Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
103 Cards in this Set
- Front
- Back
Auditor's are responsible for:
|
obtaining reasonable assurance that the financial statements as a whole are free from material misstatement whether caused by fraud or error
|
|
primary responsibility for fraud prevention tests:
|
rest with company management
|
|
auditing standards require the audit team to discuss the susceptibility of the financial statements to fraud:
|
-a discussion of management's involvement in supervising employees with access to cash or other assets
-consideration of unusual/unexplained changes in behavior of employees -consideration of types of circumstances that indicate possibility of fraud -discussion of how an element of unpredictability can be built into audit procedures -discussion of any allegations of fraud |
|
fraud triangle
|
rationalization, opportunity, pressure
|
|
pressure
|
when company management feels pressure from the inside/outside the company to meeting earnings targets
|
|
opportunity
|
when an individual believes that internal controls are weak or not designed to prevent fraud and can be overridden
|
|
rationalization
|
when an individual believes that their actions to commit fraud can be justified
|
|
errors vs. fraud
|
error: unintentional acts of the company
fraud: intentional acts of the company |
|
two types of fraud
|
fraudulent financial reporting - occurs when a company prepares financial statements that are materially misstated
assets are missappropriated - employees in company steal its assets |
|
detecting financial statement fraud
|
1) management and board
2) relationship with others 3) organization & industry 4) financial results & operating characteristics |
|
What are the accounts involved, and fraud schemes?
Transaction: estimate all uncollectible accounts receivable |
accounts involved: bad debt expense, allowance for doubtful accounts
fraud schemes: understate allowance for doubtful accounts, thus overstating receivables |
|
What are the accounts involved, and fraud schemes?
sell goods/services to customers |
accounts involved: accounts receivable, revenues
fraud schemes: record fictitious sales, recognize revenues too early, overstate real sales |
|
What are the accounts involved, and fraud schemes?
accept returned goods from customers |
accounts involved: sales returns, accounts receivable
fraud schemes: not record returned goods from customers, record returned goods after the end of the period |
|
What are the accounts involved, and fraud schemes?
write off receivables as uncollectible |
accounts involved: allowance for doubtful accounts, accounts receivable
fraud schemes: not write off uncollectible receivables, write off uncollectible receivables in a later period |
|
What are the accounts involved, and fraud schemes?
collect cash after discount period |
accounts involved: cash, accounts receivable
fraud schemes: record bank transfers as cash received from customers, manipulate cash received from related parties |
|
What are the accounts involved, and fraud schemes?
collect cash within discount period |
accounts involved: cash, sales discount, accounts receivable
fraud schemes: not recognize discounts given to customers |
|
What are the accounts involved, and fraud schemes?
purchase inventory |
accounts involved: inventory, accounts payable
fraud schemes: under-record purchase, record purchases too late, not record purchases |
|
What are the accounts involved, and fraud schemes?
return merchandise to supplier |
accounts involved: accounts payable, inventory
fraud schemes: overstate returns, record returns in an earlier period |
|
What are the accounts involved, and fraud schemes?
pay vendor within discount period |
accounts involved: accounts payable, inventory, cash
fraud schemes: overstate discounts, not reduce inventory cost |
|
What are the accounts involved, and fraud schemes?
inventory is sold; cost of goods sold is recognized |
accounts involved: cost of goods sold, inventory
fraud schemes: record at too low an amount, not record cost of goods sold nor reduce inventory |
|
What are the accounts involved, and fraud schemes?
inventory becomes obsolete |
accounts involved: loss in write-down of inventory
fraud schemes: not write off or write down obsolete inventory |
|
What are the accounts involved, and fraud schemes?
inventory quantity are estimated |
accounts involved: inventory shrinkage, inventory
fraud schemes: over-estimate inventory |
|
What are the accounts involved, and fraud schemes?
inventory quantities are counted |
accounts involved: inventory shrinkage, inventory
fraud schemes: over-count inventory |
|
What are the accounts involved, and fraud schemes?
inventory cost is determined |
accounts involved: inventory, cost of goods sold
fraud schemes: incorrect costs used, incorrect extensions are made, record fictitious inventory |
|
professional skepticism
|
the auditor is expected to conduct the audit with an attitude of professional skepticism when considering a company's risk of fraud.
