* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download internal-auditing-instructional-material
Survey
Document related concepts
Mergers and acquisitions wikipedia , lookup
International Financial Reporting Standards wikipedia , lookup
Mark-to-market accounting wikipedia , lookup
Microsoft Dynamics GP wikipedia , lookup
South African Institute of Chartered Accountants wikipedia , lookup
Energy audit wikipedia , lookup
History of accounting wikipedia , lookup
Institute of Cost Accountants of India wikipedia , lookup
Enterprise risk management wikipedia , lookup
Defense Contract Audit Agency wikipedia , lookup
Information audit wikipedia , lookup
Going concern wikipedia , lookup
Auditor's report wikipedia , lookup
Auditor independence wikipedia , lookup
SOX 404 top–down risk assessment wikipedia , lookup
Transcript
INTERNAL AUDITING WHY AN INTERNAL AUDIT - How it was define and the role it take decades back to 21st century - What service it offers to gain appreciation with the booming industry and developing country -What are the internal auditing standards its explanations and applications as a guide to perform the audit functions of internal auditors with the objective of assurance and consulting activity to add value and improve an organization’s operations. If decades back, internal auditing focused as a mere watchdog of management and or organization to comply that the internal control procedures are properly undertaken, to this end the internal auditing broadened its functions to wit: -Review critical business activities -Monitor the accuracy , timeliness and cost of work in compliance with the quality of management system -Identify the root where the error occur -It furnish management of systems data analysis , recommendation, advise and other relevant infos -helpful to the management based on the activities and processed reviewed -Assist the management in governance, risk and control -It must posses technical and business management skills to provide the management of highly relevant information aside from professional skills that a candidate in internal audit committee possesses. Applying the function of an internal audit, it assists all members of management in the effective discharge of their responsibilities Accounting Auditing Financial accounting Bookkeeping Bookkeeper collects data, records to book of accounts,&extract for financial statement reports- for owners and management entity use. Financial Management Management accounting Cost accounting Taxation Government need funds from established business, thus taxes shall be correctly imposed, verified, and checked by th agency of the Government. Financial managers Need detail planning Requiring comprehensive cost analysis data to set objectives in safeguarding financial resources Changing Definitions of Internal Auditing Prior Independent appraisal activity within an organization for the review of accounting, financial and other operations as a basis for protective and constructive service to management 19th century An independent appraisal function established within an organization to examine and evaluate its activities as a service to the organization 21st Century Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes Assurance would mean review of historical financial information and assurance dealing with subject matter Other than historical financial information Important NOTES in Definition of Internal Auditing 1. The term “service” implies that internal auditing is a staff rather than a line activity within the organization. 2. There is a shift from “serving management” to “serving the organization” to finally “an integral component of corporate governance as a separate value-added function”. 3. The focus of internal auditing has shifted away from appraisal and compliance activity toward objective assurance and consulting activities. 4. The role of internal auditors has changed from providing management with input and objective feedback to directly participating in decision-making. 5. These definitions view internal auditing as an “activity,” which implies it can be performed either within the organization or outsourced to external auditors. Valuable Independent judgment Add value and improve organizational operations ORGANIZATION INTERNAL AUDIT SERV ICE FUNCTION Transact ion event Complia nce R E A F R F Procedures Operatio n Fraud G A A S V I Record trasaction E Financial FS W Report Audit comm Bod Based on the internal service function enumerated & graphically presented, the role of management and the internal auditor are defined as follows Management Internal Auditor Responsible to maintain the adequate system of Internal Control -Responsible to independently evaluate adequacy of the existing Internal Control by analyzing and testing control -Recommends, based on the review, to the management to OPERATIONAL AUDITING! Internal auditors doing the operational or performance auditing as they study of business operation for the purpose of: -Making recommendation about economic & efficient use of resources -Effective achievement of business objectives -Compliance with company policies Goal? To help managers discharge their management responsibilities and improve profitability… OBJECTIVES OF INTERNAL AUDIT IN RELATION TO SERVICE IT OFFERS 1. Determine the adequacy, efficiency and effectiveness of the entity’s internal control structure. 2. Review the reliability and integrity of management, financial and operating information 3. Review the systems established to ensure compliance with policies, regulations, procedures and laws. 4. Review the means of safeguarding the assets of the entity 5. Appraise the economy and efficiency with which resources are employed 6. Review operations or programs to determine whether results and outcomes consistent with established objective and goals are being achieved 7. Participate in the design of major information system 8. Provide advisory and training services for entity’s segments or components as required or requested to ensure fiscal and administrative integrity of the entity. IN DE PE N DE NC E Question of independence have been viewed by many to be with flaws in an internal audit environment because of the employer and employee relationship; but does it mean the external audit are free from the view of independence not in question? External users needs independent report from the external auditors, while high executives level and the audit committee of the board of directors demand for the operational and reporting independence 1. Free from control of direct influence of operating managers whose function, operations, & results they may be assigned to audit 2. To be objective in report findings without having to fear for their jobs IN DE PE N DE NC E Organization separation from such influence is essential for independence for the internal auditors can report directly to top management without fear of their job or compensation retribution CODE OF ETHICS… With the independence so requires, with the management rely on the profession to assist in the fulfillment of management stewardship, internal auditors must maintain high standard of conduct, honor, and character in order to carry on proper and meaningful internal auditing practice. With the code of ethics, the responsibility to conduct with integrity and good faith are not to be question & promote the highest possible internal auditing standards advancing to the interest of the company organization As approved by the Institute of Internal Auditors CODE OF ETHICS… Members, 1. 2. 