standards. It gives a firm an opportunity to gauge the major areas of

non-compliance and subsequently based on need call upon the Institute to enhance the firms level

of compliance.

Firms will be selected for reviews primarily based on their risk profiles identified from a desktop

review of the information submitted in this tool. This process will analyse the units’ responses in

the tool and other relevant information.

All firms will complete the self assessment tool after every two years or when called upon to do so

by the Institute. However, should a firm’s processes and any information submitted earlier

significantly change before the two years period, the firm should communicate such changes to

the Institute

This tool will collect the following information about a firm:

i.Organisation and management of the firm

ii.Quality control policies and procedures established by the firm

iii.Engagement review

iv.Client profile of the firm

The tool mostly contains questions of a “Yes / No” answer, but some questions such as those on

the organisation and management of the firm, and client profile information require quantitative

5 | P a g e

data. Some questions also require narrative answers. In general, a “N/A” answer should not be selected unless in the circumstances specified in this Questionnaire.

Benefits of the self review tool.

1. It enables a firm to pro-actively manage its own operations;2. It gives a firm an opportunity to point out its own weaknesses and hence enhance its own

capacity to address the weaknesses;

3. It gives an insight to the firms staffing needs as well as the need to address the gaps identified

through training;

4. It gives a justification to the Institute why your firm needs considerable support or no support

hence the Institute can utilize its technical team to enhance compliance in a more deserving

practice unit;

5. It prepares the firm for the Institute’s programmed review;

6. It serves as a pointer for setting performance targets to audit staff;

7. It will guide the Institute in developing the annual training calendar that addresses; and,

8. Gives the Institute an overview of the governance structure of the firms.

Note:1. Practitioners are advised to fill the tool with total honesty for it to achieve the intended

objectives.

2. The firm should retain information and supporting documentation used in the completion of

this tool and avail it for reference or review by the Institute Reviewer(s) during site visits.

XDoes the firm have branches? Yes No

6 | P a g e

SECTION TWO: FIRM DETAILSName of Firm/Practice: PricewaterhouseCoopers, Kenya.........................................................Physical address; PwC Tower, Waiyaki Way/Chiromo Road Westlands

Postal address: P.O Box 43963-00100, Nairobi

Telephone Numbers: 020 28 55 000

Email address: pwc.kenya@ke.pwc.com

Number of audit staff employees (Attach a list of staff with their qualifications)...................

See attached list of staff employees in Appendix 2

Mode of Practice:

A Sole Proprietorship

A Partnership

Partners Details: (Specify who the Managing Partner is):

X

Reg. RoleMember Name No Practicing

No.CPA Ngahu Peter Kimani 3311 P/1458 Country Senior PartnerFCPA Njoroge Richard Githinji 1651 P/1244CPA Kimacia Bernice Wangari 3863 P/1457FCPA Michael Ochieno Mugasa

3286 P/1478CPA Saiti Kang’e 4506 P/1652FCPA Okundi Benson Ochieng 2348 P/1649CPA Norbert’s Stephen Ochieng

4251 P/1819CPA Anthony Wachira Murage 7270 P/1820CPA Muriu Francis Warui 2597 P/1821CPA Edward Kerich Korgoren 6892 P/2048

If yes, give the following branch details. Attach a different sheet of paper if the branches are more than one.

7 | P a g e

County............................................................................................................................................

Physical location............................................................................................................................

Telephone No................................................................Email.......................................................

Name of Branch Manager.................................................ICPAK Membership No......................

Number of audit staff employees at the branch...............................................................................

(Attach a list of branch staff with their qualifications)

SECTION THREE: FIRM REVIEW.

This section seeks to get information about the firm’s operational procedures as guided by the

International Standards Quality Control (ISQC 1) and International Standards on Auditing (ISA)

220.

Please circle whatever is applicable. Where the space provided is not sufficient, attach

additional information and make reference to specific sections.

3.1 Quality control procedures applied by the Practice

YES

Yes

Yes

Yes

3.1.1 Does the firm have an established system of quality control designed to provide

it with reasonable assurance that the firm and its personnel comply with professional

standards and regulatory and legal requirements promulgated by the Institute?

If the answer is “YES”, please complete questions 3.1.2 to 3.8.1.

If the answer is “NO”, skip section 3 and answer section 4.(However, if the firm has

guidance materials which are relevant, answer in the relevant sections and attach the

materials

3.1.2 Does the firm’s system of quality control include any policies and procedures

that address each of the following elements:

(a)Leadership responsibilities for quality within the practice;

(b)Ethical requirements;

8 | P a g e

(c)Acceptance and continuance of client relationships and specific engagements;

(d)Human resources;

(e)Engagement performances;

(f)Monitoring; and,

(g)Documentation.

