1
2
Week 4 Evidence and Standards ACC/491
4/20/20Week 4 Evidence and Standards
Comparison of Audit, Scientific and Legal Evidence Standards.
According to "Investopedia" (2020), generally accepted auditing standards (GAAS) are a set of systematic guidelines used by auditors when conducting audits on companies' financial records. GAAS helps to ensure the accuracy, consistency, and verifiability of auditors' actions and reports. The Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (AICPA) created GAAS. (para 1).
Scientific evidence is information gathered from scientific research, which takes a lot of time to conduct. But there are a few things that all this research needs to have in common to make it possible for businesses to accept it as "evidence" ("The Conversation," 2020).
Legal evidence is represented by what is lawful to be proven by law to be valid or invalid, true or untrue.
Consideration of Sample Sizes and Methods (random, haphazard, monetary unit sample, judgmental) and how sampling affects evidence.
Evidence gathered should be representative of the population. The chances that the sample taken is not representative of the population is sampling risk, which should be controlled by using proper sample size and appropriate selection. (Arens, Elder, & Beasley, 2014, p. 476)
The selection of a sample is made using the following methods: random, haphazard, monetary unit, and judgmental.
Random sample selection is made by giving all items in a population the same chance of being selected. Sample selection is used when there is no need to emphasize some items in the population. (Arens, Elder, & Beasley, 2014, p. 478)
Haphazard sample selection is made without any distinguishing characteristics such as size or source. (Arens, Elder, & Beasley, 2014, p. 480)
Monetary unit sampling is a statistical method used for testing details of balances. Samples are selected based on the probability proportional to size sample selection. (Arens, Elder, & Beasley, 2014, pp. 566-567)
Judgmental sampling is based on the auditor's decision on which items from the population to review. It's based on auditor's knowledge of the business and industry, as well as their experience in auditing.
Relevance, Reliability and Sufficiency of Evidence.
Our company's control over financial reporting is a process that's designed to assure the reliability of financial reporting and the preparation of financial statements for external purposes under generally accepted accounting principles. Management is responsible for establishing and maintaining internal control over financial reporting (as defined in Rule 13a-15(f) under the Exchange Act). They assess the effectiveness of the internal control over financial reporting based on the criteria that were set forth in the Internal Control-Integrated Framework that was issued by the Committee of Sponsoring Organizations of the Treadway Commission (2013 framework). Managem.
Separation of Lanthanides/ Lanthanides and Actinides
1 2Week 4 Evidence and Standards ACC49142020Week .docx
1. 1
2
Week 4 Evidence and Standards ACC/491
4/20/20Week 4 Evidence and Standards
Comparison of Audit, Scientific and Legal Evidence Standards.
According to "Investopedia" (2020), generally accepted auditing
standards (GAAS) are a set of systematic guidelines used by
auditors when conducting audits on companies' financial
records. GAAS helps to ensure the accuracy, consistency, and
verifiability of auditors' actions and reports. The Auditing
Standards Board (ASB) of the American Institute of Certified
Public Accountants (AICPA) created GAAS. (para 1).
Scientific evidence is information gathered from scientific
research, which takes a lot of time to conduct. But there are a
few things that all this research needs to have in common to
make it possible for businesses to accept it as "evidence" ("The
Conversation," 2020).
Legal evidence is represented by what is lawful to be proven by
law to be valid or invalid, true or untrue.
Consideration of Sample Sizes and Methods (random,
haphazard, monetary unit sample, judgmental) and how
sampling affects evidence.
Evidence gathered should be representative of the population.
The chances that the sample taken is not representative of the
population is sampling risk, which should be controlled by
using proper sample size and appropriate selection. (Arens,
Elder, & Beasley, 2014, p. 476)
The selection of a sample is made using the following methods:
2. random, haphazard, monetary unit, and judgmental.
Random sample selection is made by giving all items in a
population the same chance of being selected. Sample selection
is used when there is no need to emphasize some items in the
population. (Arens, Elder, & Beasley, 2014, p. 478)
Haphazard sample selection is made without any distinguishing
characteristics such as size or source. (Arens, Elder, & Beasley,
2014, p. 480)
Monetary unit sampling is a statistical method used for testing
details of balances. Samples are selected based on the
probability proportional to size sample selection. (Arens, Elder,
& Beasley, 2014, pp. 566-567)
Judgmental sampling is based on the auditor's decision on which
items from the population to review. It's based on auditor's
knowledge of the business and industry, as well as their
experience in auditing.
Relevance, Reliability and Sufficiency of Evidence.