3. Shall have an obligation to exercise honesty, objectivity, and diligence in the performance of their duties and responsibilities In holding the trust of their employers, shall exhibit loyalty in all matters pertaining to the affairs of the employer or to whomever they may be rendering service, however, they shall not knowingly be a part of any illegal or improper activity Shall refrain from entering into any activity which may be in conflict with the interest of their employers or which would prejudice their ability to carry out objectively their duties and responsibilities CODE OF ETHICS… Members, 4. Shall not accept a fee or a gift from an employee, a client, a customer, or a business associate of their employers without the knowledge and consent of their senior management 5. Shall be prudent in the use of information acquired in the course of their duties. They shall not use confidential information for any personal gain nor in a manner which would be detrimental to the welfare of their employer 6. In expressing an opinion, shall use all reasonable care to obtain sufficient factual evidence to warrant such expression. In their reporting, materials facts known must be revealed, if not, it could distort the report of the result of operations under review or conceal unlawful practice. CODE OF ETHICS… Members, 7. Shall continually strive improvement in the proficiency and effectiveness of their service 8. Shall abide by the laws and uphold the objectives of the Institute of Internal Auditors, Inc. In practice of their profession, they shall be ever mindful of their obligation to maintain the high standard of competence, morality, and dignity which the Institute of Internal Auditors, Inc and its members have established. Case illustration- code of ethics Scope of service •Audits of financial reports and accounting control systems (present fairly the financial position and the results of operation in accordance with GAAP; compliance with laws and regulations that may have a material effect on the financial statement •Reviews of control systems that ensure compliance with company policies, plans, and procedures, and with laws and regulations. •Appraisal of the economy and efficiency of operation- (managing and utilizing its resources, ie: personnel, property, space economically and efficiently; the causes of inefficiency or uneconomically practice; compliance with laws in matter of econony & efficiency Scope of service •Reviews of effectiveness in achieving program results in comparison to pre-established objectives and goals- (the desired results or benefits established by the legislature or other authorizing body are being achieved ; that the agency has considered alternatives that might yield desired results at a lower cost. STATEMENT OF INTERNAL AUDIT STANDARDS Compliance depends on the acceptance and adoption and implementation by practicing internal auditors who by standard requires to be skilled in dealing with people and in communicating effectively because the auditors believe it is their own responsibility to see that their reports are understood properly Internal Audit Standard also require follow up to ascertain that appropriate action is taken on reported audit findings or ascertain that management or the board of directors has taken the risk of not taking actions on reported findings. GENERAL & SPECIFIC STANDARDS FOR PROFESSIONAL PRACTICE OF INTERNAL AUDITING Organizational status INDEPENDENCE Objectivity Staffing Knowledge, skill, & discipline Supervision PROFESSIONAL PROFICIENCY Compliance with standards of conduct Human relations, & communication Due professional care Continuing Education GENERAL & SPECIFIC STANDARDS FOR PROFESSIONAL PRACTICE OF INTERNAL AUDITING SCOPE OF WORK Reviews Reliability & integrity of information Compliance w/ policies, plans, procedures, laws, & regulation Examination and evaluation of the adequacy & effectiveness of the organization’s system of internal control & the quality of performance in carrying out assigned responsibilities Safeguarding of assets Economic & efficient use of resources Accomplishment of established objective & goals for operation or program GENERAL & SPECIFIC STANDARDS FOR PROFESSIONAL PRACTICE OF INTERNAL AUDITING PERFORMANCE OF AUDIT Planning the audit Examining & evaluating information by collecting, analyze, interpret, & document information to support audi results Includes planning the audit, examining & evaluating information, communicating results, & following up. Following up Communicating results GENERAL & SPECIFIC STANDARDS FOR PROFESSIONAL PRACTICE OF INTERNAL AUDITING Purpose, authority,& responsibility MGT OF INTERNAL AUDIT DEPT Planning External auditor Manage the internal Auditing Department.. Policies, & procedures Personnel mgt, & development EXAMINATION AND EVALUATION (FIELD WORK AND REPORTING STANDARDS FOR FINANCIAL COMPLIANCE AUDITS Generally accepted auditing standards shall apply/adopted, & incorporated unless otherwise stipulated… Expanded standard for financial and compliance audit- as part of the scope of work Standards on examination & evaluation: 1. Planning shall include consideration of the requirement of all levels of dept 2. A review is to be made of compliance with applicable laws & regulation 3. A written record of auditor’s work shall be retained in the form of working papers 4. Auditor shall be alert to situation or transactions that could be indicative of fraud, abuse, and illegal expenditures and acts and if such evidence exists, extend audit steps and procedures to identify the effect on the entity’s financial statement EXAMINATION AND EVALUATION (FIELD WORK) AND REPORTING STANDARDS FOR FINANCIAL COMPLIANCE AUDITS Standards on reporting 1. Written audit reports are to be submitted to the appropriate of the organization audited & to the appropriate officials of the organization requiring or arranging for the audit unless legal restrictions or ethical consideration prevents it. Copies of the report shall should also be sent to other authorized to receive such reports. Unless restricted by law or regulation, copies should be made available for public inspection 2. A statement in the auditor’s report that the examination was made in accordance with generally accepted internal/government auditing standards for financial and compliance audit will be acceptable language to indicate that the audit was made in accordance with these standards EXAMINATION AND EVALUATION (FIELD WORK) AND REPORTING STANDARDS FOR FINANCIAL COMPLIANCE AUDITS 3. Either the auditors’ report on the entity’s financial statement or a separate report shall contain a statement of positive assurance on those items of compliance tested and negative assurance on those items not tested. It shall also include material instances of non compliance and instances or indication of fraud, abuse, or illegal acts found during or in connection with the audit 4. The auditors’ shall report on their study and evaluation of internal accounting controls made as part of the financial and compliance audit. They shall identify as a minimum a. entity’s significant internal accounting controls b. controls identified that were evaluated c. controls identified that were not evaluated- auditor may satisfy this requirement by identifying any significant classes of transaction and related assets non included in the study & evaluation d. material weaknesses identified as a result of evaluation EXAMINATION AND EVALUATION (FIELD WORK) AND REPORTING STANDARDS FOR FINANCIAL COMPLIANCE AUDITS 5. Either the auditors’ report on the entity’s financial statements or a separate report shall contain any other material deficiency findings identified during the audit not covered in report 3# 6. If certain information is prohibited from general disclosure, the report shall state the nature of the information omitted and the requirement that makes the omission necessary EXAMINATION AND EVALUATION STANDARDS FOR ECONOMY & EFFICIENCY AUDITS & PROGRAM RESULT AUDITS 1. 2. 3. 