1. Business Risk Analysis and Sample Audit Program
Page 1
Business Risk Analysis and Sample Audit Program
Michael P. Mohr
Southern New Hampshire University
2. Business Risk Analysis and Sample Audit Program
Page 2
Abstract
In this artifact I was given a trial balance of a fictitious company with the directive to produce an
audit program based on PCAOB audit standards. Conducting an audit program would normally
require the development of a risk assessment team where input from individuals with a variety of
backgrounds assist with producing the audit program. Some information required to produce the
program was not available, such as specific knowledge of physical safeguards around the
organization and some of the specifics related to segregation of duties. The audit program and
resulting recommendations are based on a trial balance, limited information about the fictitious
company, and background on a real industry the fictitious company operates in.
Keywords: Artifact 2, business risk analysis, sample audit program
3. Business Risk Analysis and Sample Audit Program
Page 3
Business Risk Analysis
Newham Company operates in the personal product industry. Its competitors include
Revlon, Inc. and Avon Products, Inc. There are two issues that are common at the moment in the
personal product industry. One issue is that there are lawsuits associated with cosmetic
companies mislabeling products in order to mislead consumers into purchasing the products
(Muehlberger, Stevenson, McDonough (June, 2015). Newham is currently facing its own
lawsuit associated with mislabeling products that caused allergic reactions in users of its
products. The second issue facing the personal product industry is that sales are generally being
taken away by Chinese companies (Fitzpatrick, Robert, 2015). Newham recently experienced a
change in its executive management due to questionable bonus payments.
The first step of a business risk analysis should begin with defining what fraud is. Fraud
can be defined as intentional concealment of defects through willful misrepresentation of the
truth (ACFE, n.d). The next step of the risk analysis is the formation of a risk assessment team
that should include a diverse set of skills, knowledge, and perspectives. The team should include
people who have knowledge of the organization’s internal controls and financial reporting
procedures. General employees should be participants who are involved in daily business that
involves customers and vendor communications and dealings (ACFE, n.d). Risk management
employees should be on the team who have knowledge about the organization’s Enterprise Risk
Management Program, which is a program that considers risks related to accidents, finance,
strategy, and operations (Rouse, Margaret, n.d). Employees with a background in criminal, civil,
and regulatory liability are necessary in relation to how to respond when fraud or misconduct is
discovered (ACFE, n.d).
4. Business Risk Analysis and Sample Audit Program
Page 4
After the risk assessment team has been formed, the team should discuss all possible
fraud risks to the organization and how fraud could violate regulatory and legal requirements and
damage public opinion of the organization. After brainstorming, a report of the fraud risks
should be sent to the organization’s board of directors or audit committee where the report will
be reviewed in conjunction with their own practices that may contribute to fraud (ACFE, n.d).
Sample Audit Program
Once the risk assessment process has been completed, a fraud audit program is developed
that considers the risk assessment findings. The strength of an effective audit program is in the
risk assessment of the organization (ACFE, n.d).
The fraud program consists of procedures designed to test the internal control system for
reasonable assurance that the system is operating properly so that the financial statements are
being reported accurately. An internal control system consists of an effective accounting system,
appropriate control activities, and a well-designed control environment (Wells, 2011). An
effective accounting system makes concealment of fraud difficult due to an audit trail left in
accounting records that have been altered, hidden, or manufactured, which can be discovered in
records with no support or lacking plausibility in the amounts entered into the statements
(Albrecht, W. S., Albrecht, C. O., Albrecht, C. C., & Zimbelman, M. F.,2012).
Running the Audit Program
It is not useful to compare the company’s liabilities, revenue, inventory, and accounts
receivables to other companies in the same industry because operations can be financed through
earnings, borrowing, and stockholder investments (Albrecht et al., 2012).
5. Business Risk Analysis and Sample Audit Program
Page 5
The most direct method for analyzing the financial statements is with horizontal analysis
(Wells, 2011); the analysis involves the calculation of the increase or decrease from one year to
the next measured as a percentage over the previous year. A review of the financials shows
accounts receivables increasing 36% in 2014 when sales were down 18%, cost of goods sold
were down 25%, and accounts payable were down 38%. Accounts receivables normally do not
increase when sales, cost of goods sold, and accounts payables decrease (Wells, 2011). When
accounts receivables are overstated, revenue is usually overstated (Albrecht et al., 2012).
Unearned revenue is missing from the balance sheet, which cannot be recognized until delivery
is made, and when it is, it makes net income appear better than it really is (Albrecht et al., 2012).
Accrued liabilities were missing in several areas such as with payroll taxes payable, taxes
payable, rent payable, utilities payable, interest payable, FICA withholdings, Medicare
withholdings, and warranty payable. The warranty payable should directly relate to sales. When
payables are missing from the balance sheet, net income will be overstated because the
corresponding expense should be on the income statement (Albrecht et al., 2012).
An 149% increase in sales returns occurred, and an 89% increase in warranty expense
occurred in 2014; this may be due to the pending lawsuit related to mislabeling of products.