-an attitude or state of mind -involves having a questioning mind, making a critical assessment of evidence, especially the reliability of the evidence gathered |
|
6 characteristics of skepticism
|
1) questioning mind - sense of doubt
2) suspension of judgment - withholding judgment until evidence is obtained 3) search for knowledge - desire to investigate beyond obvious 4) interpersonal understanding - recognition that people's motivations and perceptions can lead them to provide biased information 5) autonomy - self-direction, moral independence, and conviction to decide for oneself 6) self-esteem - self confidence to resist persuasion and to challenge assumptions |
|
types of auditor tools - data analysis
|
1) build a profile of potential frauds, obtain data, verify, cleanse, and analysis data
2) regression analysis - idea of finding relationships in large data pools 3) calculate ratio of maximum to minimum - verify accuracy of product prices, areas where large variations are not expected 4) analyze transactions during non-business hours and weekends |
|
Risk of fraud can be mitigated, but not ____.
|
completely eliminated - due to limitations of effectiveness of controls and possibility to override such controls
|
|
Types of fraud controls
|
1) process controls such as reconciliations and physical count. They identify anomalies in accounting entries,
identify anomalies in accounting entries. They also review areas of activity susceptible to manipulation (accounting estimates) 2) whistleblower program |
|
the auditor's assessment of fraud determines the nature, extent, and timing of audit. If the risk of fraud is high, the auditor can:
|
1) change the nature of audit testing and obtain more reliable evidence
2) change the timing of audit tests and perform substantive tests at year end 3) change the extent of audit tests and gather more audit evidence |
|
reporting of fraud to management and the audit committee:
|
the auditor needs to bring the fraud to the attention of the appropriate level of management, usually one level above where the fraud occurred. Fraud involving management (that materially misstates financial statements) should be reported to the audit committee
|
|
PCAOB auditing standards require the external auditor to communicate various matters to the audit committee, including, but not limited to, the following:
|
1) accounting policies, management judgments, accounting estimates
2) auditor's judgment 3) significant differences 4) uncorrected misstatements that were determined by management to be immaterial 5) audit adjustments 6) significant internal control deficiencies or material weaknesses |
|
the auditor is required to document in their workpapers their understanding of:
|
1) significant decisions made during the audit team's discussion regarding the susceptibility of the company's financial statements to material misstatement because of fraud
2) how and when fraud discussion occurred 3) the identified and assessed risks of material misstatements due to fraud at financial statement level and relevant assertion level (as well as procedure performed to obtain the information) |
|
The auditor is required to document in the work papers their response to:
|
1) The assessed risk of material misstatement due to fraud at the financial statement level and at the assertion level; and a linkage between the audit procedures and the assessed risk of material misstatement
2) The results of the audit procedures including those designed to address the risk of management override of internal controls 3) Other conditions and analytical procedures that cause the auditor to believe that additional auditing procedures were appropriate to address the risk of material misstatement because of fraud |
|
Knowledge Acquisition: Sales Process: Activities
|
1) Marketing -> Customer Approval -> Sales Order Entry -> Shipping Delivery -> Pricing/Billing
2) Service Order Entry -> Service Delivery -> Pricing/Billing 3) Pricing/Billing -> Collection, Sales Adjustments, Account Write-off |
|
Accounts in the Sales Process
|
Balance Sheet Accounts: Accounts Receivable, Allowance for Doubtful Accounts
Income Statement Accounts: Sales, Sales Return and Allowances, Sales Discounts, Bad Debt Expense |
|
Revenue assertions:
|
Do recorded sales actually exist?
Are all existing sales transactions recorded? Are sales recorded on the correct dates? Are sales properly authorized? Are sales properly valued? Are sales properly classified? Are sales transactions properly included in the master file and correctly summarized? |
|
Relevant Assertions: Accounts Receivable
|
Do recorded receivables exist?