4. Work is to be adequately planned Assistants are to be properly supervised A review is to be made of compliance with applicable laws & regulation During the audit, a study and evaluation shall be made of internal control systemadmin control ) applicable to the organization program, activity, or function under audit 5. When audits involved computer based systems, the auditor shall: a. Review general controls in data processing systems to determine whether 1)controls have been designed according to management direction and known legal requirements and 2)the controls are operating effectively to provide reliability of, and security over the date being processed b. Review application controls of installed data processing application on which the auditor is relying to assess their reliability in processing data in a timely, accurate, and complete manner. EXAMINATION AND EVALUATION STANDARDS FOR ECONOMY & EFFICIENCY AUDITS & PROGRAM RESULT AUDITS 6. Sufficient, competent, and relevant evidence is to be obtained to afford a reasonable basis for the auditors’ judgments and conclusions regarding the organization, program, activity, or function under audit. A written record of the auditors work shall be retained in the form of working papers 7. The auditors shall: a. Be alert to situation or transactions that could be indicative of fraud, abuse, and illegal acts b. if such evidence exist, extend audit steps and procedures to identify effects on the entity’s operations and programs REPORTING STANDARDS FOR ECONOMY & EFFICIENCY AUDITS & PROGRAM RESULTS AUDIT 1. Written audit report are to be prepared giving the results of each dept/government audit 2. Written audit reports are to be submitted to the appropriate officials of the organizations requiring or arranging for audit unless legal restrictions or ethical considerations prevent it. Copies of the reports should also be sent to other officials who may be responsible for taking action on audit findings and recommendations and to others authorized to receive such reports. Unless restricted by law or regulation, copies should be made available for public inspection 3. Report shall include: a. A description of the scope and objective of the audit b. A statement that the audit( economy & efficiency or program results is made in accordance with generally accepted internal or auditing standards REPORTING STANDARDS FOR ECONOMY & EFFICIENCY AUDITS & PROGRAM RESULTS AUDIT 4. The report shall include: d. A statement of positive assurance on those items of compliance tested and negative assurance on those items not tested. This should include significant instances of noncompliance and instances of or indicating of fraud, abuse or illegal acts found during or in connection with the audit. However, fraud, abuse or illegal acts normally should be covered in a separate report, thus permitting the overall report to be released to the public e. Recommendations for actions to improve problem areas noted in the audit and to improve operations. The underlying causes of problems reported should be included to assist in implementing correction actions f. Pertinent views or responsible officials of the organization, program activity, or function audited concerning the auditors findings, conclusions, & recommendation. When possible, their views REPORTING STANDARDS FOR ECONOMY & EFFICIENCY AUDITS & PROGRAM RESULTS AUDIT 4. The report shall include: f. contn: should be obtained in writing g. A description of noteworthy accomplishment, particularly when management improvement in one area may be applicable elsewhere h. A listing of any issues and questions needing further study and considerations i. A statement as to whether any pertinent information has been omitted because it is deemed privileged or confidential. The nature of such information should be described, and the law or other basis under which it is withheld should be stated. If a separate report is issued containing this information, it should be indicated in the report 5. The report shall: a. Present factual data accurately and fairly. Include only information, findings, and conclusion that are adequate supported by sufficient evidence in the auditors’ working papers to demonstrate or prove the bases for the matters reported and their REPORTING STANDARDS FOR ECONOMY & EFFICIENCY AUDITS & PROGRAM RESULTS AUDIT 5. The report shall: a. cont’n…or prove the bases for the matters reported and their correctness and reasonableness b. Present findings and conclusions in a convincing manner c. Be objective d. Be written in language as clear and simple as the subject matter permits e. Be concise, but at the same time clean enough to be understood by users f. Present factual data completely to fully inform the users g. Place primary emphasis on improvement rather than on criticism of the past; critical comments should be presented in a balanced perspective considering any unusual difficulties or circumstances face by the operating officials concerned. BODY OF INTERNAL AUDIT REPORT Address Scope of audit work/ Date Audit Highlights Department name Prior auditAudit scope coverage- Findings noted Particular work to be done/Nature of audit Overall opinionPositive and Negative inputs noted Executive Action required- Action made by the Department audited Summary Report Foreword: includes the profile of the company audited department to be Purpose: Specifically mentioned the scope of work to be audited in compliance with the company control procedures, policies and governing laws Opinion and Findings: Include positive and negative findings noted during the operation and compliance audit Summarize per department/areas audited by mentioning the control measures, weaknesses and strength, and the audit procedure done Signed by : Auditor in-Charge Supervising Auditor Manager of Internal Audit Supplemental report This body covers the more detail report of deficiency findings per area or scope of work, and detailed audit procedure done for each weaknesses noted, and to whom discussed for action to be made Summary of findings requiring corrective action Summarize the findings that require management actions Reporting case: The internal audit department have just concluded the operation and compliance audit of their company- MALUSOG Inc- a construction company handling heavy equipments as one of major accounts with a total cost of P10 Million, depreciation are computed on a straight line method with an estimated useful life of 5 years. With the capital outlay for equipments, the company has the policy to safeguard its assets through proper maintenance to include, fuel and oil, repair parts and services, that as of audit date it reach about P900,000. The employees is around 50 assigned and charged as part of operating cost. The construction operates for the a period of 2 years now. For this year internal audit operation and compliance examination the focus is on: a. the equipment maintenance and vehicle dispatching to sites including preventive maintenance and inspection; performing regular maintenance and repairs b, Ordering, receiving, and disbursing fuel and parts and obtaining equipment repairs. Controls are satisfactorily provided on the activities pertaining to inspections and preventive maintenance schedule, dispatched log for equipment are properly monitored as to location and driver involved. Parts received are well inspected as to purchase requests, purchase order and receiving report; disbursement of parts are done in volume without specifying the part number, qty pieces, purpose and equipment needing parts. Receiving and withdrawal of parts, dispatching of vehicles are done by the department supervisor or any of his staff. However for withdrawal of and surveillance of gas and oil by vehicle operators are inadequate are inadequate where the vehicle operator serves himself and records his own withdrawals of