This document provides an overview and examples of SAS 112, which establishes requirements for communicating internal control deficiencies identified during an audit. It defines key terms like control deficiency, significant deficiency, and material weakness. It discusses how auditors evaluate the severity of control deficiencies based on factors like potential misstatement, likelihood, and magnitude. Examples are provided of common control deficiencies as well as indicators of material weaknesses. Methods for strengthening internal controls over areas like cash, payroll, purchases are also outlined.
The Auditors Responsibilities Relating to Fraud in an Audit of Financial Stat...Dr. Soheli Ghose Banerjee
This presentation is an overview of SA 240 (R). Prepared with Prof. S. Sircar.
Dr. Soheli Ghose ( Ph.D (University of Calcutta), M.Phil, M.Com, M.B.A., NET (JRF), B. Ed).
Assistant Professor, Department of Commerce,St. Xavier's College, Kolkata.
Guest Faculty, M.B.A. Finance, University of Calcutta, Kolkata
The document discusses an auditor's duty regarding detection, documentation, and reporting of fraud according to NSA 240. It defines fraud and error, and explains two types of fraud - fraudulent financial reporting and misappropriation of assets. It also outlines sources of information auditors gather to assess fraud risks, how fraud can be detected and committed by different parties, documentation requirements, and concludes with a summary of the auditor's responsibilities.
The document discusses audit evidence and procedures. It defines the components of audit risk as inherent risk, control risk, and detection risk. It explains that auditors must obtain sufficient appropriate audit evidence to reduce audit risk to a low level. The evidence should be relevant, reliable, directly obtained by the auditor when possible, and in documentary form. Audit procedures include risk assessment, tests of controls, analytical procedures, and tests of account balances, transactions and disclosures. Changing the nature, timing, or extent of procedures can alter the scope of the audit work performed.
The document discusses the differences and relationships between fraud and error in accounting. It notes that fraud is intentional while error can occur due to misinterpretation or incorrect accounting. Management has primary responsibility for preventing and detecting fraud and establishing proper internal controls and corporate governance. Auditors are responsible for obtaining reasonable assurance about whether the financial statements are free of material misstatement due to fraud or error. If fraud is suspected, auditors should perform additional testing, discuss with management, and consider reporting and legal impacts. The document also covers auditor responsibilities and potential criminal and civil liabilities related to negligence.
Assertions in the Audit of Financial Statements (Audit)Artless Shakhawat
This document discusses audit assertions and the audit of financial statements. It defines audit assertions as claims made by management regarding the appropriateness of financial statement elements and disclosures. There are five types of audit tests that can be used, including tests of controls and substantive tests. The document then discusses auditing various accounts, such as revenue/receipts, purchases, inventory, payroll, and fixed assets. It describes the types of evidence and assertions auditors consider when auditing these accounts.
Audit evidence is information used by the auditor to arrive at conclusions to support the audit opinion. Evidence includes accounting records and other information gathered. Evidence should be sufficient and appropriate. Audit evidence can be obtained through inspection, observation, inquiry, confirmation, recalculation, reperformance, and analytical procedures. Sampling involves applying procedures to less than 100% of items to obtain sufficient evidence. Methods of sampling include random, systematic, monetary unit, haphazard, and block selection.
The Importance of Internal Controls in Fraud Prevention Rea & Associates
Presentation made by Ohio Accounting Firm, Rea & Associates, on the how strong internal controls can help Ohio companies deter fraud in the workplace. Special attention is given to the 5 components of internal controls and how to diffuse the traingle of fraud.
This document provides an overview and examples of SAS 112, which establishes requirements for communicating internal control deficiencies identified during an audit. It defines key terms like control deficiency, significant deficiency, and material weakness. It discusses how auditors evaluate the severity of control deficiencies based on factors like potential misstatement, likelihood, and magnitude. Examples are provided of common control deficiencies as well as indicators of material weaknesses. Methods for strengthening internal controls over areas like cash, payroll, purchases are also outlined.
The Auditors Responsibilities Relating to Fraud in an Audit of Financial Stat...Dr. Soheli Ghose Banerjee
This presentation is an overview of SA 240 (R). Prepared with Prof. S. Sircar.
Dr. Soheli Ghose ( Ph.D (University of Calcutta), M.Phil, M.Com, M.B.A., NET (JRF), B. Ed).
Assistant Professor, Department of Commerce,St. Xavier's College, Kolkata.
Guest Faculty, M.B.A. Finance, University of Calcutta, Kolkata
The document discusses an auditor's duty regarding detection, documentation, and reporting of fraud according to NSA 240. It defines fraud and error, and explains two types of fraud - fraudulent financial reporting and misappropriation of assets. It also outlines sources of information auditors gather to assess fraud risks, how fraud can be detected and committed by different parties, documentation requirements, and concludes with a summary of the auditor's responsibilities.
The document discusses audit evidence and procedures. It defines the components of audit risk as inherent risk, control risk, and detection risk. It explains that auditors must obtain sufficient appropriate audit evidence to reduce audit risk to a low level. The evidence should be relevant, reliable, directly obtained by the auditor when possible, and in documentary form. Audit procedures include risk assessment, tests of controls, analytical procedures, and tests of account balances, transactions and disclosures. Changing the nature, timing, or extent of procedures can alter the scope of the audit work performed.
The document discusses the differences and relationships between fraud and error in accounting. It notes that fraud is intentional while error can occur due to misinterpretation or incorrect accounting. Management has primary responsibility for preventing and detecting fraud and establishing proper internal controls and corporate governance. Auditors are responsible for obtaining reasonable assurance about whether the financial statements are free of material misstatement due to fraud or error. If fraud is suspected, auditors should perform additional testing, discuss with management, and consider reporting and legal impacts. The document also covers auditor responsibilities and potential criminal and civil liabilities related to negligence.
Assertions in the Audit of Financial Statements (Audit)Artless Shakhawat
This document discusses audit assertions and the audit of financial statements. It defines audit assertions as claims made by management regarding the appropriateness of financial statement elements and disclosures. There are five types of audit tests that can be used, including tests of controls and substantive tests. The document then discusses auditing various accounts, such as revenue/receipts, purchases, inventory, payroll, and fixed assets. It describes the types of evidence and assertions auditors consider when auditing these accounts.
Audit evidence is information used by the auditor to arrive at conclusions to support the audit opinion. Evidence includes accounting records and other information gathered. Evidence should be sufficient and appropriate. Audit evidence can be obtained through inspection, observation, inquiry, confirmation, recalculation, reperformance, and analytical procedures. Sampling involves applying procedures to less than 100% of items to obtain sufficient evidence. Methods of sampling include random, systematic, monetary unit, haphazard, and block selection.
The Importance of Internal Controls in Fraud Prevention Rea & Associates
Presentation made by Ohio Accounting Firm, Rea & Associates, on the how strong internal controls can help Ohio companies deter fraud in the workplace. Special attention is given to the 5 components of internal controls and how to diffuse the traingle of fraud.
Risk management involves identifying, assessing, and prioritizing risks, then applying resources to minimize their impact or maximize opportunities. There are typical business risks like strategic, operational, compliance and financial risks. Risk management processes include establishing the context, identifying risks, assessing them, developing risk strategies, implementing a risk management plan, reviewing and communicating. Key strategies for addressing risks include transferring risks, avoiding risks, reducing risks, and accepting risks.
1. Auditors are expected to provide an opinion on whether a company's financial statements are presented fairly in accordance with the applicable financial reporting framework.
2. Auditors obtain an understanding of a company's internal controls to plan the nature, timing, and extent of audit procedures. Weak internal controls require more audit testing.
