ACCO.304-part 3

Jose Cintron, MBA-CPChttp://josecintron.comhttp://mba4help.com jose@mba4help.com

www.mba4help.com

Control Risk

The risk that a misstatement that could occur in an assertion about a class of transaction, account balance or disclosure and that could be material, either individually or when aggregated with other misstatements, will not be prevented, or detected and corrected, on a timely basis by the entity’s internal control.

www.mba4help.com

Control Risk

Control risk is the probability that a material misstatement exists in an assertion because that misstatement was not either prevented from entering entity’s financial information or it was not detected and corrected by the internal control system of the entity.

It is the responsibility of the management and those charged with governance to implement internal control system and maintain it appropriately which includes managing control risk.

www.mba4help.com

Assessing Control Risk  The auditor should assess control risk for relevant assertions by evaluating the evidence obtained from all sources, including the auditor's testing of controls for the audit of internal control and the audit of financial statements, misstatements detected during the financial statement audit, and any identified control deficiencies.

Control risk should be assessed at the maximum level for relevant assertions (1) for which controls necessary to sufficiently address the assessed risk of material misstatement in those assertions are missing or ineffective or (2) when the auditor has not obtained sufficient appropriate evidence to support a control risk assessment below the maximum level.

www.mba4help.com

Assessing Control Risk

When deficiencies affecting the controls on which the auditor intends to rely are detected, the auditor should evaluate the severity of the deficiencies and the effect on the auditor's control risk assessments.

If the auditor plans to rely on controls relating to an assertion but the controls that the auditor tests are ineffective because of control deficiencies, the auditor should:

1.Perform tests of other controls related to the same assertion.

2.Revise the control risk assessment and modify the planned substantive procedures as necessary.

www.mba4help.com

Substantive Test

A procedure used during accounting audits to check for errors and material misstatements(monetary) in financial statements and other financial documentation. A substantive test might involve checking a random sample of transactions for errors, comparing account balances to find discrepancies, or analysis and review of procedures used to execute and record transactions.

www.mba4help.com

Inherent Risk

Inherent risk is the probability that, in the absence of internal controls, material errors or frauds could enter the accounting system used to develop financial statements. You can think of inherent risk as the susceptibility of the account to misstatement. In other words “what could go wrong?”—inherent risk is a function of the nature of the client's business, the major types of transactions, and the effectiveness and integrity of its managers and accountants. 

www.mba4help.com

Inherent Risk in Receivables

Primary risk is net receivables will be overstated, because either receivables have been overstated, or the allowance for uncollectible accounts has been understated

Risks affecting receivables include:

Sales of receivables recorded as sales rather than financing transactionsReceivables pledged as collateralReceivables classified as current when likelihood of collection is lowCollection of receivable contingent on uncertain future eventsPayment not required until purchaser sells the product

www.mba4help.com

Substantive Tests of Accounts Receivable Existence & Occurrence

Valuation– Are sales and receivables initially recorded at their correct

amount?– Will client collect full amount of recorded receivables?

Rights and Obligations– Contingent liabilities associated with factor or sales

arrangements– Discounted receivables

Presentation and Disclosure– Pledged, discounted, assigned, or related party receivables

www.mba4help.com

Substantive Tests ofAccounts Receivable

Obtain and evaluate aging of accounts receivable

Confirm receivables with customers

Perform cutoff tests

Review subsequent collections of receivables

www.mba4help.com

Detection Risk

Detection risk is the probability that audit procedures will fail to detect material misstatements provided that any have entered the accounting system in the first place and have not been prevented or detected and corrected by the client's internal controls.

In contrast to inherent risk and control risk, auditors are responsible for performing the evidence-gathering procedures that manage and establish detection risk. These audit procedures represent the auditors' opportunity to detect material misstatements in financial statements. Unlike inherent risk and control risk, auditors can and do influence the level of detection risk.

www.mba4help.com

Determine Detection Risk

Detection risk occurs when you don’t use the right audit procedures or you don’t use them correctly. You assess inherent and control risk and then solve your audit risk equation by assigning detection risk to reduce your audit risk to an acceptable level. Keep in mind that you can never completely eliminate detection risk because you’ll most likely never look at each and every transaction. Your goal is to keep it to an acceptable minimum.

www.mba4help.com

3 Major elements of Detection Risk:

Misapplying an audit procedure: A good example is when you’re using ratios to determine if a financial account balance is at face value accurate (reasonable), and you use the wrong ratio.

Misinterpreting audit results: You use the right audit procedure but just flat out make the wrong decision when evaluating your results. Maybe you decide accounts payable is fairly presented when it actually contains a material misstatement.

Selecting the wrong audit testing method: Different financial accounts are best served using specific testing methods. For example, if you want to make sure a particular sale took place, you test for its occurrence — not for whether the invoice is mathematically correct.

www.mba4help.com

Detection Risk

 Detection risk represents the risk that the audit team's substantive procedures will fail to detect a material misstatement. As auditors require higher quality evidence (lower detection risk), they must gather more relevant and reliable evidence (appropriateness) and evaluate a larger number of transactions or components (sufficiency). 

www.mba4help.com

Audit samples

Audit sampling is the application of an audit procedure to less than 100 percent of the items within an account balance or class of transactions for the purpose of evaluating some characteristic of the balance or class.

www.mba4help.com

Types of audit sample

There are two general approaches to audit sampling: nonstatistical and statistical. Both approaches require that the auditor use professional judgment in planning, performing, and evaluating a sample.

www.mba4help.com

Population

Sample items should be selected in such a way that the sample can be expected to be representative of the population.