gasoline and oil without surveillance thereby making no assurance that records are maintained accurately Samples of documents such as preventive maintenance reports and related control records and found to be in order, likewise the documents for vehicle dispatch log and observation of its operations was being adequately controlled and performed. Despite of the weaknesses though, it is concluded that on the basis of the test made that the functions are being performed in a reasonably satisfactory manner. Sample test on the fuel pump meter records vs amount of fuel recorded by vehicle operators produce minimal or tolerable variance. Findings have been discussed to management team and are responsive to the recommendations made as crucial for the operation if not given corrective actions. Recommendation as to proper segregation of duties and must be reviewed by the management, and of the management to consider some means of surveillance even of a spot check basis to provide minimum element of control as it danger the operation by manipulating and misappropriation increases. Coordinate w/ External Auditor To develop audit plan from risk assessment RESPONSIBILITIES OF INTERNAL AUDIT Report to BOD & CEO Investigate FRAUD Do audit in support of the plan RISK PROCEDURES Needed for audit plan Obtain information Is sufficient -Procedures: 1.Inquries(governance,employees,legal counsel, mktg/ sales.. 2.Analytical proce dures 3.Observation, inspection 4.Other procedure relevant to timing and extent of audit, ie prior period examination Obtain understandin g Needed for audit eviden ce Obtain information INTERNAL AND EXTERNAL AUDITING The CONTRAST Render opinion, & recommend improvement upon gathering sufficient appropriate evidence, ie: data analysis, outside confirmation & other Audit procedures Done by exter Nal audits Internal audit Focus on risks, Effeciveness and Efficiency of operations External consultation Allowed when agreed to by management & audit committee Part of org, but report to upper Management, audit committee, & operational management for independency Involve in risk & control analysis, information security, & reliability, operational efficiency, compliance reviews, special & fraud investigation Consultative assurance May or may not be certified by CIA Report to the BOD-audit committee, serving outside stakeholders, stockholders & regulatory agencies Gather sufficient & approp riate evidence to render an opinion External audit Involve in FS audit Audit of internal Control, assurance & reviews A must for CPA Certification for independency Focus on finan Cial statements, report on internal Control & financial Reporting processes Consultation not Allowed for public Audit client, only To non-audit & non Public clients Audit Evidence Information needed by the auditor circles around the evidences that could support or contradict the assertions or representations made by the management in the financial statements, it constitute the bulk of the work of the auditor in an audit in order to express an opinion on the financial statements base on the evidences gathered and evaluated PROCEDURES TO GATHER EVIDENCE According to purpose: 1. Obtain understanding of the entity and its environment 1a. Internal control 1b. Assess the risk of material misstatement at the Financial statement level and assertion level (Risk assessment procedure 2. Internal control 2a. Effective operating internal control 2b. Substantive procedure do not provide sufficient appropriate audit evidence PROCEDURES TO GATHER EVIDENCE According to purpose: 3. Substantive test detect material misstatement at the assertion level 3a. Test of transaction, account balances, and disclosure and substantive analytical procedures 3b. Responsive to related to assessment of risk and results of internal control 3c. Risk assessment is judgmental, if not precise, substantive procedures for material classes of transaction, account balances, and disclosure 3c. And disclosures are always required to obtain sufficient appropriate audit evidence PROCEDURES TO GATHER EVIDENCE According to nature: 1. Inspection- examine records, documents, tangible assets 1a. Documentary audit evidence held by 3rd parties (external) 1b. Documentary audit evidence created by 3rd parties and held by the entity (external-internal) 1c. Documentary audit evidence created and held by entity (purely internal) 1d. Tangible assets inspection calls for their existence but not necessarily for their ownership or valueconduct other necessary procedures PROCEDURES TO GATHER EVIDENCE According to nature: Auditor Observati Inquiry on Confirmation Inquiry Transaction Entity 3rd party PROCEDURES TO GATHER EVIDENCE According to nature: 5. Computation or recalculation 6. Reperformance- auditors independent execution of procedures or controls that were originally performed as part of entity’s internal control 7. Reconciliation 8. Vouching- tracing back transaction back to supporting documents 9. Tracing- tracing documents forward through the accounting records to establish completeness of transaction processed. PROCEDURES TO GATHER EVIDENCE According to nature: 10. Analytical procedures 10a. Comparing relationship 10b. Ratio and trends and resulting investigation, re: fluctuation, relationship with inconsistency with other relevant information 10c. As suggested in audit standard, it shall be done on the planning stage and overall review stage 10d. Can be done but not required as substantive test to provide evidence as to the reasonableness of the specified account balances HIERARCHY OF COMPETENCE- AUDIT EVIDENCE Direct, Physical observation personal knowledge computation External evidence External-Internal evidence Internal evidence Verbal & written representation Sufficient & appropriate Persuasive QUALITIES MEASURE ACTION Sufficiency of audit evidence Quantity- the To reduce to an greater the risk of acceptable low misstatement level- more evidence is required Similarly, high quality evidence, the less evidence may be required Reasonable assurance Rely on evidence that is persuasive rather than QUALITIES MEASURE ACTION Appropriateness of evidence Quality of audit evidence Relevance and reliability supports detect misstatement in financial statements influence by its source and its nature Competency of appropriate evidence Relevance of the evidence to the assertion tested Objectivity Qualification of the provider of evidence QUALITIES MEASURE Appropriateness Competency of of evidence appropriate evidence ACTION Timeliness of the evidence to provide about an assertion in time the evidence is needed The logical relationship to the purpose Of audit procedure or assertion under consideration The validity of the evidence that can be relied Or believability given the source it originated & who prepares it, and its nature what type Of evidence obtained Legally Qualified sufficient More reliable Evidence obtained from independent source outside entity Evidence generated internally with good internal control Evidence observed directly by auditors better than evidence obtained indirectly or by inference Evidences in documentary form is better than documents obtained orally Evidence of original documents is better than obtained through facsimile, photocopied, digitalized etc & must be certified original true copy Least reliable Does documents need to be authentic? The auditor rarely involves authentication of documents, however it is the responsibility of the auditor to deal with circumstances to believe that a document may not be authentic, or may have been modified without proper disclosure to the auditor if it relates to fraud in an audit of financial statements. Reliance of document originating from internal source being the only evidence available should be tested as to its completeness and accuracy to ascertain whether the information is sufficiently precise for the auditor’s purpose, say audit of capitalization policy, the data must be complete as to its approval, cost, and capitalization policy a. do it concurrently with the actual audit procedure b. do it by testing control over the preparation & maintenance of the Information c. do additional audit procedure audit evidence is doubtful if it is obtained with inconsistency from different sources, thus, auditor should perform additional audit procedure to resolve the matter… This usually arise in gathering evidence through inquiry, evaluation of internal control against the responses of the management charged with governance OBJECTIVES IN GATHERING AUDIT EVIDENCE For the auditors to establish a procedures on management assertion as to: 1. 