3. Auditors must maintain independence, be competent and exercise due care. They follow standards for responsibilities, performance, reporting and obtaining evidence.
Yes, it is possible to give an adverse opinion on internal controls and an unqualified opinion on the financial statements.
The key factors that allow for this are:
1. The material weakness in internal controls relates specifically to the valuation process and oversight of a particular portfolio, not broader internal controls.
2. The auditors considered the material weakness in determining their audit approach but still obtained sufficient appropriate audit evidence to issue an unqualified opinion on the financial statements.
3. Management is responsible for the financial statements and internal controls, and the adverse internal controls opinion does not affect the auditors' opinion on the financial statements.
So in summary, while a material weakness in internal controls was identified, it did not per
Auditing & Assurance Standard 15 provides guidance on audit sampling for auditors. It establishes that auditors can use statistical or non-statistical sampling methods to evaluate a sample of items from a population to obtain sufficient audit evidence rather than examining all items. The standard provides guidance on designing an audit sample, including considering the audit objectives, population, stratification, sample size, tolerable error, and sampling risk. It also provides guidance on selecting the sample randomly, systematically, or haphazardly and evaluating the results.
INTERNATIONAL STANDARD ON AUDITING 200 (REVISED)
OVERALL OBJECTIVES OF THE INDEPENDENT AUDITOR AND THE
CONDUCT OF AN AUDIT IN ACCORDANCE WITH INTERNATIONAL
STANDARDS ON AUDITING
This document discusses materiality, audit risk, and their relationship. It defines materiality as a misstatement that could affect a user's decision. Audit risk is the risk of an inappropriate audit opinion. There are three types of audit risk: inherent risk, control risk, and detection risk. Materiality is considered at the planning and evaluation stages of the audit. The level of audit risk depends on factors like user reliance and legal liability exposure. Higher materiality and audit risk require more audit work.
Operational risk is the risk of loss from failed internal processes, people, systems or external events. It is embedded in all bank activities and processes. Major types of operational risk include internal and external fraud, workplace issues, damage to physical assets, business disruptions, client/product issues, and legal risks. Common operational risk events in banking include losses from internal fraud, external fraud, improper sales practices, physical damage, system failures, and failed transaction processing. The document outlines approaches for quantifying and measuring operational risk, including the Basic Indicator Approach, Standardized Approach, and Advanced Measurement Approach. The Advanced Measurement Approach, which uses internal loss data and assessment methods, is most beneficial for banks.
Audit risk is the risk that an auditor will provide an inappropriate audit opinion when the financial statements contain material misstatements. Audit risk has three components: inherent risk, control risk, and detection risk. Inherent risk is the possibility of material misstatements in the financial statements due to factors like complex accounting issues or assets susceptible to theft. Control risk is the possibility that misstatements will not be prevented or detected by internal controls. Detection risk is the possibility that audit procedures will fail to detect material misstatements. The auditor determines an acceptable level of overall audit risk.
The document discusses assurance services and audits. It defines assurance services as independent, professional services that improve the quality of information for decision makers. It outlines the key elements of an assurance engagement as having a three party relationship between the practitioner, responsible party, and intended users, a suitable subject matter, criteria to evaluate the subject matter, sufficient evidence to support the assurance opinion, and a written report. The document also discusses the differences between reasonable and limited assurance engagements.
The document discusses the auditor's responsibility to consider fraud and error in an audit of financial statements. It defines fraud and error, noting that misstatements can arise intentionally from fraud or unintentionally from error. The primary responsibility for preventing and detecting fraud and error rests with management and those charged with governance of the entity. As part of an audit conducted in accordance with BSAs, the auditor is responsible for obtaining reasonable assurance about whether the financial statements are free from material misstatement due to fraud or error, though an audit cannot guarantee the detection of fraud. The auditor's responsibilities are limited by the inherent limitations of an audit.
The stages of auditing are as follows: determine audit approach, understand the entity, assess risk of material misstatement, select audit procedures, prepare report, and report to management. Auditors determine risks, formulate responses like additional procedures, and test controls and substantive procedures. Audit risk is the risk of giving an inappropriate opinion and comes from inherent, control, and detection risk. Business risk impacts the organization directly from operations.
The document discusses two Bangladeshi Standards on Auditing (BSA): BSA 550 on related party transactions and ISA 570 on going concern.
BSA 550 defines related parties and related party transactions, and notes that related party transactions require special attention if they are not in the normal course of business or are at non-market terms. It also discusses disclosure requirements for related party transactions.
ISA 570 provides guidance on evaluating management's assessment of an entity's ability to continue as a going concern. It describes events that could cast doubt on an entity's ability to continue as a going concern and the auditor's responsibility to consider management's assessment and any material uncertainties regarding going concern.
The stages of an external audit are:
1. Audit acceptance which involves agreeing terms of reference, addressing legal and ethical considerations, and preparing an engagement letter.
2. Audit planning and control which involves developing an overall strategy, establishing objectives and scope, and planning to reduce audit risk.
3. Performing the audit which involves obtaining evidence through tests of controls and substantive procedures, evaluating misstatements, and forming an opinion.
The document discusses the objectives and responsibilities of an auditor when conducting an audit in accordance with auditing standards. It covers several key points:
1) The overall objectives of an audit are to obtain reasonable assurance that the financial statements are free of material misstatement and to report findings. The auditor must comply with ethical standards and exercise professional skepticism, judgment, and obtain sufficient evidence.
2) The terms of an audit engagement must be agreed upon in writing with management and include the scope, responsibilities of the auditor and management, applicable financial reporting framework, and expected report form.
3) On recurring audits, the auditor assesses if terms need revising due to changes in circumstances, management, ownership or other factors
This document discusses designing substantive audit procedures. It covers determining detection risk based on inherent and control risk, and how the nature, timing, and extent of substantive procedures varies with detection risk. The document describes analytical procedures, tests of details of transactions, and tests of details of balances as types of substantive procedures. It also discusses developing audit programs, computer-assisted techniques, and special considerations like estimates and related parties.
This document discusses operational risk management. It begins by defining risk management and the types of risks, including operational risk. It then discusses why operational risk management is important, highlighting some significant operational risk events. It describes tools for identifying and monitoring operational risk, such as loss data collection, risk and control self-assessments, and key risk indicators. It also discusses approaches for measuring operational risk capital requirements under Basel II and III, including the basic indicator approach, standardized approach, and advanced measurement approach. Finally, it notes some challenges in measuring operational risk and ways to mitigate and control operational risk exposures.
Internal controls over financial reporting and internal audit are often unpopular but necessary to avoid unpleasant surprises. To maintain effective controls, companies must identify key business risks, install controls to prevent or detect issues, and promote transparency and shared understanding of business and reporting processes across departments. Without buy-in from both business and finance staff, controls become counterproductive burdens rather than facilitators of reliable reporting.
This document provides an overview of SAS 104-111 and what they mean for the audit profession. It discusses the key changes and requirements of each standard, including a greater focus on risk assessment, better understanding of clients' internal controls, and clearly linking risk assessment to the nature and extent of audit procedures. It also provides tips for auditors on implementing the risk-based approach and for clients on preparing for an audit under the new standards to make the process more efficient.
The document provides an overview of Symbian OS, including:
- Symbian OS is an open, mobile operating system designed for battery-powered devices. It provides robustness, stability and low power consumption.
- The OS layers include the user interface, core system services, and hardware interface layers. It supports various UI designs like Series 60 and UIQ.
- The platform has evolved over time with new versions adding features like multimedia enhancements, graphics acceleration, security improvements and support for additional devices and networks.