3.1.3. Are the Firm’s quality control policies and procedures documented and

communicated to the firm’s partner(s) and staff?

3.2 Leadership responsibilities

Yes

Yes

Yes

Yes

Yes

Yes

If the answer is “YES” for question 3.1.2(a), please list who is responsible and what

are the main considerations under leadership responsibilities.

Peter Ngahu is the Country and Regional Senior Partner.

PwC Kenya’s quality is committed to audit quality and has established a culture embracing high standards in independence and professional ethics. There is a partner responsible for risk management.

The firm has detailed formal policies in relation to ethics, client acceptance and continuance, engagement management, risk management and people development. Compliance with policies is continuously monitored by a robust risk management function and regular independent reviews.

3.3 Ethical requirementsIf the answer is “YES” for question 3.1.2(b), please list the main considerations and

how they are applied in performing engagements.The Country Senior Partner is the Business Conduct Leader (BCL) and is responsible for providing oversight over how the Firm conducts its business internally and externally.

All PwC Kenya partners and staff are expected to uphold and comply with the standards developed by the PwC global network and PwC Kenya. PwC Kenya’s management monitors compliance with these obligations by PwC Kenya’s partners and staff.

Independence

PwC Kenya has adopted the PwC Global policies and related rules regarding independence and compliance, complemented when necessary by more restrictive local professional and regulatory rules. PwC Kenya strictly monitors compliance with regulatory, professional, and PwC independence requirements related to financial interests in and business and service relationships with If the answer is “YES” for question 3.1.2(c), give a brief overview of how you accept

or continue with client engagements, highlighting the main considerations, what you document and processes if any.

PwC Kenya has implemented a process to identify acceptable clients based on the PwC global network’s proprietary decision support systems for audit client acceptance and retention (called Acceptance and Continuance (“A&C”)). A&C facilitates a determination by the engagement team, business management and risk management specialists of whether the risks related to an existing client or a potential client are manageable, and whether or not PwC should be associated with the particular client and its management.

Incase a client terminates your engagement relationship or you get a new client,

do you give/ respond to letters of professional clearance to the incoming/ outgoing

auditor?

If the answer to the above question is no, give reasons

3.5 Human If the answer is “YES” for question 3.1.2(d), briefly explain how the firm ensures it

has sufficient personnel with the capabilities, competence and commitment to ethical

standards necessary to perform its engagements in accordance with professional

standards, regulatory and legal requirements and to enable the firm or engagement

partners(s) to issue reports which are appropriate in the circumstances. Which

personnel issues are addressed in the HR policy?

PwC Kenya partners and staff regularly receive a thorough orientation to the culture, values and core attributes of PwC – Quality, Trust, Teamwork, Excellence and Leadership. PwC Kenya aims to recruit only high quality staff that can operate as accounting and other experts in support of audits and who share in PwC Kenya’s strong sense of responsibility for auditing. There is a robust assessment of the quality of those people we hire from universities.

Professional DevelopmentTraining and development is an ongoing process. Training starts when a person is hired and continues throughout his or her career. PwC Kenya’s people participate in a variety of local, regional and international formal training courses and are also trained through on the job coaching and supervision.

Yes

Yes

9 | P a g e

Supervision and DirectionEach engagement partner is responsible, in consultation with others as appropriate, for staffing engagements with partners and staff that have the professional competence and experience required in the circumstances. Further, each engagement partner is ultimately responsible for determining the extent of direction, supervision and review of the work of more junior staff to who work is delegated.

3.6 Engagement If the answer is “YES” for question 3.1.2(e), give a brief explanation of the audit

methodology, procedures and minimum documentation, highlighting any special

consideration for special audits.

Consistent Global MethodologyPwC Kenya uses a consistent audit methodology and process for audit engagements. The methodology is enhanced as necessary to respond to the changing environment. All audit engagement partners and staff receive ongoing training in this methodology.Comprehensive Policies and ProceduresTo complement the Global policies and procedures, PwC Kenya has comprehensive policies and procedures governing local accounting and auditing practice that are constantly updated to reflect new professional developments and operating environment, and to address emerging issues, as well as the needs and concerns of the practice. These policies cover not only professional and regulatory standards, but also reflect the guidance that PwC provides to its professionals about how best to implement them. They are available in electronic files and databases, are regularly updated or supplemented for all current developments and are accessible remotely at any time.Risk and Quality (R&Q)Consultation is a key element to quality control. PwC Kenya has formal protocols setting out the circumstances under which consultation is mandatory. PwC Kenya is supported by a Technical Department that will track new developments in accounting and auditing and provide updates to the appropriate professional staff. PwC Kenya consultative culture means that our engagement teams will regularly

Does the firm use an audit software?