Are all existing receivables recorded? Are receivables recorded on correct dates? Is the right to collect on receivables present? Does aged trial balance of receivables agree to customer accounts and tie in with general ledger? Are receivables properly valued (i.e. stated at realizable value)? Are receivables are properly classified? |
|
Evidence from risk assessment analysis:
|
extensive evidence from risk assessment analysis:
test of controls - observation and inquiry test of controls - documentation and reperformance analytical review - analytical procedures of performance indicators substantive testing: sample based test of high risk assertions test of accounting estimates tests of disclosures |
|
how does an auditor design tests of controls for revenue or sales?
|
1) understand internal control as it relates to sales
2) assess the planned control risk related to sales 3) control testing decision 4) design tests of controls for sales |
|
1) understand internal control as it relates to sales
|
considerations: management controls, general controls (access controls, other software related controls); documents understanding of internal controls for sales
|
|
key control procedures for revenue process
|
1) segregation of duties
2) authorization procedures 3) documented transaction trails |
|
segregation of duties
|
different employees should:
-initiate sales transaction, approve credit, ship goods, prepare sales invoice, collect cash payments, write off accounts |
|
authorization procedures
|
sales contracts are approved by management, credit sales approved by the credit department, goods are then shipped, prices used come from a price list, uncollectible accounts are written off, sales return and allowances are authorized and classified
|
|
documented transaction trails
|
-bills for shipping documents exist for all sales invoices
-approved customer sales orders support each sales invoice -sales recorded as revenue are supported by invoice -invoices are prenumbered and accounted for -allowance for uncollectible accounts is reviewed on a timely basis |
|
2) assess the planned control risk related to sales
|
-document control strengths and weaknesses
-identify key internal controls that might be used for testing -think about compensating controls -determine if the key controls are designed effectively |
|
3) control testing decision
|
-can he/she reduce risk of material misstatement to a sufficiently low level via only substantive tests?
-assumption is that it will be rare that substantive tests alone will reduce risk, especially in revenue |
|
4) design tests of controls for sales
|
the auditor considers:
-dual-purpose tests: combined test of control effectiveness and substantive test of transactions -tests for all management assertions for which key controls exist -direction of tests (omitted vs. nonexistent transactions) |
|
examples of analytical procedures:
|
1) compare previous years/industry data at a detailed level:
-receivables turnover and days outstanding -aging categories on aged trial balance -bad-debt expense as a percentage of revenue -allowance for uncollectible accounts as a percentage of accounts receivable or credit sales |
|
primary assertions for sales and accounts receivable:
|
Tests of sales transactions: primarily existence and cuttoff.
Tests of accounts receivables: Primarily existence (through confirmation) and valuation |
|
examples of substantive tests of sales transactions:
|
-Trace customer to approved customer list and compare to approved credit limits.
-Compare quantities per sales order, shipping document and invoice. -Trace price to appropriate master price list. -Recompute extensions and footing of invoice. -Test accuracy of customer record in the subsidiary ledger. -Vouch subsequent payment of invoice including validity of discounts taken and interest charged (if any). |
|
Professional standards require the confirmation of receivables unless:
|
both apply -
1) risk of material misstatement is low 2) use of confirmations would be ineffective |
|
Effectiveness of A/R confirmation:
|
1) discovers fictitious accounts and incorrect amounts
2) discovers uncollectibles |
|
What does A/R confirmation not do?
|
discovering omitted accounts (assertion: completion)
|
|
A/R confirmation decisions:
|
Negative confirmation - request a response only if the customer believes that the amount printed on the confirmation is incorrect
Positive confirmation - request that the customer respond whether or not the balance is correct Blank confirmation - Ask the customer to indicate the amount owed at a certain date |
|
Which confirmation decisions are most reliable?