Anytime, Anywhere Approach To Social Mediaguest8143e
Presented at Social Networking Conference Windows Consumer marketing perspective on Social Media and how we use it everyday to connect with customers and share our brand.
This document summarizes Symbian OS data types including integers, text, Boolean, floating point values, TAny, and enumerations. It also discusses Symbian OS naming conventions for classes, variables, and functions.
Risk management involves identifying, assessing, and prioritizing risks, then applying resources to minimize their impact or maximize opportunities. There are typical business risks like strategic, operational, compliance and financial risks. Risk management processes include establishing the context, identifying risks, assessing them, developing risk strategies, implementing a risk management plan, reviewing and communicating. Key strategies for addressing risks include transferring risks, avoiding risks, reducing risks, and accepting risks.
1. Auditors are expected to provide an opinion on whether a company's financial statements are presented fairly in accordance with the applicable financial reporting framework.
2. Auditors obtain an understanding of a company's internal controls to plan the nature, timing, and extent of audit procedures. Weak internal controls require more audit testing.
3. Auditors must maintain independence, be competent and exercise due care. They follow standards for responsibilities, performance, reporting and obtaining evidence.
Yes, it is possible to give an adverse opinion on internal controls and an unqualified opinion on the financial statements.
The key factors that allow for this are:
1. The material weakness in internal controls relates specifically to the valuation process and oversight of a particular portfolio, not broader internal controls.
2. The auditors considered the material weakness in determining their audit approach but still obtained sufficient appropriate audit evidence to issue an unqualified opinion on the financial statements.
3. Management is responsible for the financial statements and internal controls, and the adverse internal controls opinion does not affect the auditors' opinion on the financial statements.
So in summary, while a material weakness in internal controls was identified, it did not per
Auditing & Assurance Standard 15 provides guidance on audit sampling for auditors. It establishes that auditors can use statistical or non-statistical sampling methods to evaluate a sample of items from a population to obtain sufficient audit evidence rather than examining all items. The standard provides guidance on designing an audit sample, including considering the audit objectives, population, stratification, sample size, tolerable error, and sampling risk. It also provides guidance on selecting the sample randomly, systematically, or haphazardly and evaluating the results.
INTERNATIONAL STANDARD ON AUDITING 200 (REVISED)
OVERALL OBJECTIVES OF THE INDEPENDENT AUDITOR AND THE
CONDUCT OF AN AUDIT IN ACCORDANCE WITH INTERNATIONAL
STANDARDS ON AUDITING
This document discusses materiality, audit risk, and their relationship. It defines materiality as a misstatement that could affect a user's decision. Audit risk is the risk of an inappropriate audit opinion. There are three types of audit risk: inherent risk, control risk, and detection risk. Materiality is considered at the planning and evaluation stages of the audit. The level of audit risk depends on factors like user reliance and legal liability exposure. Higher materiality and audit risk require more audit work.
Operational risk is the risk of loss from failed internal processes, people, systems or external events. It is embedded in all bank activities and processes. Major types of operational risk include internal and external fraud, workplace issues, damage to physical assets, business disruptions, client/product issues, and legal risks. Common operational risk events in banking include losses from internal fraud, external fraud, improper sales practices, physical damage, system failures, and failed transaction processing. The document outlines approaches for quantifying and measuring operational risk, including the Basic Indicator Approach, Standardized Approach, and Advanced Measurement Approach. The Advanced Measurement Approach, which uses internal loss data and assessment methods, is most beneficial for banks.
Audit risk is the risk that an auditor will provide an inappropriate audit opinion when the financial statements contain material misstatements. Audit risk has three components: inherent risk, control risk, and detection risk. Inherent risk is the possibility of material misstatements in the financial statements due to factors like complex accounting issues or assets susceptible to theft. Control risk is the possibility that misstatements will not be prevented or detected by internal controls. Detection risk is the possibility that audit procedures will fail to detect material misstatements. The auditor determines an acceptable level of overall audit risk.
The document discusses assurance services and audits. It defines assurance services as independent, professional services that improve the quality of information for decision makers. It outlines the key elements of an assurance engagement as having a three party relationship between the practitioner, responsible party, and intended users, a suitable subject matter, criteria to evaluate the subject matter, sufficient evidence to support the assurance opinion, and a written report. The document also discusses the differences between reasonable and limited assurance engagements.
The document discusses the auditor's responsibility to consider fraud and error in an audit of financial statements. It defines fraud and error, noting that misstatements can arise intentionally from fraud or unintentionally from error. The primary responsibility for preventing and detecting fraud and error rests with management and those charged with governance of the entity. As part of an audit conducted in accordance with BSAs, the auditor is responsible for obtaining reasonable assurance about whether the financial statements are free from material misstatement due to fraud or error, though an audit cannot guarantee the detection of fraud. The auditor's responsibilities are limited by the inherent limitations of an audit.
The stages of auditing are as follows: determine audit approach, understand the entity, assess risk of material misstatement, select audit procedures, prepare report, and report to management. Auditors determine risks, formulate responses like additional procedures, and test controls and substantive procedures. Audit risk is the risk of giving an inappropriate opinion and comes from inherent, control, and detection risk. Business risk impacts the organization directly from operations.
The document discusses two Bangladeshi Standards on Auditing (BSA): BSA 550 on related party transactions and ISA 570 on going concern.
BSA 550 defines related parties and related party transactions, and notes that related party transactions require special attention if they are not in the normal course of business or are at non-market terms. It also discusses disclosure requirements for related party transactions.
ISA 570 provides guidance on evaluating management's assessment of an entity's ability to continue as a going concern. It describes events that could cast doubt on an entity's ability to continue as a going concern and the auditor's responsibility to consider management's assessment and any material uncertainties regarding going concern.
The stages of an external audit are:
1. Audit acceptance which involves agreeing terms of reference, addressing legal and ethical considerations, and preparing an engagement letter.
2. Audit planning and control which involves developing an overall strategy, establishing objectives and scope, and planning to reduce audit risk.
3. Performing the audit which involves obtaining evidence through tests of controls and substantive procedures, evaluating misstatements, and forming an opinion.
The document discusses the objectives and responsibilities of an auditor when conducting an audit in accordance with auditing standards. It covers several key points:
1) The overall objectives of an audit are to obtain reasonable assurance that the financial statements are free of material misstatement and to report findings. The auditor must comply with ethical standards and exercise professional skepticism, judgment, and obtain sufficient evidence.
2) The terms of an audit engagement must be agreed upon in writing with management and include the scope, responsibilities of the auditor and management, applicable financial reporting framework, and expected report form.
3) On recurring audits, the auditor assesses if terms need revising due to changes in circumstances, management, ownership or other factors
This document discusses designing substantive audit procedures. It covers determining detection risk based on inherent and control risk, and how the nature, timing, and extent of substantive procedures varies with detection risk. The document describes analytical procedures, tests of details of transactions, and tests of details of balances as types of substantive procedures. It also discusses developing audit programs, computer-assisted techniques, and special considerations like estimates and related parties.
This document discusses operational risk management. It begins by defining risk management and the types of risks, including operational risk. It then discusses why operational risk management is important, highlighting some significant operational risk events. It describes tools for identifying and monitoring operational risk, such as loss data collection, risk and control self-assessments, and key risk indicators. It also discusses approaches for measuring operational risk capital requirements under Basel II and III, including the basic indicator approach, standardized approach, and advanced measurement approach. Finally, it notes some challenges in measuring operational risk and ways to mitigate and control operational risk exposures.
