Brian Sands
Professor Mandanici
ACC 962
May 10, 2016
SAS 99 Memo
AU Section 316
Consideration of Fraud in a Financial Statement Audit
Source: SAS No. 99 (Supersedes SAS No. 82)
The following is a brief outline of the aforementioned document:
• Description and characteristics of fraud. o Misstatements arising from fraudulent financial reporting. o Misstatements arising from misappropriation of assets.
• The importance of exercising professional skepticism. o Professional skepticism is an attitude that includes a questioning mind and a critical assessment of audit evidence.
• Discussion among engagement personnel regarding the risks of material misstatement due to fraud. o An exchange of ideas or "brainstorming" among the audit team
…show more content…
• Assessing the identified risks after taking into account an evaluation of the entity 's programs and controls. o Requires the auditor to obtain an understanding of each of the five components of internal control sufficient to plan the audit.
• Responding to the results of the assessment. o A response that has an overall effect on how the audit is conducted, that is, a response involving more general considerations apart from the specific procedures otherwise planned. o A response to identified risks that involve the nature, timing, and extent of the auditing procedures to be performed. o A response involving the performance of certain procedures to further address the risk of material misstatement due to fraud involving management override of controls.
• Evaluating audit evidence. o Conditions may be identified during fieldwork that change or support a judgment regarding the assessment of the risks.
Discrepancies in the accounting records.
Conflicting or missing audit evidence.
Problematic or unusual relationships between the auditor and management.
• Communicating about fraud to management, those charged with governance, and others. o Whenever the auditor has determined that there is evidence that fraud may exist, that matter should be brought to the attention of an appropriate level of management.
• Documenting the
Report and record outcome – the findings of the risk assessment must be recorded and all those involved and who need to know should be given explanations and information on how these risks can be prevented and/or controlled.
Appendix A.2 also lists several factors that could provide opportunities for management/employees to commit fraud. One factor that could lead to fraud is if, “There is ineffective monitoring of management as a result of: domination of management by a single person or small group without compensating controls.” The auditors should have taken notice of the lack of controls and segregation of duties with respect to Phar-Mor’s
The purpose of risk assessment is not to remove risks, but to take reasonable steps to reduce them. The process involves looking at the risk, and considering what can be done to make it less likely that the risk will develop into a reality. This can be done through implementing policies and codes of practice, acting in individual’s best interests, fostering culture of openness and support being consistent, maintaining professional boundaries and following systems for raising concerns.
The auditor must assess the transactions for how much of a risk factor is involved. When reviewing these transactions, auditor must be able to review the internal controls of the company’s accounting personnel. The segregation of duties is associated with the safeguarding of an organization 's assets and the topic known as internal control. An example of the segregation of duties would be a company 's requirement that the bank statement for its checking
3.4 summarise the types of risks that may be involved in assessment in own area of responsibility.
The idea behind a risk assessment is to attempt to identify all the potential risks associated with a particular activity. The risk assessment will normally be carried out by the nominated Health and Safety Officer.
PCAOB describes professional skepticism as a general duty of care that needs to be applied by the auditor throughout the duration of the audit engagement. Professional skepticism involves the auditor having a clear and questioning mind regarding the assertions that are presented by management or other client personnel. The auditor is instructed to not take the words or data presented by management as sufficient and appropriate audit evidence but rather the auditor needs to thoroughly audit the evidence with a questioning mind to achieve reasonable assurance about the persuasiveness of the evidence. Skepticism is composed of three elements; auditor attributes, mindset and actions. The PCAOB
Briefly summarize the key facts you noted in your study of the five components of internal control and the rationale for the conclusions you made in the audit program concerning whether each component was adequately designed and implemented.
The purpose of a risk assessment (RA) is to identify the entire organization’s risks and quantify the
A risk assessment is a form that has a risk, what is involved, how serious it could be and
6. The risk assessment team will conduct an inspection of the department/area being assessed for risk or observe the process being assessed for risk in action. The members of the risk assessment team will individually document their findings on the “ABC Proactive Risk Assessment Worksheet” (Attachment A). To determine the appropriate score for each identified risk, the reviewer will consider information obtained through a physical tour of the facility, review of annual incident
When performing risk assessment procedures and related activities to obtain an understanding of the client and its environment, the auditor shall obtain an understanding of the following:
2. Auditors are required to consider evidence obtained and accumulated throughout the audit and make an overall evaluation as to whether substantial doubt exists with respect to the ability of the client
The auditor must obtain an understanding of the entity and its environment, including internal controls, so that they can identify and assess the risks of material misstatement on financial statements due to fraud or error and design and perform further audit procedures.
“Audit committee members or their agents may proactively examine areas, functions, and personnel where collusive fraud risk is reasonably likely to be perpetrated,” (Zmags). The search for fraud, even if performed in the same location multiple times, may continue until the audit committee feels confident that they have ruled out the probability that fraud is prevalent. One of the biggest risks of fraud is management override of controls, requiring the extensive search for risk in, “journal entries and other adjustments and reviewing accounting estimates for possible biases that could result in material misstatements,” (Nysscpa).