Our company's control over financial reporting is a process
that's designed to assure the reliability of financial reporting
and the preparation of financial statements for external purposes
under generally accepted accounting principles. Management is
responsible for establishing and maintaining internal control
over financial reporting (as defined in Rule 13a-15(f) under the
Exchange Act). They assess the effectiveness of the internal
control over financial reporting based on the criteria that were
set forth in the Internal Control-Integrated Framework that was
issued by the Committee of Sponsoring Organizations of the
Treadway Commission (2013 framework). Management knows
that the internal control over financial reporting was effective
December 31, 2019, to assure the reliability of financial
reporting and the preparation of financial statements by
3. following the U.S GAAP. We take on positive and negative
available evidence, including levels of income, expectations,
and risks that are associated with estimates of new taxable
income and ongoing tax planning strategies in assessing the
need for a valuation allowance. With the participation of the
chief executive officer (CEO) and chief financial officer (CFO),
has evaluated the effectiveness of our disclosure controls and
procedures (as defined in Rules 13a- 15(e) and 15d- 15(e) under
the Securities Exchange Act of 1934, as amended (Exchange
Act)), as of the end of the period covered by this Annual Report
on Form 10-K.
The CEO and CFO have concluded that as of December 31,
2019, they were able to disclosure controls and procedures, they
are designed at a reasonable assurance level. They are effective
to provide reasonable assurance. The information required to
disclose in reports that they filed or submitted under the
Exchange Act is recorded, processed, summarized, and reported
within the time frame specified in the rules and forms of the
Securities and Exchange Commission (SEC) and that this
information is accumulated as well communicated to
management. There are limitations on the Effectiveness of
Controls and Procedures and Internal Control over Financial
Reporting. In designing and evaluating the disclosure controls
and procedures and internal control over financial reporting,
management recognizes that any controls and procedures, even
how well designed and operated, can still provide reasonable
assurance of achieving the desired control objectives. In the
end, the design of disclosure controls and procedures and
internal control over financial reporting have to be able to
reflect the fact that there are resource constraints and that
management must apply judgment in evaluating the benefits of
possible controls and procedures relative to their costs. The
reputation and ability to attract, retain, and serve users is
dependent upon the reliable performance of the products and the
underlying technical infrastructure. If products are unavailable
4. when users attempt to access them, do not load as quickly as
expected. Users may not use the products as often in the future
or at all, and the ability to serve ads may be disrupted, which
can affect business and financial performance.
Brief statement on the 80 types of Audit evidence
Evidence is what helps an auditor decide whether the financial
statements are fairly presented with internal controls having a
significant influence on the reliability of most kinds of
evidence. The most expensive types of evidence are physical
examination and confirmation, and the lease expensive are
observation, inquiry, and recalculation. Of the 80 types of audit
evidence, the following are the most common:
Inspection is the auditor's examination of the client's documents
and records to substantiate the information that is, or should be,
included in the financial statements.
Physical examination is the inspection or count by the auditor
of a tangible asset, most often associated with inventory and
fixed assets.
Confirmation is receiving a direct written response from a third
party verifying the accuracy of the information that was
requested by the auditor.
Observation consists of looking at a process or procedure being
performed by others.
An inquiry is obtaining written or oral information from the
client in response to questions from the auditor, inquiry often
requires corroborating evidence.
Recalculation is the rechecking of a sample of calculations.
Purpose, ownership, confidentiality, and retention
documentation
5. The purpose of audit documentation is for the auditor to
have the information of the audit performed with detailed
documentation, which could hold information that pertains to
internal controls and the evidence collected. Also, the
documentation could help to determine if there is enough
evidence for them to make sure that the company is following
the auditing standards. Ownership is the property of the auditor.
When it comes to any documentation of the audit and any
schedules prepared by the client and given to the auditor, the
only time documentation can be given to another person is if it
is subpoenaed into court. When it comes to confidentiality, they
must follow Rule 301 of the Code of Professional Conduct that
states that they cannot disclose any confidential information
that they collect during the auditing process unless the client
consents to it first. So, they must make sure that they have a
safe ground in place to prevent the information from getting
out. According to the auditing standards, they must keep the
documents that they collect for private companies for five years
and public companies for seven years. Or they could be charged
criminally if the documents are not held for the seven years.
References
Arens, A. A., Elder, R. J., & Beasley, M. S. (2014). Auditing
and Assurance Services: An Integrated Approach. Boston, MA:
Pearson.
Arens, A. A., Elder, R. J., & Beasley, M. S. (2014). Auditing
and assurance services: An integrated approach (15th ed.).
Upper Saddle River, NJ: Pearson.