Most noticeable, the assets do not equal the total of liabilities and owners’ equity for all
three years with a discrepancy of $288,893 in 2013, $489,376 in 2014, and $824,074 in 2015;
this is reflection of missing reportable figures on the balance sheet.
A review of the statement of cash flows revealed missing reportable items and
discrepancies between the beginning and ending cash amounts. From 2013 to 2014 $652,792 is
missing from the statement of cash flows, and $769,625 is missing from the 2014 to 2015 period.
6. Business Risk Analysis and Sample Audit Program
Page 6
This program will focus on a major red flag that was discovered on both the Income
Statement and Balance Sheet. It is known that a recent change in executive management has
occurred due to questionable bonus payments paid to the executive management team based on
the company’s performance, but bonus details are not recorded in any year on the balance sheet
as bonuses payable. Furthermore, the bonus expense was not recorded on the income statement
either. Not reporting the bonus expense has a direct impact on the net income, and the bonus
payments were based on the company’s performance. Other red flags highlighted in the attached
financials are indications of where the financials may have been altered to assist executive
managers in their aim to meet bonus requirements.
Recommendations
The following procedures should be conducted to investigate where the financials were
altered: Daily sales invoice batches need to be reviewed and reconciled with the batch report
that is then reconciled with the daily accounts posting report. The daily accounts posting report
then needs to be reviewed for the individual customer accounts listings. The customer accounts
need to be matched with the general ledger control account. The sales invoice batches should be
reconciled with the receivables and sales revenue accounts.
Customer accounts need to be verified in a variety of ways because a common fraud is
for employees, or their family members, to establish false companies for the purpose of receiving
falsified invoices. All receivable balances are currently mailed to customers each month by the
accounts receivables department. Invoice numbers, customer names, dates, phone numbers,
addresses, and the names of the employees and their addresses should be placed into a program
where queries can be made such as can be accomplished with Microsoft Excel. Next the
categories should be sorted individually to look for red flags such as duplicate invoices, single
7. Business Risk Analysis and Sample Audit Program
Page 7
vendors associated with multiple invoices in one day, and any missing invoices. Each vendor
should be associated with a total amount invoiced so that vendors with the greatest amounts are
sorted from highest to lowest. An area of great interest would be to find one employee
associated with many of the red flags found in these queries. Check with the Secretary of State
where the vendor is registered and look for the names and addresses of corporate executives.
Next, use a people search site like Intelius.com to search for the names and addresses found and
seek to match them to the names and addresses in Newham’s employee directory (ACFE, 2013).
Contract terms and sales agreements should be reviewed to see if early revenue
recognition has occurred (Albrecht et al., 2012). A review of all long-term debts and interest
payments should be conducted. Phone expenses and utilities should be verified by reviewing
associated bills. The payroll account should be reconciled with the payroll register that is
retained by the controller’s office.
Concerns were highlighted in the statement of cash flows indicating possible missing
cash. Bank statements need to be obtained from the company controller and reconciled with
duplicate deposit slips and the cash receipts journal listing.
Other red flags were discovered in this audit program, which found increases in expenses
in some areas, but those amounts were mostly negligible and were not part of the main focus of
this audit program, which was to find where the financials were manipulated in order to lower
expenses to meet bonus requirements. The increases in sales returns and warranty expenses are
also red flags that deserve investigating, but the answer to those may be answered by researching
the issues related to the lawsuit pending and the allowance credit memos for sales returns.
8. Business Risk Analysis and Sample Audit Program
Page 8
References
Muehlberger, Stevenson, McDonough (June, 2015). The rise of Consumer Fraud Class Action
Lawsuits against Cosmetic Companies and Tips for defending Them. Shook Hardy &
Bacon. Retrieved from http://whoswholegal.com/news/features/article/32352/rise-
consumer-fraud-class-action-lawsuits-against-cosmetic-companies-tips-defending-them/
FitzPatrick, Robert (October 12, 2015). MLMed: Why Avon is fading Away. Retrieved from
http://seekingalpha.com/article/3566276-mlmed-why-avon-is-fading-away
ACFE. Investigating by Computer (September 17, 2013). Available from
https://www.acfe.com/products.aspx?id=2745
Rouse, Margaret (n.d). Enterprise risk Management (ERM) Definition. Retrieved from
http://searchcio.techtarget.com/definition/enterprise-risk-management
ACFE. Managing the Business risk of Fraud: a practical Guide (n.d). Retrieved from
https://www.acfe.com/uploadedFiles/ACFE_Website/Content/documents/managing-
business-risk.pdf
Albrecht, W. S., Albrecht, C. O., Albrecht, C. C., & Zimbelman, M. F. (2012). Fraud
Examination. (4th ed.). Mason, OH: South-Western.
Wells, Joseph T (2011). Principles of Fraud Examination 3rd Edition. Hoboken, New
Jersey: John Wiley & Sons, Inc.
Public Company Accounting Oversight Board (n.d). Auditing. American Institute of Certified
Public Accountants, Inc. Retrieved from http://pcaobus.org/Standards/Auditing
/pages/default.aspx