Internal controls over financial reporting and internal audit are often unpopular but necessary to avoid unpleasant surprises. To maintain effective controls, companies must identify key business risks, install controls to prevent or detect issues, and promote transparency and shared understanding of business and reporting processes across departments. Without buy-in from both business and finance staff, controls become counterproductive burdens rather than facilitators of reliable reporting.
This document provides an overview of SAS 104-111 and what they mean for the audit profession. It discusses the key changes and requirements of each standard, including a greater focus on risk assessment, better understanding of clients' internal controls, and clearly linking risk assessment to the nature and extent of audit procedures. It also provides tips for auditors on implementing the risk-based approach and for clients on preparing for an audit under the new standards to make the process more efficient.
The document provides an overview of Symbian OS, including:
- Symbian OS is an open, mobile operating system designed for battery-powered devices. It provides robustness, stability and low power consumption.
- The OS layers include the user interface, core system services, and hardware interface layers. It supports various UI designs like Series 60 and UIQ.
- The platform has evolved over time with new versions adding features like multimedia enhancements, graphics acceleration, security improvements and support for additional devices and networks.
Anytime, Anywhere Approach To Social Mediaguest8143e
Presented at Social Networking Conference Windows Consumer marketing perspective on Social Media and how we use it everyday to connect with customers and share our brand.
This document summarizes Symbian OS data types including integers, text, Boolean, floating point values, TAny, and enumerations. It also discusses Symbian OS naming conventions for classes, variables, and functions.
The document is a job posting from iContract seeking online strategists, designers, and writers. For online strategists, it seeks candidates with 1-2 years of solving branding challenges and addressing demanding clients and deadlines. For designers, it seeks those with 1-2 years of making the web a less ugly place and improving ads. For writers, it seeks those with 1-2 years of charm and influencing people to make job descriptions appealing. Candidates should submit resumes under relevant titles to the provided email.
Acceleo - Let's start with an Android exampleJonathan Musset
--- Eclipse Con 2010 ---
Acceleo is a pragmatic implementation of the OMG* standard for code generation called MTL*. Still in incubation state, we plan to have Acceleo graduate for the next Eclipse simultaneous release (Helios).
Being an expert at code generation or Acceleo is not necessary to get started on your first code generator : using the Acceleo editor and the powerful features it exposes (completion, syntax highlighting, on-the-fly compilation, quick outline, ...), it is very easy to get started once you understand the most basic principles.
This talk presents both the MTL language and the Acceleo Development Toolkit which is provided in the M2T project. Beginners will learn what code generation, M2T, and Acceleo are, as well as how to use them on a concrete case-study. Acceleo addicts will discover the new standard syntax, new functionalities and techniques. We will give you enough of the basics to create your own code generation for a specific target system. We have chosen the Android platform as a target to show that we can also use Acceleo for mobile software.
Here is the talk agenda :
- Acceleo : What's that new code generation engine?
- Create an Android prototype and its corresponding model
- Initialize your code generation project from the prototype
- Editing your code generation file to make the Android prototype run
- Launching your code generation on another model example
- Packaging as an eclipse plug-in and for standalone usage
- Create new Android applications in few clicks
- How to override a specific behavior in the target environment
- On the developper side : How to make your own extensions with Acceleo?
We'll end the talk with other complex code generation examples made with Acceleo : EEF, UML to Java, Ecore to python, Migrating from a language to another...
*OMG : Object Management Group
*MTL : Model to Text Language
The Junior Special Life Policy from Shelter Life Insurance Company provides term life insurance coverage for children from infancy through age 26. For a single premium payment of $555, it offers a $20,000 policy. Alternatively, the premium can be paid monthly for 12 months. The policy also includes a guaranteed insurability rider, allowing the insured to purchase additional permanent life insurance between ages 25-40 without a health exam. This ensures the ability to acquire life insurance even if health issues arise before age 26.
The document discusses various concepts related to auditing, including control risk, inherent risk, detection risk, internal controls, substantive tests, and revenue recognition. It provides definitions and examples for these terms. For instance, it defines control risk as the risk that a misstatement will not be prevented or detected by internal controls. It also gives examples of improper revenue recognition schemes and discusses testing controls related to the revenue cycle.
The audit committee plays an important role in overseeing the financial reporting process and audit of a company's financial statements. The key responsibilities of an audit committee include:
1. Overseeing and monitoring the financial reporting process to ensure accuracy and compliance.
2. Appointing, compensating, and overseeing the independent auditor.
3. Reviewing and discussing the audit plan, audit results, and auditor's report with the independent auditor.
4. Reviewing the adequacy of the company's internal controls and risk management procedures.
The audit committee helps provide oversight of management, the internal auditors, and the independent auditor to strengthen the integrity of financial reporting and maintain public trust in the
Financial Auditing for Internal Auditors_CPD.pptxManna Mahadi
Internal auditors focus on examining an organization's financial records and internal controls to determine if they are accurate and comply with relevant standards and regulations. The objectives of internal financial audits are to assess risks, evaluate internal controls, ensure compliance with laws and regulations, and report any control weaknesses. Key areas of focus include understanding controls over financial accounting and reporting, testing the design and effectiveness of these controls, designing substantive audit procedures, and confirming the accuracy of financial statements. Effective internal controls help safeguard assets, ensure accurate financial reporting, comply with laws, and monitor organizational goals.
This document discusses audit planning tools used to guide audit work including preliminary risk assessment, materiality decisions, analytical procedures, and audit programs. It explains the audit risk model and how inherent risk, control risk, and detection risk contribute to overall audit risk. The document also covers preliminary assessment of materiality, analytical procedures used in audit planning, developing audit programs, evaluating internal controls, assessing control risk, and substantive testing procedures like confirmations and examining bank reconciliations.
This document provides an overview of tests of controls for auditing purposes. It discusses assessing control risk, the purpose and nature of tests of controls, and how the work of internal auditing may be used. The document outlines the process of assessing control risk and communicating conclusions. It describes types of controls expected in IT environments and lists alternative computer-assisted audit techniques.
Understanding and Mitigating Risks to Your CompanySkoda Minotti
This document provides an overview of understanding and mitigating risks for a company. It introduces the presenters Chrissy Walters and Randal Slifer and their backgrounds. The rest of the document outlines steps for conducting a high-level risk assessment, breaking down the internal control process through documentation, identifying risks and controls, testing, and creating a sustainable compliance program. Key aspects covered include defining risks and controls, conducting risk assessments and testing, documenting processes, identifying risks within processes, developing effective controls, and improving existing controls.
Audit of Internal Financial Control over Financial Reporting (IFCR) A complet...Taufir Alam
Introduction to the Presentation on internal financial control over financial reporting_a complete guide
The Companies Act, 2013 has introduced some new requirements relating to audits and reporting by the statutory auditors of companies.
One of these requirements is given under Section 143(3)(i) of the Act which requires the statutory auditor to state in his audit report whether the company has adequate internal financial controls system in place and the operating effectiveness of such controls.
The section has cast onerous responsibilities on the statutory auditors because reporting on internal financial controls is not covered under the Standards on Auditing issued by the ICAI.
Since the concept of reporting on internal financial controls is still new in India this new reporting requirement has thrown up many challenges for the members.
To help the members properly understand and perform the various aspects of this reporting responsibility, the Auditing and Assurance Standards Board of the Institute of Chartered Accountants of India has brought out this Guidance Note on Audit of Internal Financial Controls Over Financial Reporting.
The Guidance Note covers aspects such as Scope of reporting on internal financial controls under Companies Act 2013, essential components of internal controls, Technical guidance on the audit of Internal Financial Controls, Implementation guidance on the audit of Internal Financial Controls.