Investopedia(2020). Retrieved from
https://www.investopedia.com/terms/g/gaas.asp
The conversation(2020). Retrieved from
https://theconversation.com/scientific-evidence-what-is-it-and-
how-can-we-trust-it-14716
6. Facebook, Inc. – Audit Considerations
ACC/491
April 13, 2020
Section 1 – Initial Risk Assessment
General Audit Concerns
Facebook is highly complex technology company that offers
software products to users, such as Facebook, Instagram, and
Messenger, among others. Facebook’s main source of revenue
comes from selling advertising placements to marketers. The
ads that are sold are based on a number of personal data points
that Facebook collects about its users. (Facebook, Inc., 2019, p.
5)
Since Facebook’s business is based on highly technical software
and information technology concepts, auditors who have
7. technical knowledge of these concepts and the technology
industry will be required for the engagement. Due to the
technical concepts, familiarity with Facebook’s business model,
accounting methods and processes will be required. This could
take some time to adequately understand during the first audit
we undertake with Facebook. However, a full financial audit of
Facebook should be completed in one month, to not only
provide good customer service to Facebook, but to also free up
our auditors for other engagements.
General Business Concerns
Mark Zuckerberg is the Founder, Chairman and Chief Executive
Officer of Facebook (Facebook, Inc., 2019). He has provided
steady leadership and has been with the company since he
founded it. Facebook is based in Menlo Park, California with
over 35,000 employees and has users in many countries around
the world. (Facebook, Inc., 2019) Facebook operates in the
technology sector, and competes with companies that also strive
to acquire users so they can sell targeted advertising to
companies who want to reach those users. Facebook’s main
competitors are companies such as Apple, Google, Twitter and
YouTube. (Facebook, Inc., 2019, p. 5) Competition for targeted
advertisements is intense, although Facebook has differentiated
themselves as a robust social network, the likes of which is
unique amongst their competition.
Facebook has not undergone any major mergers or acquisitions
in recent years to enlarge their user base, but instead they have
focused on growing their business through user referrals, and
marketing campaigns. Facebook does actively sell to
advertisers around the world, to gain their business. (Facebook,
Inc., 2019, p. 6) Operating expenses are mostly related to
operation of computer equipment, and the cost of salaries.
These expenses could fluctuate with certain market conditions
such as the cost of energy and computer equipment. (Facebook,
8. Inc., 2019, p. 42) Seasonality is not an issue in the traditional
sense, although since Facebook derives its income from the
activities of users, human behavior causes a type of seasonality,
with more activity, and more advertising revenue coming
towards the major holidays at the end of the year as the graph
below indicates:
(Facebook, Inc., 2019, p. 38)
Because Facebook operates in many countries around the world,
they are subject to laws and regulations regarding user data and
privacy in those countries. (Facebook, Inc., 2019, p. 6) As
Facebook’s power and influence grows larger, more attention
will be paid to them by regulating bodies who may seek to
investigate or audit data privacy practices.
Ethics and Legal Issues
Former Facebook employees compared the culture to being in a
cult. This outlook contributed to the company’s well-publicized
wave of scandals such as governments spreading misinformation
to try to influence elections and the misuse of private user data,
according to many people who worked there during this period.
Amid these scandals, Facebook’s share price fell nearly 30
percent in 2018 and nearly 40 percent since a peak in July,
resulting in a loss of more than $252 billion in market
capitalization (Rodriguez, 2020).
According to Kiel (2020) in January of 2020, A trial was
scheduled for February, and the IRS is trying to convince a
judge that it has an audit firm basis for its conclusions. For its
part, Facebook has defended its actions in court filings, calling
the IRS’ conclusions “arbitrary, capricious, or unreasonable.”
Facebook has paid out several settlements due to privacy
9. breaches. The company is susceptible to lawsuits or other legal
proceedings.
Regulatory and Compliance Concerns
According to "Facebook Investor Relations"(2020), Facebook
Personnel are expected to act within the bounds of applicable
laws, rules, and regulations of the countries where we do
business. The application of these and other laws can be
complex and fact dependent. Some of the compliance
requirements for Facebook are: Anti-Corruption, International
Trade, Lobbying and Campaign Finance and Insider Trading
among others (10).
Facebook is subject to a high-level of governmental regulation
due to the nature of the business. There are two regulation
sanctions that could be considered for Facebook and those are:
regulations as a media company or that of a publishing
company.
Facebook employees are unionized. In the past, Facebook has
not been complying. Facebook will have a privacy oversight
board and be subject to privacy audits, while Mark Zuckerberg
will be asked to personally certify privacy statements, much as
corporate leaders must certify financial statements as of July
24, 2019 (Byers, 2020).