If “YES”, please specify the name of the

software. ...Aura Client V.6

Is the software developed by an international firm / practice of which the firm is a

member?

Yes

Yes

Yes

10 | P a g e

No

N/A

11 | P a g e

If “YES”, please specify:Name of software...AURA..............................Author.......PricewaterhouseCoopers B.V.........Publisher...PricewaterhouseCoopers B.V...........Edition......Version 6..................................

Is the software developed internally by the firm?

If developed internally by the firm, is the firm willing to assist other firms develop their

in house audit software/tool?

If the answer to the above question is No, give reasons why the firm would not want to

help other firms develop their own audit software /tool.

The software is globally developed and has a patent copyright attached to it by the developers and PwC.

Given an opportunity to buy an audit software, how much will the firm be willing to pay

for acquiring a software? Tick in the relevant box. Kshs 30,000 – 50,000

Kshs 50,000 – 100,000

Kshs. Over 100,000

Any other suggestion.....................................................................................

How much do you consider reasonable amount to pay for the software per user?

Kshs. 8,000 10,000 15,000

How much do you consider as reasonable fee for

annual renewal for user rights for the software?

Kshs. 10,000 _______ 20,000 _________25,000

3.7 Monitoring

If the answer is “YES” for question 3.1.2(f), explain whether the firm has established

policies and procedures, including an ongoing consideration and evaluation of the

firm’s system of quality control which include a periodic inspection of a selection of

completed engagements, designed to provide it with reasonable assurance that the

policies and procedures relating to the system of quality control were relevant,

adequate, operating effectively and complied with in the firm.

PwC Kenya is responsible for monitoring the effectiveness of its quality control systems which includes carrying out, or arranging to be carried out on its behalf, independent reviews both at the management level of the Assurance practice’s systems and procedures (known as Quality Management Review – QMR) and at the individual engagement level (known as Engagement Compliance Reviews) collectively referred to as the “Quality Review” process.The independent Quality Management Review and Engagement Quality Reviews are undertaken so that the firm and significant engagements are reviewed at least every three years. All assurance partners must have at least one of their engagements reviewed every five years. The Quality Review process also involves periodic testing of the effectiveness of PwC Kenya’s quality controls in functional areas such as hiring, training, advancement and independence.

Quality monitoring is an integral part of the PwC Kenya’s continuous improvement program. PwC Kenya constantly evaluates inputs from formal programs such as this and a variety of informal sources in an ongoing effort to improve policies, procedures and the consistency of the quality of work. Instances of failure to meet performance standards are treated seriously and the partner responsible is counselled to improve performance and appropriate steps are taken to fully encourage improvement including, where appropriate

3.8

Documentation Has the firm established policies and procedures, appropriate to its size and structure,

which provides documentary evidence of the operation of the six elements of the

firm’s system of quality control, described in question 3.1.2 above?

If the answer is “YES”, please complete the following subsequent questions

If the answer is “NO”, please select “N/A” for questions 3.8.2 (a) to (d).

Are the working papers sufficiently complete and detailed for the

engagements conducted in the accounting referenced period: a) To

provide an overall understanding of the audit?

Yes

Yes

Yes

Yes

12 | P a g e

b)To indicate who performed the audit procedures and when they were performed?c)To provide evidence that the audit work performed by assistants was supervised

and reviewed?

d)To record the nature, timing and extent of the audit procedures performed, the

results thereof, and the conclusions drawn from the evidence obtained?

e)Did the firm communicate to those charged with governance significant

findings from the audit ? If yes, what was communicated and how was it

communicated?

The following matters are communicated to those charged with governanceSignificant difficulties, if any, encountered during the auditAny significant matters arising from the auditWritten representations requested of managementAny circumstances that affect the form and content of our audit reportOther matters significant to the oversight of the financial reporting processAny independence breaches

Additional matters are communicated to the extent that they are applicable to the engagement.

Does the firm obtain written representation from management on matters material to

the financial statements when other appropriate evidence is not reasonably expected to

exist?

If the answer is “YES”, what is contained in the letter of representation?

As part of our normal audit procedures, we request appropriate directors or senior officials to confirm to us in writing each year such facts or judgements and any other oral representations which we have received from them during the course of the audit on matters having a material effect on the financial statements. We will also ask them to confirm in that letter that all important and relevant information has been brought to our attention.