I have presented the above guidance note into a presentation that will have a complete guide for those who are planning to go for Audit of Internal financial control over financial reporting. this presentation will cover all the relevant aspects and also provide the standard operation process for the efficient conduct of the IFCR Audit. You don't need to read the complete Guidance note.
This document provides an introduction to Computer Assisted Auditing Techniques (CAAT). It discusses two main audit methodologies in a computer environment: auditing around the computer using a "black box" approach, and auditing through the computer using a "white box" approach. The black box approach treats the computer as a bookkeeping machine without examining internal processing, while the white box approach examines internal workings to verify system controls and testing. CAAT techniques allow auditors to test entire populations of transactions more efficiently compared to traditional audit sampling methods.
ETHICS FRAUD AND INTERNAL CONTROL AND AUDITING COMPUTERIZED FINANCIAL SYSSTEM...PascalOtieno
This document discusses ethics, fraud, internal controls, and auditing in accounting information systems. It covers key topics such as:
- Types of business and computer ethics issues that can arise
- Definitions and common schemes for management and employee fraud
- The importance of internal controls in preventing and detecting fraud at different stages of information processing
- Approaches to auditing computerized accounting systems, including auditing through and around computers
- How computer-assisted audit techniques (CAATs) can help auditors overcome issues like loss of audit trail and reduce errors
The document provides details on fraud schemes, the role of internal controls, different audit approaches and techniques for computerized environments, and factors to consider when
The document discusses internal audit compliance procedures for assessing an organization's adherence to regulations and standards. It outlines steps the internal auditor should take including: 1) Completing compliance checklists through inquiries and observations; 2) Comparing the organization's control systems to regulations; 3) Performing compliance testing of documents; 4) Conducting visits to remote locations to evaluate controls and transactions; 5) Investigating any exceptions found and ensuring corrective actions are taken. The goal is to standardize compliance review procedures to provide consistent evaluations across an organization's different business units and locations.
The document outlines the key steps in conducting an audit:
1. Planning the audit including understanding risks, determining materiality, and developing an audit program.
2. Assessing risks through evaluating inherent risk, internal controls, and determining a combined risk assessment.
3. Performing audit procedures including analytical procedures, tests of details on samples, and obtaining other evidence.
4. Concluding the audit by evaluating results, summarizing findings, and issuing an audit report with an opinion.
This document outlines audit procedures and assignments for ACC 492, including:
- Weekly textbook problems, current issue summaries, team assignments covering auditing of cash, financial instruments, sales, receivables, inventory, payroll, acquisitions, payments, property, and contingencies.
- A final exam covering topics like audit sampling, internal controls, audit evidence, and business cycles.
The assignments and exam are designed to help students learn how to audit key accounts and cycles and apply audit standards and procedures.
This document outlines audit procedures and assignments for ACC 492, including:
- Weekly textbook problems, current issue summaries, team assignments covering auditing of cash, financial instruments, sales, receivables, inventory, payroll, acquisitions, payments, property, and contingencies.
- A final exam with multiple choice questions testing understanding of audit sampling, internal controls, audit evidence, and business cycles.
The course focuses on auditing various accounts and cycles through application of audit procedures and analysis of current issues.
Interim testing and the timing of the audit. Why does an auditor do .pdfARORACOCKERY2111
Interim testing and the timing of the audit. Why does an auditor do it? What types of audit work
are normally accomplished in the interim period(s)? How will the level of control risk (high risk
vs. low risk) affect interim testing? Define substantive testing.
Solution
Interim Testing Interim testing/Auditing is auditing of the transactions and financial records
in between two actual final audits that are carried out at the end of accounting periods. Why
does an auditor do Interim Testing? Auditors carry out interim testing in case of companies that
have huge number of transactions ,which need to be verified & vouched to facilitate the final
audit & also to save time. This usually is slated or timed to coincide with fiscal Q3 review
procedures. Also the company\'s internal control and information processing system are verified
& the auditor satisfies himself that he can resort to reduced testing at the year end. This also
reduces last-minute strain on company\'s officers in cooperating with the audit personnel --who
are able to explain in a thorough manner all points for clarification. Types of audit work
normally accomplished in the interim period(s) The extent of audit-work & the dates covered--
in the interim periods ,largely depend on the level of internal control prevalent in the company
Areas like inventories, cash receivables and plant records are best tested in the interim periods so
as to achieve perfection in their testing , before reporting in the year end audit-reports. Control
risk & interim Testing: Control risk is the risk that one or more or a group of material error or
fraud that could go undetected despite the presence of the company\'s internal control systems
Interim testing/Auditing will definitely help to minimise or lower this risk , as the transactions
are vouched by more than one person . But the vice-versa is also true,---ie. More the control
risk , more the necessity of interim testing of transactions ,to eliminate errors, frauds of
omissions & commissions Substantive testing---- Auditor\'s tool to form an opinion These are
audit procedures-- carried out to assert--- that the balances against the account heads appearing in
the financial statement / financial records of an entity ,say for inventory,do actually exist,are
complete,accurate & valid. Substantive testing is done on various accounting transactions also
,ie. They are analysed & tested in detail, for purposes of reporting..
05.2 auditing procedure application controlsMulyadi Yusuf
To summarize:
1) Auditors conduct a top-down risk assessment (RA) to determine which applications and controls to review. They document risks and controls in matrices mapped to processes, accounts, and disclosures.
2) The RA involves weighting risk factors, ranking risks, and prioritizing applications for review based on composite risk scores. Applications above a threshold score are included in the review scope.
3) The review scope, approach, and frequency are based on the RA results and resource availability. A business process method breaks processes into levels to structure the control review.
Assessing risks and internal controls trainingshifataraislam
This document provides an overview of assessing risks and internal controls for process owners. It discusses identifying risks within business processes and points where failures could occur. The document also covers internal control definitions, techniques, myths and facts. Process owners are responsible for acknowledging risks and controls within their processes, remedying deficiencies, and signing quarterly certifications. They should educate their personnel on requirements and reinforce internal focus on controls.
This document discusses forensic auditing and its importance in detecting financial fraud. It provides definitions of forensic auditing, noting that it examines legalities and blends techniques from other audit types to determine if financial statements accurately reflect business value or if any fraud occurred. Forensic auditing aims to gather legally tenable evidence to identify fraud and persons responsible, unlike statutory audits that express opinions on financial statement accuracy. Detection techniques for forensic audits include critical point auditing to filter fraud symptoms and propriety auditing to evaluate economy, efficiency and efficacy of transactions.
The document discusses various audit procedures related to testing cash, revenue, expenses, investments, financing, and other cycles. It provides examples of substantive tests that can be performed for balances such as plant assets, long-term debt, and cash. It also describes audit evidence that can be used, including cash disbursement journals, bank reconciliations, canceled checks, and confirmations with customers, lenders, and banks. The document is a reference guide for auditors, outlining the types of tests and evidence applicable for different financial statement line items and cycles.
B2B payments are rapidly changing. Find out the 5 key questions you need to be asking yourself to be sure you are mastering B2B payments today. Learn more at www.BlueSnap.com.
Unveiling the Dynamic Personalities, Key Dates, and Horoscope Insights: Gemin...my Pandit
Explore the fascinating world of the Gemini Zodiac Sign. Discover the unique personality traits, key dates, and horoscope insights of Gemini individuals. Learn how their sociable, communicative nature and boundless curiosity make them the dynamic explorers of the zodiac. Dive into the duality of the Gemini sign and understand their intellectual and adventurous spirit.
