(b) As a newly－qualified Chartered Certified Accountant in Boleyn & Co, you have been

正确答案：
(b) FAQs
(i) Information Technology (IT) services
The greatest threats to independence arise from the provision of any service which involves auditors in:
■ auditing their own work;
■ the decision-making process;
■ undertaking management functions of the client.
IT services potentially pose all these threats:
■ self-interest threat – on-going services that provide a large proportion of Boleyn’s annual fees will contribute to a
threat to objectivity;
■ self-review threat – e.g. when IT services provided involve (i) the supervision of the audit client’s employees in the
performance of their normal duties; or (ii) the origination of electronic data evidencing the occurrence of
transactions;
■ management threat – e.g. when the IT services involve making judgments and taking decisions that are properly
the responsibility of management.
Thus, services that involve the design and implementation of financial IT systems that are used to generate information
forming a significant part of a client’s accounting system or financial statements is likely to create significant ethical
threats.
Possible safeguards include:
■ disclosing and discussing fees with the client’s audit committees (or others charged with corporate governance);
■ the audit client providing a written acknowledgment (e.g. in an engagement letter) of its responsibility for:
– establishing and monitoring a system of internal controls;
– the operation of the system (hardware or software); and
– the data used or generated by the system;
■ the designation by the audit client of a competent employee (preferably within senior management) with
responsibility to make all management decisions regarding the design and implementation of the hardware or
software system;
■ evaluation of the adequacy and results of the design and implementation of the system by the audit client;
■ suitable allocation of work within the firm (i.e. staff providing the IT services not being involved in the audit
engagement and having different reporting lines); and
■ review of the audit opinion by an audit partner who is not involved in the audit engagement.
Services in connection with the assessment, design and implementation of internal accounting controls and risk
management controls are not considered to create a threat to independence provided that the firm’s personnel do not
perform. management functions.
It would be acceptable to provide IT services to an audit client where the systems are not important to any significant
part of the accounting system or the production of financial statements and do not have significant reliance placed on
them by the auditors, provided that:
■ a member of the client’s management has been designated to receive and take responsibility for the results of the
IT work undertaken; and
■ appropriate safeguards are put in place (e.g. using separate partners and staff for each role and review by a partner
not involved in the audit engagement).
It would also generally be acceptable to provide and install off-the-shelf accounting packages to an audit client.