Section 2 - Analytical Procedures
Selected Ratios
Facebook
12/31/2019
Twitter
12/31/2019
Facebook
12/31/2018
12. A major risk factor for Facebook is having the ability to grow
and retain users, with users increasingly engaging with
competitors’ products and services. Facebook’s main source of
revenue is from advertisements targeting their users. Acquiring
and keeping active users is critical to Facebook’s business
model. However, negative publicity about privacy breaches and
data sharing could adversely impact Facebook’s revenues.
Competitors of Facebook who may not have the negative media
coverage about these types of issues could gain market share
from Facebook.
From 2018 to 2019 there has been a notable down slope in the
profit margin from 39.5 percent to 26.14 percent. As in
comparison to Facebook’s competitor, Twitter, that has been
able to increase in profit margin from 39.62 to 42.36 percent.
Other profitability indicators have also declined for Facebook
while being relatively stable for Twitter. Gross profit
percentage, return on assets and return on common equity have
all declined for Facebook, while Twitter’s ratios were all very
stable year over year. Revenue accounting will have to be an
area of emphasis for the audit, as well as an evaluation of
whether this trend will continue. Efforts should also be made to
determine why Facebook’s profitability has declined in such a
way.
Facebook’s short term debt paying ability ratios have decreased
significantly year over year, while Twitter’s cash ratio has
slightly increased and their current ratio increased significantly
from 4.68 to 9.15. Facebook saw volatility with its ability to
meet long term obligations, while Twitter did not. This is an
area to focus on in the audit because it appears Facebook has
seen an unusual amount of activity related to its debt, especially
compared to it’s competitor Twitter.
Both Facebook’s profitability and ability to repay obligations
have seen declines while its competitor Twitter has seen less
13. volatility and has even shown improvement in some areas. This
should be an area of emphasis for the audit, to be able to
explain the changes and offer an opinion on whether this trend
is likely to continue in the future.
Section 3 - Materiality and Risk – Key Concepts
Materiality is a threshold based on an amount of an omission or
misstatement at which a reasonable person who is relying on
that information would be likely to be influenced by or change
their decision or judgement based on. (Arens, Elder, & Beasley,
2014, p. 273) Below the materiality threshold, any errors or
misstatements are considered insignificant, because a
reasonable person’s judgement would not be affected. Above
the materiality threshold, any errors or misstatements would be
considered significant because they would affect the judgement
of a reasonable person. For instance, a $100 thousand
misstatement by Amazon would not affect the judgement of a
reasonable person when reviewing their financials. However, a
$100 billion misstatement would affect the decision making of a
reasonable person.
Misstatements are errors that affect financial statements. They
can be a result of human error, noncompliance to accounting
standards, or they can be due to fraud. Misstatements can be
either large in nature (material), or small in nature (immaterial),
depending on the threshold for materiality. Certain material
misstatements may cause the need to restate previous years
financial statements. If misstatements are found during the
course of an audit, they can be corrected and new controls or
policies can be put in place to attempt to prevent them from
occurring again in the future.
Audit Risk is the likelihood that material misstatements may be
present in financial statements after the audit is complete and a
qualified opinion has been issued by the auditor. (Arens, Elder,
14. & Beasley, 2014, p. 272) Auditing firms must identify how
much audit risk they are willing to take on in an engagement,
and if the risk is high, audit fees should be priced appropriately.
Auditing firms can be held liable if material misstatements or
fraud exist in the financial statements and they were not
uncovered during the engagement. It is important to mitigate
audit risk through proper planning and execution of an audit.
The Audit Risk Model is a mathematical model that shows the
amount of risk present in an audit. The components of the audit
risk model are acceptable audit risk (AAR) - the amount of risk
the auditor is willing to accept that material misstatements
exist, inherent risk (IR) – the risk of material misstatements
present before considering any internal controls, control risk
(CR) – the risk that internal controls would not prevent material
misstatements, and planned detection risk (PDR) – the risk that
material misstatements could not be detected with the evidence
gathered. The audit risk model formula is PDR = AAR/(IR x
CR). (Arens, Elder, & Beasley, 2014, pp. 272-273)
Inherent Risk is the likelihood that material misstatements
exist, before considering the effectiveness of internal
controls.(Arens, Elder, & Beasley, 2014, p. 273)Identifying
inherent risk involves the auditors identifying where material
misstatements are most likely to occur. For instance, for
Facebook, there is more inherent risk for material misstatement
in the advertising revenue accounts than there would be in the
petty cash accounts. Because of the inherent risk in the
advertising revenue accounts, these types of transactions should
be understood, as well as any controls in place to prevent
material misstatements from occurring. The contracts with
Facebook’s advertisers should also be explored to mitigate the
inherent risk in that area.