|
positive responses are considered the most reliable evidence
-negative responses are returned only if recipient disagrees but could also mean they did not get, read, or care |
|
aged trial balance
|
the basis for many substantive tests of A/R and the allowance for uncollectible accounts
|
|
audit of aged trial balance
|
need to perform tests to ensure aging is accurate:
1) assess reasonableness of uncollectible percentages based on historical percentage of write-offs and aging category 2) increasing percentage of accounts receivable as they are older should be considered doubtful of collectability 3) aged trial balance is often starting point for selection of receivables to confirm. Confirm most, if not all, accounts over 60 days. Use sampling for the rest |
|
alternative substantive procedures to determine existence, accuracy, valuation (A/R)
|
examine:
cash receipts, bank accounts, etc. shipping documentation sales invoice client correspondence |
|
Why sample?
|
because it is impossible to review 100% of the controls/transactions applied during the year.
|
|
representative sample
|
has the same characteristics as the population from which the sample was taken.
|
|
audit risk =
|
Sampling risk + Nonsampling risk (aspects of audit risk not related to sampling)
|
|
Sampling risk
|
the risk that the sample is not representative of the population; for tests of controls, includes the risk of assessing control risk too high (which affects the efficiency of the audit); and the risk of assessing control risk too low (which affects the effectiveness of the audit)
|
|
nonstatistical sampling:
|
Judgmentally determine sample size, implicitly recognizing relevant factors.
Judgementally select a representative sample Apply audit procedures Evaluate test results judgmentally |
|
statistical sampling
|
Determine sample size EXPLICITLY
randomly select a representative sample apply audit procedures evaluate test results statistically using judgment |
|
controlling sampling risk:
|
Statistical sampling: auditor can quantify sampling risk. Allows for auditor to keep it an acceptable number
nonstatistical sampling: selecting appropriate sampling sizes (risk decreases as size increases), correctly evaluating sample results to consider sample risk |
|
attribute sampling
|
the auditor determines whether a characteristic of interest (attribute) in the population (the internal control) is present by looking at a sample from the population.
Ex: test of sales invoice to ensure credit has been authorized |
|
attribute
|
tested control or transaction
|
|
deviation or error
|
an exception from the tested characteristic or a mistake in a transaction
|
|
Tolerable deviation rate (TDR)
|
the deviation or mistake rate the auditor will permit and still be willing to conclude the process control is operating effectively.
|
|
Tests of Controls Sampling Plan
|
Step 1 Describe the internal control being tested
Step 2 Determine the control objectives including the relevant assertion Step 3 Define the population and the sampling unit Step 4 Define the deviation condition Step 5 Determine the desired level of assurance, the tolerable deviation rate, and the expected population deviation rate Step 6 Select method for determining sample size Step 7 Determine the method of sample selection Step 8 List the selected sample items Step 9 Describe how the sampling procedure was performed Step 10 Evaluate the sample results and make a decision |
|
test objective
|
to determine whether the control is present, for example, a signature from management as required authorization or approval
|
|
sampling unit
|
usually a document (invoice, purchase order) or journal entry
|
|
deviation condition
|
occurs when there is no indication that the control has been performed.
this gives the auditor a clear understanding of the conditions necessary for the control to be working. |
|
As the desired level of assurance increases:
|
sample size increases: The higher the auditor’s desired level of assurance that the results of the sample are representative of the population, the larger the sample size needs to be
|
|
As the tolerable rate of deviation increases:
|
sample size decreases: The lower the tolerable rate of deviation, the larger the sample size needs to be
|
|
As the expected rate of deviation increases:
|
sample size increases: The higher the expected rate of deviation, the larger the sample size needs to be so that the auditor can make an accurate estimate of the actual rate of deviation
|
|
As population increases:
|
it is negligible to the sample size: For large populations (>500) , the size of the population has little or no effect on sample size
|
|
When is the method of determining the sample size (statistical/nonstatistical) determined?
|
after the auditor has specified the Tolerable Deviation Rate, the Expected Rate of Deviation, and the Desired Level of Assurance
|
|
methods of sample selection:
|
simple random sampling, systematic random sampling, haphazard sampling
|
|
simple random sampling
|
the auditor generates random numbers from a random number table or a computer program and then selects the document number corresponding to the random number generated. (Appropriate for statistical and nonstatistical sampling)
|
|
Systematic Random Sampling
|
the auditor divides the number of units in the population by the number in the sample size to calculate a sampling interval and then generates a random number in the sampling interval. The random number is the first item chosen, and the following items are determined by adding the sampling interval to the random number. Appropriate for statistical and nonstatistical sampling.
|
|
Haphazard Sampling
|
the auditor selects the sample without any conscious bias. May be used when the items in the population are not prenumbered documents. Cannot be used for statistical sampling
|
|
If the internal control test is a dual-purpose test:
|
the auditor examines the item to determine whether it contains a deviation from the documented control and then the auditor reperforms the control.
|
|
Evaluating results of Tests of controls:
|
Is the control working?