In addition, we include in or attach to the representation letter a summary of unadjusted audit differences and request that management acknowledges that it has considered the financial statement misstatements brought to its attention by us and has concluded that any uncorrected misstatements are not material to the financial statements taken as a whole.

Yes

Yes

Yes

13 | P a g e

If the answer to the former question is “NO”, explain why you do not get letters of

representations from your clients.

N/A

14 | P a g e

15 | P a g e

SECTION FOUR: ENGAGEMENT REVIEW

This section seeks to get information about how a firm conducts and documents its engagements

as per the applicable international Standards on Auditing (ISAs). It is geared towards checking the

level of compliance and applicability of quality control policies in section three in carrying out

engagements. This section is meant to give an appreciation of the audit process from pre-

engagement stage to completion and review of the engagement before signing audit opinions.

Answers are expected to be as exhaustive as possible. Where the space provided is not sufficient,

the firm may decide to attach additional write-ups and make reference to the specific sections.

Please circle/ tick where applicable

1. Pre-engagement

Does the firm carry out pre-engagement procedures?

If the above answer is YES, answer the following questions.Yes

What process do you follow in accepting and continuing client engagements?

The Firm has implemented a process to identify acceptable clients based on the PwC global network’s proprietary decision support systems for audit client acceptance and retention (calledAcceptance and Continuance (“A&C”)). A&C facilitates a determination by the engagement team, business management and risk management specialists of whether the risks related to an existing client or a potential client are manageable, and whether or not PwC should be associated with the particular client and its management.In the pre-engagement section, what is included in the documentation?

In the pre-engagement section teams are required to document the following:

Risk identification and rating following the completion of the A&C process. The team documents the overall risk rating in relation to risk of material misstatement and any other risk that would cause reputational damage to the firm

Documentation of the approval requirements for carrying out the engagement, including any necessary consultations as required

Results of our relationship checks confirming that there are no independence issuesResults of the Anti-Money Laundering procedures performed

16 | P a g e

Do your clients give engagement letters?

If the answer to the above question is Yes, what are the contents of the letter?

The contents of the letter include detailed clauses under the

following areas:

Yes

- Details of the auditors responsibilities to report to shareholders of the company- Auditors Rights in the context of the Kenyan Companies Act 2015- Scope of audit indicating our objective and relevant framework under which the audit will

be conducted- How the firm will liaise with the Internal audit function where applicable- Responsibilities of the firm while working with other auditors in the context of group

reporting- Responsibilities of Directors of the company with respect to the Kenyan

Companies Act 2015

- Our role and that of management in detection of fraud, error and non-compliance with laws and regulations

- Matters that will be communicated with those charged with governance- Responsibility for identifying and reporting internal controls weaknesses- Request for management representations- Requirements regarding other information and the impact thereon on audit opinion- Auditors entitlement to attend company meetings- Responsibility of preparation of financial statements by management- Other services provided to the client/other clients- Our role in reporting to third parties- Responsibility to seek our consent to any future use of the opinion- Electronic and other publication of auditor’s reports- Fees- Access to working papers- Working for other clients- Independence rules in relation to partners and practice staff members joining clients- Electronic communications between the client and ourselves- Use of PricewaterhouseCoopers software- Use of resources provided other PricewaterhouseCoopers entities- Confidentiality and data protection- Client identification – our requirement to perform anti money laundering procedures

If the answer to the above question is No, explain why. N/a

a. Planning

17 | P a g e

Does the firm carry out audit planning?

If the answer to the above planning is Yes, who is involved in planning?

The planning phase is led by the engagement leader. The whole audit team are required to attend a planning meeting to discuss and agree on the audit strategy and audit plan. The Lead team senior, Engagement Manager and Engagement Leader are involved in the documentation of planning on the audit file.

Yes

Does the firm develop and document an overall audit strategy? Yes

If yes, what main factors does the firm consider is developing the audit strategy?

The following factors are considered while determining the audit strategy:

Characteristics of the engagement;Ascertain reporting objectives;Determination of materiality;Results of preliminary activities and knowledge gained from previous and

other engagements;

Does the firm develop and document an audit plan? Yes

If Yes, what does the audit plan include?

The documentation of the audit plan includes the planned nature, timing and extent of risk assessment procedures and further audit procedures at the assertion level in response to the assessed risks. It is embedded in the audit software and it serves as a record of the proper planning of the audit procedures that can be reviewed and approved prior to their performance.1. Understanding the entity including the internal control environment

Does the firm document the key aspects of understanding the entity and the control environment? Yes

If yes, what aspects does the firm consider?