The Relationship of Risk to Audit Evidence is the fact that a
random sampling of evidence may not uncover errors that exist
15. and that could cause material misstatements. This is also
known as planned detection risk. Imagine Bob gives Joe a
brown paper bag of 1,000 skittles, and Bob claims that at least
95% the skittles in the bag are green. Joe has hired you to
provide assurance that Bob’s claim is true. It would not be
feasible to inspect every skittle to assure that 95% percent of
the skittles are green. However, you could pull a random 100
skittles out of the bag and if five or fewer are not green, you
could reasonable provide assurance to Joe that Bob’s claim is
true. However, the relationship of risk to audit evidence is that
the sample of 100 skittles you pulled out of the bag was not
representative of the entire population of skittles, and that in
reality, maybe 10% of the bag was not green, which would be a
material misstatement. Sometimes a random sampling of
evidence does not have errors that could cause material
misstatements.
Section 4 - Audit Tests
Risk assessment procedures will be crucial to a successful
engagement with Facebook, Inc. To mitigate audit risk, as well
as be in compliance with auditing standards, Facebook’s
business and the industry it operates in must be understood.
Auditors familiar with software or information technology will
be required. Perhaps auditors with a legal background could
work on the engagement as well since Facebook is subject to
many laws and regulations regarding user data and privacy. For
the audit itself, adequate evidence will be gathered, tested and
analyzed to mitigate inherent risk. Controls will be documented
and tested to mitigate control risk. All of these risk assessment
procedures are done to asses the risk of material misstatements
in the financial statements. (Arens, Elder, & Beasley, 2014, p.
402)
Controls will have to be documented, understood, and tested to
asses control risk. Evidence will have to be gathered to ensure
16. the internal controls are effective and are being followed.
Types of controls that can be tested are controls involving
disbursements, approvals on reconciliations, and information
technology controls around user data and security.
Substantive tests of transactions will be completed to ensure
transactions are being properly recorded in Facebook’s general
ledger accounts. Testing will be done to ensure occurrence
(transactions do exist), and completeness (transactions were
recorded in the appropriate time period). (Arens, Elder, &
Beasley, 2014, p. 404) Some of the transactions that can be
reviewed will be expense disbursements and sales revenue
transactions.
Analytical procedures can be completed to save time in future
engagements by having the auditors calculate certain account
balances, ratios and other key metrics. If the actual numbers
are within reason, many can be eliminated from the audit
process or sample sizes can be reduced. (Arens, Elder, &
Beasley, 2014, p. 405) However, for the first audit of
Facebook, analytical procedures should not be relied on (but
still could be completed), so we can get familiar with Facebook
and its processes.
Tests of details of balances will be important to reduce the risk
of material misstatements in the balance sheet and income
statement accounts. Accounts receivable, accounts payable,
revenue and expense accounts, among others will be examined
to ensure the ending balances are correct. To arrive at the
ending balances, the details of each account will have be
reviewed and verified through the collection and testing of
evidence. (Arens, Elder, & Beasley, 2014, p. 406)
Works Cited
17. Arens, A. A., Elder, R. J., & Beasley, M. S. (2014). Auditing
and Assurance Services: An Integrated Approach. Boston, MA:
Pearson.
Facebook, Inc. (2019, January 31). Facebook Annual Report
2018. Retrieved from Facebook - Investor Relations:
https://s21.q4cdn.com/399680738/files/doc_financials/annual_re
ports/2018-Annual-Report.pdf
Facebook, Inc. (2020, January 29). Facebook Reports Fourth
Quarter and Full Year 2019 Results. Retrieved from Facebook
Investor Relations: https://investor.fb.com/investor-news/press-
release-details/2020/Facebook-Reports-Fourth-Quarter-and-
Full-Year-2019-Results/default.aspx
Twitter, Inc. (2020, February 6). Twitter Announces Fourth
Quarter and Fiscal Year 2019 Results. Retrieved from PR
Newswire: https://www.prnewswire.com/news-releases/twitter-
announces-fourth-quarter-and-fiscal-year-2019-results-
301000248.html
Byers, D. (2020). NBC news. Retrieved from
https://www.nbcnews.com/news/all/facebook-s-ftc-settlement-
points-toward-future-privacy
Kiel, P. (2020). Scroll in. Retrieved from
https://scroll.in/article/951276/at-the-centre-of-the-us-
government-and-facebooks-tax-dispute-is-the-companys-dublin-
office
Rodriguez, S. (2020). NBC. Retrieved from
https://www.cnbc.com/2019/01/08/facebook-culture-cult-
performance-review-process-blamed.html