The auditor should determine that the population from which he draws the sample is appropriate for the specific audit objective. The population contains all items to be considered for testing.

www.mba4help.com

Sample Unit

Sample items should be selected in such a way that the sample can be expected to be representative of the population. Therefore, all items in the population should have an opportunity to be selected.

www.mba4help.com

Attribute Samples

Attribute sampling plans represent the most common statistical application used by internal auditors to test the effectiveness of controls and determine the rate of compliance with established criteria. The results of these plans provide a statistical basis for the auditor to conclude whether the controls are functioning as intended.

www.mba4help.com

Employee Fraud

Embezzlement is a type of fraud involving employees or nonemployees wrongfully misappropriating funds or property entrusted to their care, custody, and control, often accompanied by false accounting entries and other forms of deception and cover-up.

Larceny is simple theft; for example, an employee misappropriates an employer's funds or property that has not been entrusted to the custody of the employee.

Defalcation is another name for employee fraud, embezzlement, and larceny. Auditing standards also call it misappropriation of assets.Errors are unintentional misstatements or omissions of amounts or disclosures in financial statements.

www.mba4help.com

Types of FraudFinancial statements may be materially misstated as a result of errors or fraud.

www.mba4help.com

Business Risk

All businesses make a countless number of decisions each and every day. Decisions to purchase or sell goods or services, lend money, enter into employment agreements, or buy or sell investments depend in large part on the quality of useful information. These decisions affect business risk, the chance a company takes that customers will buy from competitors, that product lines will become obsolete, that taxes will increase, that government contracts will be lost, or that employees will go on strike.

In other words, business risk is the risk that an entity will fail to meet its objectives. 

www.mba4help.com

Risk Assessment

An important part of the performance principle is for auditors to identify important concerns (or risks) they face in the audit. This process is referred to as risk assessment and follows engagement planning, as follows:

www.mba4help.com

Risk Assessment

The risk assessment process requires an understanding of the client, its operating environment, and its industry. This includes internal controls operating within the client's accounting information systems that ultimately produce the client's financial statements. Internal control may be defined as the policies and procedures implemented by an entity to prevent or detect material accounting frauds or errors and provide for their correction on a timely basis. Satisfactory internal control reduces the probability of frauds or errors in the accounts.

www.mba4help.com

External Auditors

The purpose of obtaining and evaluating evidence is to ascertain the degree of correspondence between the assertions made by the information provider and established criteria. Auditors will ultimately communicate their findings to interested users. To communicate in an efficient and understandable manner, auditors and users must have a common basis for measuring and describing financial information.

www.mba4help.com

Test of Control

Tests of Controls are audit procedures performed to test the operating effectiveness of controls in preventing or detecting material misstatements at the relevant assertion level.

An auditor might use inspection of documents, observation of specific controls, reperformance of the control, or other audit procedures to gather evidence about controls.

www.mba4help.com

Test of Control for A/P

Accounts Payable transactions are reviewed to ensure payments are made to actual company vendors and all invoices are properly coded and paid. A/P aging schedules are also reviewed for large unpaid balances.

Fixed Assetsare reviewed to determine that the proper asset class has been assigned and depreciation is being calculated correctly. Salvage values are also tested to determine validity.

www.mba4help.com

Test of control “cash disbursement”

www.mba4help.com

Group work in class

Working with your computer find at least 6 revenue recognition schemes. Discuss in class for the mayor.

www.mba4help.com

Samples of Improper Revenue Recognition Schemes

Recognize revenue on fictitious shipmentsHidden side letters that give customers unlimited right to return productRecord consignment sales as final salesAccelerated recognition of sales occurring after year-endShip unfinished goodsShip goods before date agreed to by customerCreate fictitious invoicesShip goods never orderedShip more goods than orderedRecord shipments to company's warehouse as salesRecord shipments of replacement goods as new sales

www.mba4help.com

Revenue Cycle

www.mba4help.com

Revenue Cycle test of controls

Several of the tests of controls can be done using the computer. The auditor must first evaluate the effectiveness of general controls related to program changes and file security. The auditor should make inquiries and inspect documentation about changes made to the programs and master files used for sales orders, shipping, billing, and recording.

www.mba4help.com

Revenue Recognition

Similarly, the SEC believes that revenue generally is realized or realizable and earned when all of the following criteria are met:

• Persuasive evidence of an arrangement exists.• Delivery has occurred or services have been rendered.• The seller's price to the buyer is fixed or determinable.• Collectability is reasonably ensured.

To be recognized, revenues must be (1) realized or realizable (2) earned

www.mba4help.com

Revenue Cycle test of controls

For testing sales orders, the auditor can enter test data to evaluate program results for:

a missing or invalid customer number an invalid product code an order that exceeds the customer’s credit limit

www.mba4help.com

jose@mba4help.comhttp://josecintron.comhttp://mba4help.comhttp://www.linkedin.com/in/josecintronhttp://www.youtube.com/user/josecintronmbahttps://www.facebook.com/advancebusinessconsulting