Download NO FRAUD LEFT BEHIND - Tri

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
page
31
page
32
page
33
page
34
page
35
page
36
Document related concepts
no text concepts found
Transcript 
NO FRAUD LEFT BEHIND
The Effect of New Risk Assessment Auditing
Standards on Schools
Runyon Kersteen Ouellette
Risk Assessment Standards





Statements on Auditing Standards
SAS 104 – 111 (risk assessment)
Other recently issued standards
SAS 112 – 115
How will these new audit standards affect
school audits?
SAS 104



Due professional care in the performance
of work
Clarified the definition of reasonable
assurance
Emphasized that reasonable assurance is a
high level of assurance, but not absolute
assurance
SAS 105

Amendment to SAS 95, Generally
Accepted Auditing Standards

Expands the scope of the understanding
that the auditor is required to obtain from
“internal control” to “the entity and its
environment, including its internal control”
SAS 105



Emphasizes that the understanding is
obtained to “assess the risk of material
misstatement of the financial statements”
The understanding of the entity and its
internal control is part of the audit
evidence that supports the opinion
Used to be only part of the audit planning
SAS 106


Audit evidence
Identifies “risk assessment procedures” as
procedures performed to obtain an
understanding of the entity in order to
assess the risk of material misstatement
SAS 106

Evidence obtained from performing risk
assessment procedures, including gaining
an understanding of the entity and its
environment, including its internal controls
as well as tests of controls and substantive
procedures is part of the evidence
obtained to support the audit opinion (not
just to plan the audit)
SAS 106

Risk assessment procedures include:




Inquiries of management and others
Analytical procedures
Observation and inspection
Inquiry alone is no longer sufficient to
evaluate controls and whether they have
been implemented
SAS 107



Audit risk and materiality in conducting an
audit
Auditors can no longer default to
maximum risk (instead of testing controls)
Materiality should take qualitative
considerations into account as well as
quantitative
SAS 108



Planning and supervision
New guidance on development of overall
audit strategy and audit plan
Establish an understanding with the client

What is management’s responsibility
compared to the auditor’s responsibility
SAS 109


Understanding the entity and its environment
and assessing the risks of material
misstatements
Understanding the entity:





Industry, regulatory, and other external factors
Nature of the entity
Objectives and strategies and the related risks
Measurement and review of financial performance
Internal control, which includes accounting policies
SAS 109

Understanding of internal control



Evaluating design of a control
Determining whether it has been implemented
Evaluating the design of control involves
considering whether the control, individually or
in combination with other controls, is capable of
effectively preventing or detecting and
correcting material misstatements
SAS 109

Components of internal control:





Control environment – tone of organization
Risk assessment – identification and analysis of
relevant risks
Information and communication systems –
identification, capture and communication of
information
Control activities – policies and procedures
Monitoring – assessment of the quality of internal
control performance
Control Environment


Primary responsibility for the prevention
and detection of fraud and errors rests
with those charged with governance and
management
The absence or inadequacy of such
programs and controls may constitute a
significant deficiency or material weakness
Control Environment







Communication and enforcement of integrity
and ethical values
Commitment to competence
Participation of those charged with governance
Management’s philosophy and operating style
Organizational structure
Assignment of authority and responsibility
Human resource policies and practices
Risk Assessment

Risk assessment process for financial
reporting purposes is its identification,
analysis, and management of risks
relevant to the preparation of financial
statements that are presented fairly in
conformity with GAAP
Risk Assessment

Risks relevant to financial reporting:





Changes in operating environment
New personnel
New or revamped information systems
Rapid growth
New accounting pronouncements
Information and Communication
Systems

Information systems consist of
procedures, whether automated or
manual, and records established to
initiate, authorize, record, process, and
report entity transactions and to maintain
accountability for the related assets,
liabilities and equity
Information and Communication
Systems

Communication involves providing an
understanding of individual roles and
responsibilities pertaining to internal
control over financial reporting
Control Activities




Authorization
Segregation of duties
Safeguarding
Asset accountability
Monitoring



Management is responsible for establishing and
maintaining internal controls on an ongoing
basis
Monitoring controls includes determining
whether internal controls are operating as
intended and modifying as appropriate for
changes in conditions
Monitoring is done to ensure that controls
continue to operate effectively
SAS 110