Yes: Actual Control deviation + allowance for sampling risk < tolerable deviations (substantive testing would be reduced) No: actual control deviation + allowance for sampling risk > tolerable deviations (increase substantive testing, consider it as a material weakness or significant deficiency) |
|
variables sampling
|
The use of sampling to test account balances and classes of transactions (substantive testing)
|
|
As assessment of inherent risk increases:
|
Sample size increases
|
|
As Assessment of control risk increases
|
Sample size increases
|
|
As assessment of risk related to other substantive procedures related to the same assertion increases
|
Sample size increases
|
|
As tolerable misstatement increases
|
Sample size decreases
|
|
As expected misstatement or the variance of the population increases
|
Sample size increases
|
|
What is a contingent liability?
|
A potential future obligation to an outside party for an unknown amount resulting from activities that have already taken place.
|
|
what are the relevant GAAP recommendations? (contingent liabiity)
|
Likely and reasonably estimated - accrual
Likely and not estimable - footnote disclosure Not determinable - footnote disclosure Unlikely - no financial statement or disclosure unless significant adverse effect |
|
The auditor should ask the client to prepare a letter (client letterhead, signed by client officer) asking the attorney to respond directly to the auditor concerning:
|
-client’s description of the nature & current status of all outstanding & possible claims with which the attorney has been involved
-client’s evaluation of the amount & likelihood of loss or gain for each listed outstanding & possible claim -any unlisted or potential items, or whether the status of each claim or assessment is described appropriately |
|
Subsequent events
|
are events or transactions having a material effect on the financial statements that occur after the balance sheet date but before field work completion.
|
|
Events that provide additional evidence about conditions that existed at the balance sheet date (e.g., settlement of liabilities, realization of assets)
vs. Events that occur after the balance sheet date and do not relate to conditions that existed at year-end |
Client financial statements for the period under audit must be adjusted to reflect this subsequent event information.
These subsequent events must be disclosed in the footnotes of the period under audit. The auditor may also consider whether client should prepare pro forma financial statements. |
|
What about a subsequent event that occurs after field work completion?
|
Options:
1. Expand all subsequent events tests to the date of the event and change the report date to the date of the event (e.g., 2/21) 2. Restrict testing only to matters relating to the new event and dual-date the report: |
|
Events Subsequent to Audit Report
|
Auditors have no obligation to perform additional procedures after the report date unless they become aware of facts that existed at the report date
|
|
The auditor is not responsible for preventing noncompliance with all laws and regulations. (T/F)
|
true (the auditor should perform audit procedures to identify noncompliance that could have a material impact on the financial statements)
|
|
Three-Step Evaluation of Going Concern
|
1) Consider evidence that indicates that a going-concern problem may exist.
2) Evaluate management’s plan to mitigate the identified conditions. 3) Determine if management's plan is adequate and appropriate for the circumstances, and assess the likelihood that the company will suffer financial distress. |
|
Signs of Financial Distress
|
Asset composition:
Existence of underperforming assets Debt levels: Lack of new sources of debt financing Cost structure: Negative cash flows Equity position: Inability to obtain additional equity financing |
|
Mitigating Circumstances
|
-Disposal of extraneous assets.
-Restructuring of financing. -Acquisition of new financing. -Reduction or deferral of expenditures. |
|
The auditor must obtain a letter from the client documenting the client’s representations during the engagement:
|
The primary purposes are to:
- Confirm and document oral statements. - Reduce auditor-client misunderstanding. - Remind management of responsibilities. The letter should be signed by the client CFO and CEO and dated with the field work completion date. |