2. 3. 4. 5. EXISTENCE OR OCCURRENCE& CUT OFF COMPLETENESS & CUT OFF RIGHTS AND OBLIGATION VALUATION OR ALLOCATION PRESENTATION AND DISCLOSURE To include the COMPLIANCE ASSERTION ASSERTIONS BEING MANAGEMENT’S RESPONSIBILITY must be audited with proper relationship as to the audit evidence to be produced with specific objectives tailored to specific assertions. ASSERTIONS OBJECTIVE 1.Existence and occurrence 1.a- About classes of transactions Whether recorded transaction and events actually occurred and pertains to entity Illustration: If management assert that purchases for the year reach the mark of P500K for the current year, the auditor should do the procedure to check that P500K of purchases have actually occurred during the current year and all valid transaction Action; employ procedure to ASSERTIONS OBJECTIVE 1.Existence and occurrence 1.b- About account balances Note: in both case: if transaction or account are recorded to ascertain its existence for transaction/account that does not actually occur- the result is overstatement 2.Completeness 2.a- As to classes of transaction Whether assets, liabilities, and equity exist at the date of Financial Statements Illustration: If management assert the Accounts receivable with the existing lists of debtors are collectible accounts Action: employ audit procedures to gather evidence to ascertain collectability and existence All transaction that should have been recorded are actually ASSERTIONS OBJECTIVE 2.Completeness & cut off 2.a- As to account balances Note: in both cases, failure to record transaction/accounts would result in an understatement. 3.Accuracy as to class of transaction All assets, liabilities, and equity interests should have been recorded are recorded. Illustration: Entity that records liability has a complete documents to support and that the lists of suppliers are readily payable on its due dates Appropriate recorded with the application of GAAP, or in accordance of the financial recording standards, both for ASSERTINONS OBJECTIVE 5.Rights & obligations-as to account balances Entity has the control and rights over the accounts reported in the financial statements- Right and ownership of fixed assets, inventory or obligation for certain loans from the financing institution.. 6.Valuation and allocation- as to account balances Proper values of the assets, liabilities and equity interest have been assigned ie: FIFO, Lower ASSERTIONS OBJECTIVE 7.Disclosure & presentationabout account balances Disclosure must include occurrence and rights and obligation, its completeness, classification and understandability, accuracy & valuation.. Illustration: Occurrence- Cash and cash equivalents must be free from restriction, it can be utilized during the normal operating cycle, full right on account, & must be disclosed on the notes ASSERTIONS OBJECTIVE 7.Disclosure & presentationabout account balances Classification and understandability- Elements of Balance sheet and Income statement must be proper and in order, for example Assets include an account which future economic benefits are expected to flow to the entity. Resources comes from past transaction and events Compliance disclosure is equally important relating to financial laws and regulations such as SEC, BIR, non Accuracy& valuationmust compliance of which will affect the GAAP. adhere to the PFRS, GAAP What management assertion will you consider for the bank reconciliation statement by Finance department for internal audit purposes? How will you do the audit procedure that show relationship on the audit evidence for specific objectives tailored for specific assertions? Following are the bank reconciliation that requires audit procedures: QUEENSTORE COMPANY BANK RECONCILIATION RCPSB BANK- GENERAL ACCOUNT December 31, 2014 Balance per bank statement P506,100 Add: Deposit in transit 51,240 Deduct outstanding checks: Date No Payee 12/10/13 842 Uno Supply P 500 11/30/14 1280 Uno Supply 1,800 12/15/14 1372 Eastern Travel 30,76033,060 Bank debit/Credit memos Balance per book 83,340 P607,620 ======= Sample financial Statements to show The assertions made by the management AUDIT RISK AND MATERIALITY Profit! Is Audit an absolute or reasonable assurance to detect risk??? Decision makers Need the reliability And credibility Of reports… Losses! Audit risk- risk may unknowingly fail to appropriately modify the opinion on financial statements, and or operation reports, thus through the nature, timing and extent of audit procedures plan in the conduct of audit it must be properly plan and execute right to have a direct control over the risk. For this reason audit risk is figured to be a reasonable rather than absolute assurance; reasonable in the sense that it could not guarantee that information is perfectly right in a given audit engagement. A fair view of financial or operational info are prepared and presented AUDIT RISK In an overall sense, is the probability that an auditor will give an inappropriate opinion on financial statements…ie: rendering an unqualified opinion on financial statements/ or misleading report because of material error and irregularities the auditor failed to discover, despite of well planned audit carefully performed; hence, risk is high if audit performed is poor and carelessly done. COMPONENTS OF AUDIT RISK Inherent risk Control risk Inherent risk-Vulnerability to material misstatement assumed that there are no related control hence, account balance and transactions are susceptible to error, or material misstatement because of its characteristics ILLUSTRATION: 1. Sudden increase/decrease on net profit of the organization 2. Count of marketable securities identifying true ownership, number of shares etc.. Control risk- material misstatement that could occur will not be prevented or detected on a timely basis by internal controls due to effectiveness of the design and operation of internal control, concluded on a preliminary bases for planning purposes, via evaluation of internal control risk. however 0% control risk can never be achieved likewise due: 1. to inherent limitation of internal control 2. It circumvent or avoid fulfilling, answering, or performing duties, questions, or issues INTERNAL CONTROL CONCLUSION Condition of transaction After passing internal control evaluation Conclusion of internal control Error Error Ineffective Correct Effective Error Ineffective/Counter productive Correct Inconclusive/ showing no certainty Correct Attributes: 1. Past audit tract 2. Conditions for the auditor to acknowledge the deterioration of control Detection risk- risk that can be controlled or manipulated by auditor through the nature, timing and extent of audit procedures as plan in the conduct of audit by the scope of the procedures used by the auditor and is a function of the effectiveness of an audit procedure and its application; the result therefore: 1. It is not detection of misstatement in an assertion per se as it connote to detection risk, 2. It is an ease of detection misstatement depending on the