Digital Marketing with a Focus on Sustainabilitysssourabhsharma
Digital Marketing best practices including influencer marketing, content creators, and omnichannel marketing for Sustainable Brands at the Sustainable Cosmetics Summit 2024 in New York
Understanding User Needs and Satisfying ThemAggregage
https://www.productmanagementtoday.com/frs/26903918/understanding-user-needs-and-satisfying-them
We know we want to create products which our customers find to be valuable. Whether we label it as customer-centric or product-led depends on how long we've been doing product management. There are three challenges we face when doing this. The obvious challenge is figuring out what our users need; the non-obvious challenges are in creating a shared understanding of those needs and in sensing if what we're doing is meeting those needs.
In this webinar, we won't focus on the research methods for discovering user-needs. We will focus on synthesis of the needs we discover, communication and alignment tools, and how we operationalize addressing those needs.
Industry expert Scott Sehlhorst will:
• Introduce a taxonomy for user goals with real world examples
• Present the Onion Diagram, a tool for contextualizing task-level goals
• Illustrate how customer journey maps capture activity-level and task-level goals
• Demonstrate the best approach to selection and prioritization of user-goals to address
• Highlight the crucial benchmarks, observable changes, in ensuring fulfillment of customer needs
Company Valuation webinar series - Tuesday, 4 June 2024FelixPerez547899
This session provided an update as to the latest valuation data in the UK and then delved into a discussion on the upcoming election and the impacts on valuation. We finished, as always with a Q&A
Zodiac Signs and Food Preferences_ What Your Sign Says About Your Tastemy Pandit
Know what your zodiac sign says about your taste in food! Explore how the 12 zodiac signs influence your culinary preferences with insights from MyPandit. Dive into astrology and flavors!
How MJ Global Leads the Packaging Industry.pdfMJ Global
MJ Global's success in staying ahead of the curve in the packaging industry is a testament to its dedication to innovation, sustainability, and customer-centricity. By embracing technological advancements, leading in eco-friendly solutions, collaborating with industry leaders, and adapting to evolving consumer preferences, MJ Global continues to set new standards in the packaging sector.
Taurus Zodiac Sign: Unveiling the Traits, Dates, and Horoscope Insights of th...my Pandit
Dive into the steadfast world of the Taurus Zodiac Sign. Discover the grounded, stable, and logical nature of Taurus individuals, and explore their key personality traits, important dates, and horoscope insights. Learn how the determination and patience of the Taurus sign make them the rock-steady achievers and anchors of the zodiac.
Part 2 Deep Dive: Navigating the 2024 Slowdownjeffkluth1
Introduction
The global retail industry has weathered numerous storms, with the financial crisis of 2008 serving as a poignant reminder of the sector's resilience and adaptability. However, as we navigate the complex landscape of 2024, retailers face a unique set of challenges that demand innovative strategies and a fundamental shift in mindset. This white paper contrasts the impact of the 2008 recession on the retail sector with the current headwinds retailers are grappling with, while offering a comprehensive roadmap for success in this new paradigm.
Top mailing list providers in the USA.pptxJeremyPeirce1
Discover the top mailing list providers in the USA, offering targeted lists, segmentation, and analytics to optimize your marketing campaigns and drive engagement.
The 10 Most Influential Leaders Guiding Corporate Evolution, 2024.pdfthesiliconleaders
In the recent edition, The 10 Most Influential Leaders Guiding Corporate Evolution, 2024, The Silicon Leaders magazine gladly features Dejan Štancer, President of the Global Chamber of Business Leaders (GCBL), along with other leaders.
At Techbox Square, in Singapore, we're not just creative web designers and developers, we're the driving force behind your brand identity. Contact us today.
Easily Verify Compliance and Security with Binance KYCAny kyc Account
Use our simple KYC verification guide to make sure your Binance account is safe and compliant. Discover the fundamentals, appreciate the significance of KYC, and trade on one of the biggest cryptocurrency exchanges with confidence.
Anny Serafina Love - Letter of Recommendation by Kellen Harkins, MS.AnnySerafinaLove
This letter, written by Kellen Harkins, Course Director at Full Sail University, commends Anny Love's exemplary performance in the Video Sharing Platforms class. It highlights her dedication, willingness to challenge herself, and exceptional skills in production, editing, and marketing across various video platforms like YouTube, TikTok, and Instagram.
SATTA MATKA SATTA FAST RESULT KALYAN TOP MATKA RESULT KALYAN SATTA MATKA FAST RESULT MILAN RATAN RAJDHANI MAIN BAZAR MATKA FAST TIPS RESULT MATKA CHART JODI CHART PANEL CHART FREE FIX GAME SATTAMATKA ! MATKA MOBI SATTA 143 spboss.in TOP NO1 RESULT FULL RATE MATKA ONLINE GAME PLAY BY APP SPBOSS
How to Implement a Real Estate CRM SoftwareSalesTown
To implement a CRM for real estate, set clear goals, choose a CRM with key real estate features, and customize it to your needs. Migrate your data, train your team, and use automation to save time. Monitor performance, ensure data security, and use the CRM to enhance marketing. Regularly check its effectiveness to improve your business.
1. What can the nonprofits do to be prepared for the
new standards in order
to avoid problems, conflicts, and/or excessive fees.
Maryland Nonprofits
June 4, 2008
2. Answer – (Steps to a simpler
audit)
Develop and document your controls
Set up regular tests of controls
Educate and involve your board
Establish a control environment
Remove risk factors
Follow your own rules
2 www.metrometro.com
3. I’m up to my *&?! In SASs
104 “Due Professional Care” Effective Dates:
105 Amendment to SAS 95, GAAS 104-111 Effective for audits of
F/S for periods beginning on
106 Audit Evidence
or after 12-15-06.
107 Audit Risk and Materiality
108 Planning and Supervision
109 Understanding the Entity and its environment and
assessing the risks of Material Misstatement
110 Performing Audit Procedures in response to assessed
risks and evaluating the audit evidence obtained
111 Amendment to SAS 39, Audit Sampling
3 www.metrometro.com
4. Why so much focus on risk
assessment?
A 2006 Certified Fraud Examiners survey
revealed the median size of reported fraud in
entities of less than 100 employees is
$190,000. How many businesses of that size
can withstand losing that amount of money
and survive?
4 www.metrometro.com
5. Format of 60 minutes
Brief background, really brief
Process of documenting controls
A developer’s view (if we have time)
5 www.metrometro.com
6. COSO Framework – Components of
Internal Controls
Control Environment
Risk Assessment
Control Activities
Information and Communication
Monitoring
None of these are static; continuing
process
6 www.metrometro.com
7. Differences – Old Standards
Identify the classes of transactions and
where the control risks were highest.
Understand the accounting transactions
within those classes
Understand the errors that may exist
Develop programs to find those errors
7 www.metrometro.com
8. New Standards
Gain a more thorough understanding of the client’s
business and operations to evaluate the internal
controls’ design and effectiveness
Evaluate controls throughout the audit engagement,
looking back at the planning to see if it needs to be
changed
Evaluation of internal controls must meet the same
“audit evidence” requirement as other parts of the
audit
8 www.metrometro.com
9. Areas of Interest
Cash
Support and Receivables
Donated Materials, Services, Facilities
Accounts Payable and Purchasing
Inventory
Payroll
Debt
9 www.metrometro.com
10. How Do We Develop Our Controls?
How could a misstatement occur?
What can be done to prevent it?
Who should perform the steps?
Who shouldn’t perform the steps
How could fraud occur?
What can be done to prevent it?
10 www.metrometro.com
11. Cash Controls
Delinquent accounts receivable are reviewed.
Cash receipts are reconciled to general
ledger postings daily.