The following are considered in obtaining an understanding of the entity:

- Relevant industry factors such as market and competition, level of technology utilized, supply

chain input, seasonality,- Relevant regulatory factors including regulatory environment, legislation and regulation with

significant impact- Relevant other external factors such as General economic conditions, conditions with

significant impact such as interest rates, availability of financing. Inflation or currency revaluation- Nature of the entity - Business operations e.g. number of operating locations,

revenue sources ,

18 | P a g e

complexity of supply chain/production chain, reliance on key customers/suppliers- Nature of the entity - Governance structures and ownership, Related parties and Segment

information- Nature of the entity – Other matters such as financing activities, investing activities etc- Entity's selection and application of accounting policies- The entity's objectives and strategies and related business risks- Measurement and review of the entity's financial performance- Nature and extent of the understanding of relevant controls- Control environment operating in the entity- The entity’s risk assessment process- The information system, including the related business processes, relevant to financial

reporting, and communication- Control activities relevant to the audit- Monitoring of controls

Does the firm consider the entity’s information system relevant to financial reporting? Yes

If Yes, what aspects does the firm consider?

The identification of IT dependencies and the evaluation of related IT risks is considered an integral part of the audit procedures.

Where deemed to be effective and efficient the teams will incorporate testing of Information Technology General Controls (ITGCs) and relevant IT dependencies including automated controls, reports, calculations, security and interfaces.

2. Risk assessment procedures

Does the firm carry out risk assessment procedures for all

clients? If No, how do you approach the audit?

If Yes, what considerations do you make and at what levels do you carry out risk assessment procedures?

- While performing risk assessment, we identify and assess the risk of materialmisstatement by considering its nature, magnitude and likelihood in order to determine the most effective and efficient response to reduce audit risk to an acceptably low level. Our risk assessment permeates every aspect of our audit and is thoughtfully considered in each stage of the audit.

- Ordinarily, we will have performed the risk assessment procedures set out in ISA 315.6, including:

o understanding the entity and its environmento understanding and evaluating internal control sufficient to design our

further controls audit procedureso risk assessment analytical procedureso other planning activities

- Our audit risk assessment is continuous throughout our audit rather than a step completed as part of scoping our financial statement audits. We continuously adjust our audit procedures to reflect information that we have learned, including experiences from both the audit of internal control, when applicable, and the audit of the financial statements.

- Prior to the conclusion of the audit and the issuance of our audit report, we consider whether our risk assessment has been confirmed based on the results of our controls and substantive testing. If the risk assessment has changed, determine the impact on our audit plan and the extent to which we may need to do further work.

Does the firm determine whether the use of external confirmations is necessary? If Yes, what alternative procedures does the firm carry out when external confirmations are not been received?

The use of external confirmations is considered necessary except in circumstances where it is determined to be ineffective.

Where the use of confirmations has been considered but no responses have been received, the teams are required to send an additional confirmation request when a reply to a previous request has not been received within a reasonable time frame. For example, the auditor may, having re-verified the accuracy of the original address, send

Where no responses are obtained at all, the following alternative procedures are performed:

Yes

Yes

19 | P a g e

20 | P a g e

• For accounts receivable balances – examining specific subsequent cash receipts, shipping

documentation, and sales near the period end.• For accounts payable balances – examining subsequent cash disbursements or

correspondence from third parties, and other records, such as goods received notes.

If your assessment on risks reveals that there are several risks, how do you respond to the risks?

Risks are assessed at an assertion level, where there are several risks identified on a balance or transaction we are required under ISAs to perform procedures that address those risks that are identified through controls, analytics and tests of detail at the

3. Internal audit

Yes

Yes

Yes

Does the firm have clients with an internal audit function? If Yes, answer the following questions.

Do you consider the work of the internal auditor

Do you evaluate the competencies of the internal auditor?

How do you assess whether the internal auditors work is effective and whether she/he is independent?

In assessing internal audit function, the teams will consider the nature of the activities; the extent to which the internal audit function’s organizational status and relevant policies and procedures support the objectivity of the internal auditors and their competence. Based on their findings the teams will then conclude on whether the work performed by internal audit function is effective for reliance.

4. Documentation and audit evidence

YesTo the best of your understanding, does the auditor document all matters which are important in providing audit evidence to support the audit opinion?