effectiveness of design & operation of internal control Detection Risk-Risk that auditor will not detect a misstatement that exist in an assertion, or Audit procedures will fail to produce evidence of material error and irregularit AXIOMS ON RISK COMPONENTS Control risk is low= Detection risk is high -internal control is very effective; therefore detection of misstatement is easy Control risk is high= Detection risk is low -internal control is ineffective; therefore detection of misstatement is difficult “Approach rely entirely on auditor’s professional judgement” AUDIT RISK MODEL Aur= IRxCRxDR With risk involve are all independent RISK ASSESSMENT PROCEDURES 1. Inquiries 1.1 Managemen 1.2 Charged with governance 1.3 Employees 1.4 Internal audit findings 1.5 In house legal counsel 1.6 Marketing / sales personnels RISK ASSESSMENT PROCEDURES 2. Analytical procedure 3. Observation & Inspection 4. Other consideration How do you assess materiality??? Magnitude of an omission or misstatement of accounting information , that in the light of surrounding circumstances, makes it probable that the judgment of a reasonable Low level of materiality=increase the aggregate mistatement Person relying on the information would have been changed or influenced by the omission or misstatement High level of materiality= decrease the aggregate mistatement Materiality is relative & not absolute concept Circumstancial, Nature of the item or issue, Uncertainty & cumulative effects Illustrative data information How do we identify materiality in aggregate misstatement??? STEPS TO ASSESS 1. Identify 2. Assess 3. Relate 4. Consider potential misstatement Leading to fraud, due To weak control enviro nment, lack of mgt compeTency...assertion at financial Statement level. Assertion level necessary to obtain sufficient appropriate audit evidence. Is the auditor’s judgment on RISK of material misstatement SIGNIFICANT? JUDGMENT IDENTIFYING SIGNIFICANT RISK 2 1 Comple x transact ion 3 4 5 6 Risk on non routine transaction Risk on development of acctng estimates Transactions consider unusual and This concept circles on the estimates the occur infrequently that require financial statements require of, and revenue management attention, ie: GAAP recognition- subject for interpretation and treatment & its difficulty to assumptions of its effectiveness that could implement,greater manual intervention affect future period. Substantive procedure may not provide sufficient appropriate audit evidence for risk relating to inaccurate or incomplete recording routine & significant classes of transaction or account balances , characteristic of which often permit highly automated processing with little of no manual intervention = ENTITY’S CONTROL OVER SUCH RISK ARE RELEVANT TO THE AUDIT THE AUDITOR SHALL OBTAIN UNDERSTANDING. Is there a way for the risk assessment in terms of material misstatement at financial level and assertion level be revised? It may change during the course of the audit as additional evidence is obtained that could result in inconsistencies with audit evidence previously obtained, likewise modify the planned audit procedures STEPS IN APPLYING MATERIALITY 1. Establish preliminary judgment-maximum amount FS could be misstated but still not affect the decision of the reasonable users- a relative approach rather than absolute concept with the base to consider, i.e: a. Total assets b. Total revenues c. Net income before taxes d. Net income from continuing operation e. Gross profit f. Average of 3 years; net income before taxes STEPS IN APPLYING MATERIALITY 2. Determine tolerable misstatement-materiality allocated to an account or class of transaction based on judgment or formal quantitative approach 3. Estimate likely misstatements and compare totals to the preliminary judgment about materiality- done near the end of audit with the auditor evaluates all the evidences gathered. The greater the preliminary judgment with likely misstatement, concludes that the FS are fairly stated, otherwise Adj is necessary, if not issue qualify or adverse opinion AUDITING MATERIALITY FRAUD AUDIT-AUDITORS RESPONSIBILITY The given example shows the risk as identified that could be a cause of: Business related risk or Financial statement risk in terms of misstatement relating to Fraud or Error… Business risks Financial statement risks 1. Change in org structure, industry 1. Differences that would affect the general presentation in accordance with financial reporting..(GAAP) 2. New product line & services or segments -amount, classification, account, etc 3. Location -material disclosure either omitted nor not presented 4. Introduction of Information tech -Omission in financial statements 5. Economic stability of the business situs 6. Government regulation FINANCIAL RISKS Unintentional Misstatement or omission of Amounts or disclosure in the Financial statements 1.Mistakes in data Process, acctng prin Ciples 2.Unreasonable Estimates 3.Clearical mistakes Human error, weakness Intentional Misstatement Or omission intended to deceive users of financial statments Financial reporting Misappropriation of assets Manipulation/ Falsification/ Forgery/ Alteration MisrepresentaTion/intentional omission Intentional Misapplication of acctng prin ciples, amount account Record ficti tious journal entry close to acctng report Management Override controls Inappropriate adjustments/ju dgment/estima te Omit,conceal, Alter,delay Recording of events Engage in Complex trans Accounting records/documents/reports Opportunity Incentive/Pressures Management monitoring is not effective Unstable organizational structure Deficient internal control Threatened financial stability & profitability Motivating factors to commit fraudulent financial reporting Excessive pressures from 3rd party requirements Pressures from management/personnel to meet financial targets Attitudes Low morale Disputes between shareholders Impartiality in business decision Weak in business relationship Convince that fraudulent & dealing w/ the auditor act is worth the risks MISAPPROPRIATION OF ASSETS Stealing physical assets or intellectual property Embezzling receipts Using entity’s assets for personal gain Payment by acommodation for goods/services not received Opportunity Incentive/Pressures Huge amount of cash on hand, with inventory highly in Demand, weak Control on Fixed assts Personal financial obligation with direct access to cash & other assets susceptible to theft Motivating factors to commit misappropriation of assets Attitudes Disregard actions to consider about the weaknesses Noted for misappropriation of assets, the Degree of tolerance With the fraud triangle, how would the fraud be accomplished? CAPABILITY The knowledge and skill to Successfully execute it. FRAUD PREVENTION PROCESS 1. Installation of corporate governance principles and practices 2. Execution of transaction- level controls 3. Audit controls and processes 4. Investigation of all alleged improprieties PREVENTION 1. 2. 3. 4. 5. 6. 7. 8. Reshaping the role of audit committee Strengthening the control environment controls Stricter laws, regulations and governance Sufficient mechanism for whistle blowing Hiring only ethical employees Instill the fear of being caught Maintain an anti fraud culture Independent directors who have no material interest in the company 9. Board& committee meetings regularly held without the presence of the CEO 10. Effective flow of reports and other board committee 11. Budgeting controls 12. Internal and compliance audit information to the HINTS OF POSSIBLE FRAUD REVENUE ACCOUNTS 1. Recognizing as revenue goods not yet shipped 2. Recognizing as revenue goods shipped but not ordered 3. Channel stuffing (padding) 4. Bill- and- hold technique 5. Recognizing revenue for goods where there is a customer right to return goods in the contract 6. Recognizing revenue even if the service is not yet performed INVENTORY FRAUD 1. Kickbacks on inventory purchases 2. Hollow square 3. Discounts for prompt payments are pocketed by employees 4. Inventories are written off without authorization 5. Double counting of inventories 6. Consigned goods received are made part of inventory balance 7. Mislabeling of finished goods 8. Intentional and improper cutoffs FRAUD ON ASSETS AND EXPENSES 1. 