Adjustments of cash accounts are approved
by the appropriate level of management or
another appropriate person.
Bank reconciliations are prepared and
reviewed in a timely fashion.
11 www.metrometro.com
12. Individuals who post cash receipts to the
accounts receivable subledger cannot:
Review the accounts receivable aging trial balance.
Authorize write-offs of delinquent accounts.
Independently investigate accounts receivable discrepancies.
Maintain or authorize accounts receivable adjustments.
Edit the accounts receivable master file.
Process customer service calls and complaints.
Investigate discrepancies or issues related to revenue.
Open the mail or copy checks received.
Prepare deposits.
Deposit cash receipts.
Reconcile bank accounts.
12 www.metrometro.com
13. Cash receipts from special events are
counted by at least two people.
Cash Receipts Count Sheet
Event –
Date –
Counter 1 Name______________Result_____
Counter 2 Name______________Result_____
(Counters should count and report separately)
Worksheet completed by__________
13 www.metrometro.com
14. Simple, but good enough?
Control Environment
Risk Assessment
Control Activities
Information and Communication
Monitoring
14 www.metrometro.com
16. More Payroll Controls
Individuals who prepare payroll checks cannot:
Sign payroll checks.
–
Review and authorize electronic payroll disbursements.
–
Disburse payroll checks.
–
Control unclaimed paychecks.
–
Resolve employee payroll inquiries.
–
Edit the payroll master file.
–
Open mail or copy checks received.
–
16 www.metrometro.com
17. Keep Going Through All the Rest of
The Controls
We’ll give you the test before you take it
17 www.metrometro.com
18. Sonal, I’d love to add some additional
controls here and define detective and
?? Controls.
18 www.metrometro.com
19. Testing Controls – Here’s what we do
Describe the procedure(s) performed to obtain audit evidence
that the control(s) is (are) operating effectively, or cross-
reference to a related workpaper that documents the testing
procedures. If sampling is performed, document the items
selected for testing. If deviations are detected, perform and
document inquiries to understand the cause of the deviations
and their potential consequences. For controls that are not
operating effectively, consider whether an internal control
deficiency exists that should be accumulated and evaluated
using , “Control Deficiency Evaluation and Aggregation
Worksheet.”
19 www.metrometro.com
20. Fraud Risk Factors (Antenna Up)
Incentives/Pressures
Competition, reduction of grants/funding, pressure on
–
management
Opportunities to Misstate Financials
Related party transactions
–
Lots of cash
–
Ineffective monitoring of management
–
Attitudes/Rationalizations
Management doesn’t support values of organization
–
(top down)
20 www.metrometro.com
21. Who’s Job is it?
Develop and document internal controls?
Test controls to make sure they are working
properly?
Evaluate high risk control areas?
21 www.metrometro.com
22. SAS 110
SAS No. 110, Performing Procedures (continued)
Test of Controls may be rotated
– The auditor should test the operating effectiveness of
controls at least every three years in an annual audit
– The auditor should update his or her understanding to
ensure controls have not changed
– If the auditor plans to rely on control that have changed,
the auditor should test the controls
22 www.metrometro.com
23. “Have To’s” (Fast, Fast, Fast)
The auditor must plan and perform the audit
to obtain sufficient appropriate audit
evidence so that audit risk will be limited to a
low level that is, in his or her professional
judgment, appropriate for expressing an
opinion on the financial statements. (SAS
104)
23 www.metrometro.com
24. Have To
The audit must be performed by a person or
persons having adequate technical training
and proficiency as an auditor. (SAS 105)
24 www.metrometro.com
25. Have To
The auditor must adequately plan the work
and must properly supervise any assistants.
(SAS 105 and SAS 108)
25 www.metrometro.com
26. Have To
The auditor must obtain a sufficient
understanding of the entity and its
environment, including its internal control, to
assess the risk of material misstatement of
the financial statements whether due to error
or fraud, and to design the nature, timing,
and extent of further audit procedures. (SAS
105 and SAS 109)
26 www.metrometro.com
27. Have To
The auditor must perform risk assessment
procedures to provide a satisfactory basis for
the assessment of risks at the financial
statement and relevant assertion levels.
(SAS 106)
27 www.metrometro.com
28. Have To
The auditor must supplement the risk
assessment procedures by further audit
procedures in the form of tests of controls,
when relevant or necessary, and substantive
procedures. (SAS 106)
28 www.metrometro.com
29. Have To
The auditor must consider audit risk and must
determine a materiality level for the financial
statements taken as a whole for the purpose of:
Determining the extent and nature of risk assessment
–
procedures
Identifying and assessing the risks of material misstatement
–
Determining the nature, timing, and extent of further audit
–
procedures
Evaluating whether the financial statements taken as a
–
whole are presented fairly, in all material respects, in
conformity with generally accepted accounting principles
(SAS 107)
29 www.metrometro.com
30. Have To
The auditor must plan the audit so that it is
responsive to the assessment of the risk of
material misstatement based on the auditor’s
understanding of the entity and its
environment, including its internal control.
(SAS 108)
30 www.metrometro.com
31. Have To
The auditor must develop an audit plan in
which the auditor documents the audit
procedures to be used that, when performed,
are expected to reduce audit risk to an
acceptably low level. (SAS 109)
31 www.metrometro.com
32. Have To
The auditor must obtain sufficient appropriate
audit evidence by performing audit
procedures to afford a reasonable basis for
an opinion on the financial statements. (SAS
105, SAS 106, and SAS 110)
32 www.metrometro.com
33. Have To
The auditor must perform the audit to obtain
reasonable assurance of detecting
misstatements that the auditor believes could
be large enough, individually or in the
aggregate, to be quantitatively material to the
financial statements. (SAS 107)
33 www.metrometro.com
34. Have To
The auditor must not be satisfied with audit
evidence that is less than persuasive. (SAS
106)
34 www.metrometro.com
35. Have To
The auditor must accumulate all known and
likely misstatements identified during the
audit, other than those that the auditor
believes are trivial, and communicate them to
the appropriate level of management. (SAS
107)
35 www.metrometro.com
36. Have To
The auditor must consider the effects, both
individually and in the aggregate, of
misstatements (known and likely) that are not
corrected by the entity. (SAS 107)
36 www.metrometro.com
37. Have To
The auditor must evaluate whether the
financial statements taken as a whole are
free of material misstatement. (SAS 107)
37 www.metrometro.com
38. Anything for the Nonprofit So Far?
I think EVERYTHING!
You’ve got to continually monitor and change
your controls as your organization and it’s
personnel change.
38 www.metrometro.com
39. What should you take away from this
seminar?
Develop and document your controls
Test them regularly because we will. Don’t let
us find non-functioning controls
Less nonroutine transactions
The audit will take longer if you are not
prepared. You need to spend a few bucks
on getting your systems developed,
documented and functioning
39 www.metrometro.com
40. What should you do?
Involve the board in internal audit functions.
Prepare a checklist of internal audit
procedures that must be completed each
month, assign a board member a month
40 www.metrometro.com
41. Monthly Internal Audit Sample
Procedures
Open bank statement and review for proper
signatures, proper endorsement,
recognizable payee
Compare revenue per financial statement to
deposits per bank statement and reconcile
Select 3 employees from payroll journal and
compare to employee file authorized pay rate
Report to the board monthly (dashboard)
41 www.metrometro.com
45. Take Control - Make Your Audit Easier
Make less journal entries - Audit standards
require that we review journal entries for
unusual activities. The more entries, the
longer the audit takes. You can cut down on
journal entries by recording bank charges,
debits and manual checks as you would any
other cash disbursement. Record bank
account interest earned like you would a
deposit.