If Yes, list what you consider as adequate documentation. What must be documented as per the engagement performance policy of the firm?

a.Initial procedures such as letters of engagements, independence, acceptance and continuance and the competencies of the team

b.Understanding of the entity and the environment which includes the COSO framework

c.Determinations of materialityd.Assessment of risk which includes documenting fraud risk assessment, risk

assessment procedures at an assertion level on balances and transactions, other risks identified through interviews with client, prior knowledge etc

e.Documenting how we have responded to the risks identified through nature, timing and

f. Document our conclusions on our assessment of going concern, changes to the planned procedures and conclude on significant matters

g. Document completion activities around procedures on financial statements, summarise and evaluate deficiencies in internal control, subsequent events and management representation letters

h. The Engagement leader and Engagement managers must sign off on the planning, completion and significant matter areas

i. Where applicable evidence of second partner consultations should be evidenced on the file

What information must be documented in a standard working paper?

The following information must be documented in a standard working paper:a. Procedures performedb. Audit evidence of the procedures that have been performed and conclusion

thereofc. Details of primary reviewer including date of the reviewd. Details of secondary reviewer including date of the review

How is reviews of work done by junior staff conducted?

All work performed by the junior staff undergoes reviews by the team leader, engagement manager and finally, depending on the level assessed risk, the engagement leader will review.

Where the client has related party transactions, what do you document?

The following information is documented: our understanding the entity’s related party relationship and transactions identification and assessment of the risks of material misstatement associated

with related party relationships and transactions our responses to the risks of material misstatement associated with

related party relationships and transactions evaluation of the accounting for and disclosure of identified related party

relationships and transactions we seek written representations

briefly explain how you document the following. a. Fair value measurements

The following aspects of FV measurements are documented:

Our understanding financial reporting framework in relation to the accounting estimate

We document an understanding how management identifies the need for accounting estimates

Our understanding methods of measurement, including relevant controls performed by management

Our understanding management's assumptions made in determining the estimate

21 | P a g e

Our evaluation of the data and information reliability

22 | P a g e

23 | P a g e

• Our understanding of the changes in methods and management's assessment ofuncertainty

We document our review of prior period accounting estimates and the outcome of these Evaluation of estimation uncertainty and significant risks and our

understanding of the relevant controls

b. Segmental reporting

We obtain an understanding of the methods used by management in Evaluate whether such methods are likely to result in disclosure in accordance with the applicable financial reporting framework Where appropriate, testing the application of such methods; and

Performing analytical procedures or other audit procedures appropriate in the circumstances.

The following is documented:

Auditors’ expert

Determination of the need for an auditor’s expert as appropriate Determination of the procedures to perform when using auditor’s experts Evaluating the competence, capabilities and objectivity of the auditor's

expert and obtaining an understanding of the field of expertise Agreeing terms and arrangements with the auditor’s expert

Reference to the auditor's expert in the auditor's report

Management’s expert Audit evidence prepared by a management’s expert Evaluating competence, capabilities and objectivity Understanding a management's expert's field of expertise Scope of management’s expert’s work

5. Audit Completion.

What activities/ procedures does the firm carry out at the completion stage.

At the completion stage, we perform the following procedures:

a)Assess impact of revising materiality in case of new informationb)Perform an update of risks identified at planning stage, update of minutes and

contractsc)Procedures over financial statements including completion of IFRS disclosure

checklists, review of regulatory requirements

d)Summarize misstatements and consider impact on financial statements

f)Perform overall conclusion analyticsg)Determine appropriate audit report to be issuedh)Communicate to management and those charged with governance significant

matters arising from the audit, obtain management representation, circumstances affecting our report, any independence breaches

i)Documentation and audit file wrap-up in preparation for archivingj)Seek client feedback and evaluate our performance

Does the firm perform audit procedures to evaluate whether the overall presentation of the financial statements, including the related disclosures, are in accordance with the applicable financial reporting framework?

Yes

If Yes, what procedures does the firm follow? Does the firm have guidelines for financial statements presentation and disclosure?

The firm has developed checklists to ensure that overall presentation of the financial statements is appropriate. All teams are mandated to use the appropriate checklists prior to issuing financial statements:

- International Financial Reporting Standards Checklist- The Kenyan Companies Act 2015 checklist for both Company and Group- Directors Report Checklist- Capital Market Authority Checklist- Retirement Benefit Authority Checklist

6. Reporting

Does the auditor’s report contain the following basic elements: Yestitle(700.21)addressee(700.22)introductory paragraph identifying the financial statements audited(700.23)management’s responsibility for the financial statements(700.24-27)auditor’s responsibility(700.28-33)an auditor’s opinion paragraph containing reference to the financial framework used to

prepare the financial statements (IFRS and the Kenyan Companies Act) (700.34-37)other reporting responsibilities(700.38-39)auditor’s signature? (700.40)date of the auditor’s report(700.41)auditor’s address (town or city) (700.42)

How does the firm communicate audit matters of governance interest, including: deficiencies in internal control, fraud, indications that a fraud may exist or uncorrected misstatements to those charged with governance?