2. 3. 4. Improper capitalization of expenditures Non- recording of assets impairment(damaged) Inadequate allowance for doubtful acccounts Recording fictitious assets FRAUD ON ASSETS AND LIABILITIES 1. Increasing an asset’s valuation in the balance sheet 2. Inappropriate estimates such as those used for depreciation and amortization 3. Unsupported expenses to reduce income tax 4. Expensing an asset to reduce income tax FRAUD ON LIABILITY ACCOUNTS 1. 2. 3. 4. 5. 6. Hiding debts off the balance sheet Intentional non- accrual of expenses Non- disclosure of contingent liabilities Undervaluation of debt Non-recording of finance lease liability Improperly transferring liability to another entity or related party 7. Declaring liabilities are paid out on the balance sheet even if they are still unpaid AUDIT STRATEGY OBJECTIVES 1. Deploying resources to specific audit areas such as assigning experienced team members for high risk areas of involving experts on complex matters 2. Allocating resources to specific audit areas (timing) 3. Timing of the deployment of such resources (interim/year end/ key cutoff dates) 4. How such resources are to be managed and supervised AUDIT OF CASH/ FRAUD ON CASH 1. Fraudulent disbursements 1.1 submission of false invoices 1.2 false reimbursement Skimming(brushing off)- cash is stolen from the entity before it is recorded in the accounting records Cash larceny(taking something unlawful) cash is stolen after it has been recorded in the accounting books KITING- fraud that overstate by causing it to be simultaneously included in two or more bank accounts; it is possible because a check takes several days to clear the bank on which it is drawn Procedure to audit kiting 1. Prepare a bank transfer schedule-last week of the audit year and 1st week of the following year 2. Prepare proof of cash 3. Obtaining a cutoff bank statement for all the banks company open account CASH 1. 2. 3. 4. 5. 6. 7. Cash count on hand at year end Send confirmation letter to financial institution Review cut off cash receipts and disbursements Review passbooks and bank statement Perform analytical procedures Obtain cutoff bank statements Review year end bank reconciliation RECEIVABLES Lapping- embezzlement scheme in which cash collection from customers are stolen and the shortage is concealed by delaying the recording of subsequent cash receipts To detect: 1. perform analytical procedure such as calculating receivable turnover ratios and age of receivables 2. Confirm receivables and investigate all exceptions 3. Obtain authenticated deposit slips from bank and compare name, dates, and amounts on remittance advices to information on deposit slips 4. Perform surprise inspection of deposits and compare deposit slips with remittance 5. Compare remittances advices with information recorded to books 6. Verify propriety of noncash credits to accounts receivable 7. Reconcile individual customer accounts to accounts receivable control accounts 8. Compare copies of monthly statements with customer account Audit procedure for receivables 1. Confirm accounts and notes receivables by direct by communication with debtors 2. Inspect notes on hand and confirm those not on hand by direct communication with debtors 3. Vouch receivables to supporting customer orders, sales orders, invoices shipping documents and others 4. Review sales cut off and cash receipts around year end 5. Perform analytical procedures –receivable turnover Audit procedure for receivables 6. Examine the adequacy of the allowance for doubtful accounts INVENTORY 1. Perform observation of inventory count 2. When a client uses statistical methods in determining inventory quantities, the auditor must be satisfied that the sampling plan has statistical validity 3. In case of a first time audit, auditor should observe the counting 4. Perform analytical procedure- inventory turnover 5. Confirm consigned inventory and inventory in warehouse 6. Make test of observe physical count INVENTORY 7. Review cutoffs 8. Account for inventory tags and count sheets 9. Test the inventory cost method and pricing 10. Examine inventory quality and condition INVESTMENT 1. 2. 3. 4. Perform analytical procedure Perform simultaneous verification Confirm securities held by others Inspect and count securities on hand and compare serial numbers with those shown on records 5. Vouch purchases and sales of securities during the year 6. Examine dividends and other investment income 7. Examine investment classification for F/S presentation FIXED ASSETS 1. 2. 3. 4. Perform analytical procedures fixed asset turnover Inspect major acquisition of PPE during the year Examine disposal of PPE including proceeds from sale Review minutes of meeting to determine authorization of major PPE transaction 5. Analyze repair and maintenance expenses and vouch transaction 6. Review depreciation policy and depreciation computation LIABILITIES 1. Perform analytical procedures 2. Confirm accounts payable with vendors 3. Vouch payable balances to selected vendors by inspecting purchase orders, receiving reports and invoices 4. Inspect notes and loan agreements 5. Search for unrecorded liabilities 6. Review accruals 7. Perform analytical procedure for long term debts- debt to equity ratio, interest ratio 8. Review loan covenants and identify possible breach of covenant LIABILITIES 9. Confirm long term debt with creditors 10.Trace proceeds of loans to bank account and books 11.Review minutes of meetings for authorization SHAREHOLDERS’ EQUITY 1. Confirm stocks authorized issued and outstanding with the independent registrar and stock transfer agent as appropriate 2. Without an independent registrar and stock transfer agent, reconcile the stock certificate books to transaction recorded in the GL 3. Vouch transaction and trace receipts of funds to bank account and cash register journal 4. Review minutes of meetings 5. Review articles of Incorporation and by laws SHAREHOLDERS’ EQUITY 6. Perform analytical procedure- reasonableness of dividends 7. Vouch dividend payment 8. Vouch entries affecting retained earnings 9. Examine treasury share transaction 10.Reconcile outstanding shares recorded with the stubs 11.Confirm balances with shareholders as appropriate REVENUE 1. Review company’s revenue recognition 2. Perform analytical procedures- vertical and horizontal trend analysis , comparison to industry averages 3. Vouch revenue transaction and determine that they were recorded at the proper transaction amounts 4. Examine trade arrangements and sales contracts 5. Analyze sales to related parties 6. Perform cutoff procedure 7. Consider economic substance of transaction EXPENSES 1. Review capitalization policy 2. Perform analytical procedure- same as that of the REVENUE 3. Obtain or prepare an analysis of selected expense accounts 4. Vouch transactions to supporting documents 5. Perform cutoff procedures 6. Trace selected payroll transactions recorded to the human resource department to determine whether the employees were actually employed during the payroll period 7. Test the handling of terminated employees 8. Conduct surprise payroll payoff EXPENSES 8. Inspect if the company recognize expense for - Share based compensation - Deferred tax - Provisions - Impairment losses - Employee benefits - Lease liability The audit procedures listed and presented should be guided by the