Performing audit procedures in response
to assessed risks and evaluating the audit
evidence obtained
Requires tests of controls to obtain audit
evidence about their operating
effectiveness when assessment of risks is
based on the expectation that controls are
operating effectively
SAS 112




Communicating internal control related matters
identified in an audit
Defines the terms significant deficiency and
material weakness (revised by SAS 115)
Provides guidance on the severity of control
deficiencies
Requires communication in writing to
management and those changed with
governance
Control Deficiency

Exists when the design or operation of a
control does not allow management or
employees, in the normal course of
performing their assigned functions, to
prevent or detect misstatements on a
timely basis
Control Deficiency

Deficiency in design exists when:


a control necessary to meet the control
objective is missing or
an existing control is not properly designed so
that even if the control operates as designed,
the control objective is not always met
Control Deficiency

Deficiency in operation exists when:


a properly designed control does not operate
as designed or
when the person performing the control does
not possess the necessary authority or
qualifications to perform the control
effectively
SIGNIFICANT DEFICIENCY (SAS 112)

A control deficiency, or combination of control
deficiencies, that adversely affects the entity’s
ability to initiate, authorize, record, process, or
report financial data reliably in accordance with
generally accepted accounting principles such
that there is more than a remote likelihood that
a misstatement of the entity’s financial
statements that is more than inconsequential
will not be prevented or detected
SIGNIFICANT DEFICIENCY (SAS 115)

A deficiency, or a combination of
deficiencies, in internal control that is less
severe than a material weakness, yet
important enough to merit attention by
those charged with governance
Material Weakness (SAS 112)

A significant deficiency, or a combination
of significant deficiencies, that results in
more than a remote likelihood that a
material misstatement of the financial
statements will not be prevented or
detected
Material Weakness (SAS 115)

A deficiency, or combination of
deficiencies, in internal control, such that
there is a reasonable possibility that a
material misstatement of the entity’s
financial statements will not be prevented,
or detected and corrected on a timely
basis
Material Weakness (SAS 115)


Identification of fraud, whether or not
material, on the part of senior
management
Restatement of previously issued financial
statements to reflect the correction of a
material misstatement due to error or
fraud
Material Weakness (SAS 115)


Identification by the auditor of a material
misstatement of the financial statements under
the audit in circumstances that indicate that the
misstatement would not have been detected by
the entity’s internal control
Ineffective oversight of the entity’s financial
reporting and internal control by those charged
with governance
SAS 114



Auditor’s communication with those
charged with governance
Supersedes SAS 61
Requires communication before and after
the audit
SAS 114

Planned scope and timing of audit




Assist those charged with governance in
understanding the consequences of the auditor’s work
Discussing issues of risk and materiality
Identifying any areas that those charged with
governance request the auditor to undertake
additional procedures
Assist auditor to understand the entity and its
environment
SAS 114


Auditor’s responsibilities under GAAS
Significant findings from audit




Qualitative aspects of the entity’s significant
accounting practices, including policies,
estimates, and disclosures
Significant difficulties or disagreements
Uncorrected misstatements, unless trivial
Other findings or issues
ANY QUESTIONS????
Related documents
Using the SAS System to Mine Your Data
Using the SAS System to Mine Your Data
SAS and a Multi-User Estimating Database
SAS and a Multi-User Estimating Database
Recall from yesterday the two conjectures that you derived about the
Recall from yesterday the two conjectures that you derived about the
4.5 Notes
4.5 Notes
Money Output & Prices in the Long Run
Money Output & Prices in the Long Run
Setup process for SAS Enterprise Miner
Setup process for SAS Enterprise Miner
Discovering the Road Less Traveled to SAS Information
Discovering the Road Less Traveled to SAS Information
CHEN CHEN - Fox School of Business
CHEN CHEN - Fox School of Business
Research Analyst/Data Miner
Research Analyst/Data Miner
SAS Data Mining Account Create Every time
SAS Data Mining Account Create Every time
LISAM. Statistical software
LISAM. Statistical software
SAS Marketing Operations Management: Marketing Dashboard
SAS Marketing Operations Management: Marketing Dashboard