The firm uses management letter (post audit report) to communicate such matters to those charged with governance.

24 | P a g e

Teams will request that specific representations regarding the aforementioned matters to be included in the letter of representation.

If the auditor identifies or suspects a fraud has been perpetuate, does he determine whether there exists a responsibility to report the occurrence or suspicion to a party outside the entity? The auditor’s legal responsibility may override the duty of confidentiality of client information; does the auditor consider this fact? Briefly explain.

NOTE:Attached is a comprehensive summary of the most applicable ISAs for clients of SME nature. The

checklist if tailored to cover each section of an audit and the required minimum documentation and

evidence.

25 | P a g e

SECTION FIVE : CLIENT PROFILE INFORMATION

5.1 Regulated Clients

Sector Total For The Practice Per Engagement Partner

Practising

Certificate Number

Banks 37 Kang’e Saiti-11 P/No 1652

Michael Mugasa-6 P/1478

Peter Ngahu-3 P/1458

Richard Njoroge-17 P/

Building Societies - N/A N/A

Insurance companies 35 Bernice Kimacia-8

Kang’e Saiti-9 P/No 1652

Michael Mugasa-2 P/1478

Richard Njoroge-16

Savings & Credit Cooperative Organisations i.e. Saccos

1 Richard Njoroge-1

Retirement Benefit Schemes and Pension Funds

14 Kang’e Saiti-1 P/No 1652

Michael Mugasa-6 P/1478

Peter Ngahu-1 P/1458

Richard Njoroge-6

Total number of regulated clients

87

26 | P a g e

5.2 Listed Clients and other Clients of Significant Public Interest

Sector Total For The Practice Per Engagement Partner

Practising Certificate Number

Banking l sector 4 Kang’e Saiti-2 P/No 1652

Michael Mugasa-1 P/1478

Richard Njoroge-1 P/1244

Agricultural sector 2 Michael Mugasa-2 P/1478

Investment sector 2 Richard Njoroge-2 P/1244

Any other sector 7 Anne Eriksson-2

Richard Njoroge-1 P/1244

Peter Ngahu-2 P/1458

Kang’e Saiti-1 P/No 1652

Bernice Kimacia-1 P/1457

Total number of audit clients

15

27 | P a g e

5.3 Other Audit Clients

Sector Total For The Practice

Per Engagement Partner

Practising Certificate Number

Private companies 264 Bernice Kimacia-26 P/1457

Michael Mugasa-87 P/1478

Richard Njoroge-87 P/1244

Kang’e Saiti- 91 P/No 1652

Peter Ngahu-60 P/1458

Non Governmental Organizations

15 Francis Muriu-3 P/1821

Mwangi Karanja-7 P/2031

Stephen Ochieng’-4 P/1819

Benson Okundi-1 P/1649

Insurance

companies/agencies

and brokers

- N/A N/A

Mutual Funds 5 Bernice Kimacia-4 P/1457

Kang’e Saiti-1 P/No 1652

Total number of other audit clients

284

Appendix 2 – Staff Details

2 | P age

BUSINESS UNIT GRADE NAME ACCA CGEIT CPA (K)

Associate Gideon Nzioka NQ CPAJinalo Mwangi NQ CPALawrence Muchoki NQ CPAYusuf Njoroge NQ CPACyprian Munene NQ CPAReginah Ruro NQ CPAAcquiline Mbithi NQ CPAEliud Ian Mungai NQ CPAJames Maina Githinji NQ CPABrian Mutethia Mutea NQ CPABrian Otieno NQ CPAJane Mumo NQ CPAAmanda Tanui NQAntony Kabiru NQFridah Kipsang NQApindi Ian NQNasra Musa NQ

Ruth Wachira Q CPAAssurance Private Partner Anne Eriksson Q ACCA CPA (K)

Bernice Kimacia Q CPA (K)Kang'e Saiti Q CPA (K)Michael Mugasa Q CPA (K)Peter Ngahu Q CPA (K)Richard Njoroge Q CPA (K)

Senior Manager Brian Ngunjiri Q ACCAJob Ngunu Q CPA (K)Joseph Kiruri Q ACCAMeshack Ndirangu Q CPA (K)Marylinda Ngige Q ACCAPeter Mwangi Q CPA (K)Alice Ng'etich Q CPA (K)Michael Mwaura Q CPA (K)