audit programs to enable the gathering of evidence indicative of the audit objective to be satisfied i.e: assess the effectiveness of internal control and financial statement account balances. Program and objective should be satisfied with the: 1. Existence of assets 2. Rights to assets 3. Completeness 4. Valuation of assets 5. Disclosure. INTERNAL CONTROL The process designed and effected by those charged with the governance, management, and other personnel to provide reasonable assurance about the achievement of the entity’s objectives with regard to reliability of financial reporting, effectiveness and efficiency of operations, and compliance with laws and regulations It provides assurance that process is carried out properly, as a tool not be viewed as a substitute for management INTERNAL CONTROL Internal control is the primary responsibility of the management by putting up a system aided by oversight of those charged with governance, and the execution and carrying out of these policies & procedures by employees and other personnel; hence it involves people; ie: -Management/ chief exec officer -Board of Directorsin charge of governance -Employees and other personnelcarry out specific controls implemented INTERNAL CONTROL The involvement of people in internal control, must place awareness that the people involved has a limited understanding, or short in communication skills, but it is not an exemption that they will not abide on the responsibilities set forth by the management; hence, internal control must be well designed as control environment speaks of it as an effective tool to meet management objectives and goals. INTERNAL CONTROL Internal control process speak of the auditor’s responsibility to assess the design of the internal control system in the company implementations with the purpose to: -to safeguard the assets of the company -to check the accuracy and reliability of its accounting data…(Accounting controls) -to promote operational efficiency and encourage adherence to prescribed managerial policies …(Administrative controls) INTERNAL CONTROL Internal control provides reasonable assurance, and not an absolute assurance due to inherent limitation: 1. faulty judgment in decision making 2. Consideration of relative cost benefit 3. breakdowns coming from human failures or simple mistakes 4. Effect by collusion of two or more people 5. Management overrides control system Control Environment Monitoring of controls COMPONENTS OF INTERNAL CONTROL Entity risk assessment process Control activities Info system and related business process relevant to Financial reporting & communication Administrative controls Accounting controls A plan of organization, which provide appropriate segregation of function & responsibilities Control environment A system of authorization & record procedures to control assets, Liabilities, Revenue, exp Mgt with charged governance, has created and maintained culture of honesty and ethical behavior Communicate & enforce integrity and ethical values Governance and mgt function and the attitudes, awareness, & action; the foundation for all other components of internal control Competence Mgt participation with respective to guidance of responsibilities Administrative controls Accounting controls Sound practices to be followed Mgt philosophy & operating style Quality of personnel Organizational structure Provision for periodic review Control environment Assignment of authority & responsibility Governance and mgt function and the attitudes, awareness, & action; the foundation for all other components of internal control Human resource policies & practices Plan of System of Sound Quality of Organizati authorizati practices personnel on on in performan ce duties Provision for periodic review Simple Written Check & authorizati balances on for bus transactio n Selection Continuing supervisio n for SOP, operating condition, obsolete, & corrective actions Flexible Well Training Internal Acctng Plan of Organization System of authorization Sound practices in performance duties Quality of personnel Organization independence Procedures for handling routine transacion Supervision Lines of authority Adequate and wll kept accounting records Rotation & vacation Definition of duties Timely,useful,a ccurate, & reliable reports Provision for periodic review Plan of System of Organization authorizatio n Organization Standards of al chart performance Sound Quality of practices in personnel performance duties Provision for periodic review Referring to process that affect significant account balances in FS how - Initiated - documented - recorded to GL Info system and related business process relevant to Financial reporting & communication Referring to individual roles and responsibilities pertaining to internal controls over financial reporting aided by policy manuals, financial reporting manuals Policies and procedures that ensures management directives are carried out Authorization Performance review Information processing Physical control Segregation of duties Control activities The control activities help to assess material misstatement responsive to assessed risk by conducting further audit procedures.- relevance of audit risk for auditor’s judgment. Mgt monitor internal control -if it’s operating -appropriate for changes -timeliness of reports -compliance w/ entity’s policies & business practices Monitoring -Information fr controls communication from external parties that may indicate problems that needs improvement Provides information about the function of internal control -focus attention on evaluating effective internal control -communicate information about strenght & weaknesses & recommendation for improvement HOW WE DOCUMENT INTERNAL CONTROL Understanding obtained of the entity and its environment, identified risks and material misstatements, and its discussion with the audit team can be documented through the tool using: -Procedure manuals and organizational charts -Narrative description of memoranda -Internal control questionnaires -Flowcharts CARDINAL PRINCIPLES OF INTERNAL CONTROL 1. 2. 3. 4. 5. 6. 7. Responsibility for the performance of each duty must be fixed Accounting and financial operations must be made operational as a separate functions as record keeping and execution of transaction respectively Proof of accuracy should be utilized in order correctness of operation and accounting through audit trail No one person should be in complete charge of a business transaction Employees must be carefully selected and trained Employees should be bonded Employees should be rotated on a job, If possible; vacation for those in position of trust should be endorsed CARDINAL PRINCIPLES OF INTERNAL CONTROL 8. Operating instructions for each position should be reduced to writing 9. The protective advantage of a double-entry system of accounting should not be exaggerated 10.Controlling account should be used extensively as possible 11.Merchandise equipment and/or electronic equipment should be used, if feasible INTERNAL CONTROL FOR SMALL COMPANY 1. 2. 3. 4. 5. 6. 7. 8. Use of double entry system of bookkeeping Prompt recording of transaction and periodic or regular balancing of accounts Maintenance of a carefully prepared chart of accounts Preparation of monthly comparative financial statements for review by the owner Deposit of all cash receipts intact daily, and making all payments by check signed by the owner Approval of the owner of business transactions, and scrutiny of invoices before payments Use of well designed, serially numbered forms and proper control over these forms Employment of accounting proofs and controls. INTERNAL CONTROL FOR SMALL COMPANY 9. Periodic audits by an independent public accountant 10.Use of mechanical equipments, and physical safeguards 11.Adequate insurance