45 www.metrometro.com
46. Take Control - Make Your Audit Easier
Be ready for us - Make sure your auditor
has provided you with a long Client
Assistance List (CAL) or PBC (Provided by
Client) list. The longer the better so that you
can do the work at your schedule instead of
scurrying during the audit fieldwork. Number
the list and have a folder, notebook tab, or
pile for each number. Impress the auditor,
be organized, that's what we're looking for.
46 www.metrometro.com
47. Take Control - Make Your Audit Easier
Be consistent and predictable - We like ordinary
and boring. If you have a group of month end
journal entries for depreciation, accrued payroll, etc.,
make them all on one entry that looks the same each
month. Keep entries as ordinary and routine as
possible. Record deposits the same. Record
invoices the same. Make the transactions as easily
identifiable as possible.
47 www.metrometro.com
48. Take Control - Make Your Audit Easier
Support, Support, Support - Every
transaction requires support. Checks,
deposits, journal entries. Be consistent by
including the same support on each type of
transaction. Make sure every transaction
has the required approvals.
48 www.metrometro.com
49. Take Control - Make Your Audit Easier
Document your approval processes and
follow them - If a disbursement requires a
board signature, make sure it has a board
signature. Make sure your approval
processes will pass the auditor's tests.
49 www.metrometro.com
50. Take Control - Make Your Audit Easier
Don't turn the audit engagement into an
accounting engagement. Get the accounting work
done first. Post accruals, depreciation, make sure
everything ties in, etc. We don't want to do
accounting work at the audit. Auditors like to tick
and tie to get comfort that the numbers are
right. Every time we have to make an entry, you lose
credibility and it takes longer for us to get
comfortable. Your auditors don't have to be your
accountants, you can hire an accountant to do a
monthly or quarterly review so that you'll be more
prepared for your audit.
50 www.metrometro.com
51. Take Control - Make Your Audit Easier
Insist on consistency from your audit
team. Ask ahead of time, who will be
coming. Are they the same auditors as last
year? If not, push back a little bit. The more
consistency, the less learning curve and the
less interruptions.
51 www.metrometro.com
52. Guidance for the nonprofit
Graham has a book coming out, Internal
Controls: Guidance for Private, Government
and Nonprofit Entities, which helps
companies understand how to document
their controls and helps to bridge the auditor-
client issues in controls assessment and
testing.
52 www.metrometro.com
53. Risk Assessment Standards
To gain some insight on the need for, and
utilization of, these standards, California CPA
recently interviewed CPA Lynford Graham,
Ph.D., CFE.
53 www.metrometro.com
54. Lynford Graham, Ph.D CPA, CFE
As a former member of the AICPA's Auditing Standards
Board and Risk Assessment Standards Task Force,
and chair of the Risk Assessment and Risk
Response Audit Guide Task Force, Graham was
instrumental in developing these Audit Risk
Standards. A frequent lecturer on the subject
nationwide, Graham also is the author of a handbook
on documenting internal controls for non-public
companies.
54 www.metrometro.com
55. Question
What were the goals and objectives
of the ASB and Risk Assessment
Standards Task Force?
55 www.metrometro.com
56. Answer
A: The ASB, in coordination with the International Audit
and Attest Standards Board, undertook a joint
project in the latter 1990s to clarify many of the core
auditing standards and advance more guidance on
the role and performance of risk assessment. This
was in response to concerns that audits were
becoming increasingly risk-based, but there was a
lack of guidance on how to go about the risk
assessment process.
56 www.metrometro.com
57. Answer (cont)
There were also concerns that, in some cases,
too little audit work was being done to
identify and correct any errors that might
exist in the pre-audit financial statement
records.
Graham
57 www.metrometro.com
58. Answer (cont)
Auditors of major entities were becoming more
reliant on the seemingly improved and
automated systems, and internal audit
resources of these entities.
Graham
58 www.metrometro.com
59. Why Now?
The disastrous events and audit failures in early 2000
that lead to the Sarbanes-Oxley Act of 2002 are
evidence that the project was on target, but that it
was too late to avoid the events of Enron, WorldCom
and the litany of business and audit failures in that
time period.
Graham
59 www.metrometro.com
60. Q: How revolutionary are these
standards?
A: Tough question. Much of the answer
depends on what you have been doing in
your audits all along.
Graham
60 www.metrometro.com
61. Answer (cont) How revolutionary are
these standards?
The standards mostly clarify the intent of existing
standards. Many firms have been successfully using
the concepts in these new standards for a long time.
For example, using audit assertions as an integral
part of the audit planning and performance of the
audit is not new. Neither is the assessment of
controls as part of understanding the audited entity.
That requirement extends to before SAS No. 55.
Graham
61 www.metrometro.com
62. Answer (cont) How revolutionary are
these standards?
There are only a few quot;newquot; concepts, such as the
identification of quot;significant risksquot; for audit
engagements, which was not part of the auditing
literature before, but were still practices of some
firms before SAS No. 109. In any case, the extent of
change these standards will bring will differ from firm
to firm.
Graham
62 www.metrometro.com
63. Where are firms struggling with
implementation?
A: The requirement to assess internal controls
design and implementation for audit clients
seems to be giving some firms consternation.
While not a new concept, this assessment
was often glossed over for smaller client
audits where controls reliance was not
planned
63 www.metrometro.com
64. Where are firms struggling with
implementation?
Clarifying this requirement creates a need for
broad understanding of the COSO
framework and its components, how control
objectives or attributes are used to assess
controls design, and how to identify any
obvious quot;holesquot; in the internal controls of an
entity.
64 www.metrometro.com
65. Where are firms struggling with
implementation?
Concerns are out there that this is a Sarbanes
approach, which it is not. SAS No. 78 put the
COSO framework clearly in our literature
long ago, before SOX. The quot;suitequot;
requirement is only to assess the design of
controls and there is no requirement to test
them.
65 www.metrometro.com
66. Where are firms struggling with
implementation?
In addition, the controls requirements can be
limited to the most significant control activity
processes, like sales, major cost processes
and payroll, and maybe the consolidation
and closing process. SOX requirements are
much more extensive and require controls
testing.
66 www.metrometro.com
67. Where are firms struggling with
implementation?
Reporting material weaknesses and significant
deficiencies in controls, in writing, to the governance
group is also an area of attention and concern. While
not officially in the suite, SAS No. 112,
Communicating Internal Control Related Matters
Identified in an Audit, works with SAS No. 109 to
ensure internal control matters are identified and
communicated.
67 www.metrometro.com
68. Additional Parts of Graham Interview
audits of smaller entities are not supposed to
be a second-class service compared with
audits of larger entities. By clarifying the
standards, all firms will compete on an equal
footing, and not by re-defining what
constitutes an audit under Generally
Accepted Auditing Standards.
68 www.metrometro.com
69. Why so much focus on risk
assessment?
A 2006 Certified Fraud Examiners survey
revealed the median size of reported fraud in
entities of less than 100 employees is
$190,000. How many businesses of that size
can withstand losing that amount of money
and survive?
69 www.metrometro.com
70. Guidance for the nonprofit
Graham has a book coming out, Internal
Controls: Guidance for Private, Government
and Nonprofit Entities, which helps
companies understand how to document
their controls and helps to bridge the auditor-
client issues in controls assessment and
testing.
70 www.metrometro.com
71. What do CPAs need to understand
most clearly about the standards?
Many of the new requirements will require a
real first-year effort to get up and running.
The maintenance in year two, and beyond, of
well-implemented changes will not be that
hard or expensive.
Graham
71 www.metrometro.com