Mwende Kausya Q ACCASaiba Nyindo Q CPA (K)

Manager Esther Njiru Q CPA (K)Fabian Thiangeta Q CPA (K)Serah Gikonyo Q CPA (K)Stellah Mutuku Q CPA (K)Faith Chege Q ACCAValentine Njeri Q ACCADaniel Kiilu Q CPAEsther Kimeu Q CPA (K)Jackson Wambua Q CPA (K)James Righa Q ACCAJoseph Muchiri Q CPA (K)Judy Manshau NQ ACCAKenneth Wangaruro Q CPA (K)Nahashon Thuo Q CPAPauline Mwai Q CPA (K)Samuel Njiru Q CPA

Senior Associate Benard Nyabiosi Q CPA (K)David Mugo Q CPA (K)Dennis Kobia Q CPAEdwin Muthoni Q CPA (K)James Sitati Q CPAJoan Awino Q CPA (K)Julius Nyakina Q CPAKananu Imathiu NQ ACCAKelvin Kailikia Q CPA (K)Martin Kiplangat Q CPA (K)Maurice Mwanzia Q CPA (K)Solomon Kithinga Q CPA

Susan Karimi NQ CPAYvonne Ogollo Q CPA (K)Andrew Lobatan NQ ACCABryan Bundi NQ CPACraig Oguttu NQ CPAEugene Aicha NQ ACCAGideon Ekeno NQ CPAGodwin Kiprono Q CPAJames Kimani Q CPAJoseph Ambani Q CPALawrence Macharia NQ ACCAMargaret Makau NQ CPAMaureen Kanja Q CPAMuthoni Kahura NQ CPAPatrick Wainaina Q CPAPauline Bogomba NQ ACCAPeninah Wachira Q ACCAPurity Githiomi NQ CPARuth Ngaru NQ ACCAVictor Mutinda NQ CPAWinnie Mwihia Q ACCA

Associate 2 Alice Ejiofor Q ACCAAnthony Kimani Q CPABrenda Kinyanjui Q ACCABrian Were NQ CPACharles Wachudi NQ CPACosmas Rotich NQ CPADaniel Muiruri NQDonald Ngwalla Q CPAEvans Oroche Q CPAFaith Kilimo Q ACCAFelister Njeru Q CPAFelister Onyiego NQ CPA

Florence Okumu Q CPAFranco Khaseke NQ CPAHussein Jafferjee NQ ACCAJanet Kiamba Q CPAJoseck Mwangi NQ CPAJoseph Ndegwa NQ CPAJoseph Wanjohi Q CPAJosiah Muchiri Q CPAJushi Gitau NQ ACCAKelvin Wainaina NQ CPAKim Wanjohi Q CPALawrence Kiponda NQ CPALeonora Onyango NQLucy Kimeu Q ACCAMaureen Waithaka Q CPAMohamed Yunis NQ ACCANelly Muriungi Q CPANicholas Nyamai Q CPAPurity Kariuki Q CPAShellomith Kirocho Q ACCASimon Thuo NQ CPAVictor Otieno NQ CPAVincent Akatch NQ CPAWendy Angel NQ ACCA

Assurance PSG Partner Benson Okundi Q CPA (K)Francis Muiru Q CPA (K)Stephen Ochieng' Q ACCA CPA (K)

Associate Director Mwangi Karanja Q CPA (K)Nadia Nzabi Q CPA (K)

Senior Manager Anthony Saiti Q CPA (K)Erick Gikaria Q ACCAFrancis Nzau Q ACCAStella Githinji Q CPA (K)

2 | P age

Manager Anthony Njeeh Q ACCAJoseph Kagiri Q CPA (K)Leah Kihara Q CPA (K)Morris Munene Q CPA (K)Noni Kadzutu Q ACCASusan Mugera Q CPA (K)Dennis Maluli Q CPA (K)Edgar Ojiambo Q CPA (K)Jeremiah Ruita Q ACCAMercy Kuria Q CPA (K)Paul Sawe Q CPA (K)Simon Ngige Q CPA (K)Francis Ivuvu Q CPA (K)Titus Rotich Q CPA (K)

Senior Associate Hazel Munoko Q CPA (K)Joshua Laiboni Q CPA (K)Samuel Kigamba Q CPA (K)Trizah Mwangi Q CPA (K)Joan Kinyanjui Q CPA (K)Irene Muiru Q CPALuther Otieno NQ ACCAMichael Wanjohi NQ CPAPevy Ouko Q CPAStephen Kiala Q CPA