Sas 99
Download
1 / 40

SAS 99 - PowerPoint PPT Presentation


  • 297 Views
  • Updated On :

SAS #99. Introduction & Overview. Supercedes SAS #82 “The auditor has a responsibility to plan and perform the audit to obtain reasonable assurance about whether the financial statements are free of material misstatement, whether caused by error or fraud.” (SAS #1)

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'SAS 99' - amaryllis


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

Introduction overview l.jpg
Introduction & Overview

  • Supercedes SAS #82

  • “The auditor has a responsibility to plan

  • and perform the audit to obtain reasonable

  • assurance about whether the financial

  • statements are free of material

  • misstatement, whether caused by

  • error or fraud.” (SAS #1)

  • Periods beginning after 12-15-2002


Description and characteristics of fraud l.jpg
Description and Characteristicsof Fraud

  • For purposes of this statement, fraud is:

  • “an intentional act that results in a material misstatement in financial statements that are the subject of an audit.”

  • More narrow definition that legal definition


Black s law dictionary l.jpg
Black’s Law Dictionary

  • Fraud is defined as, “…all multifarious means which human ingenuity can devise, and which are resorted to by one individual to get an advantage over another by false suggestions or suppression of the truth. It includes all surprise, trick, cunning, or dissembling, and any unfair way by which another is cheated.”


Common law fraud l.jpg
Common Law Fraud

Four elements:

  • Material false statement

  • Knowledge that the statement was false

  • Reliance on the statement by victim

  • Damages


Cfe categories of fraud l.jpg
CFE Categories of Fraud

  • Misrepresentation of material facts

  • Concealment of material facts

  • Bribery

  • Conflicts of interest

  • Theft of money or property

  • Theft of trade secrets or intell. property

  • Breach of fiduciary duty

  • Statutory offenses


Sas 99 2 types of fraud l.jpg
SAS #99 – 2 types of fraud

  • Misstatements arising from:

  • 1) Fraudulent financial reporting; and,

  • 2) Misappropriation of assets


Slide8 l.jpg

O C C U P A T I O N A L

F R A U D a n d A B U S E

C L A S S I F I C A T I O N

S Y S T E M


7 3 conditions present when fraud occurs l.jpg
¶7: 3 conditions present when fraud occurs:

  • Incentive or Pressure;

  • Opportunity; and,

  • Rationalization

  • The Fraud Triangle!

  • However, see ¶35


The fraud triangle l.jpg
The Fraud Triangle

  • According to Cressey, p. 20 of text:

  • One of the most fundamental observations of the Cressey study was that it took all 3 elements (conditions) for the trust violation to occur.

  • Compare that with ¶35 of SAS #99:


35 of sas 99 l.jpg
¶35 of SAS #99:

  • “the auditor should not assume that all 3 conditions must be observed or evident before concluding that there are identified risks.”

  • “…the auditor cannot assume that the inability to observe one or two of these conditions means there is no risk…”


13 professional skepticism l.jpg
¶13 – Professional Skepticism

  • Includes a questioning mind, and,

  • A critical assessment of audit evidence

  • Mindset that fraud may exist, regardless of past experience with that client and

  • Regardless of the auditor’s belief about management’s honesty and integrity.


Discussion among personnel l.jpg
Discussion Among Personnel

  • Required brainstorming throughout the audit, but especially during planning

  • Helps set the tone or mindset for staff

  • Must be documented (¶83)

  • DOH Audit example


Part ii how do we gather information on the risk of fraud l.jpg

PART II -How Do We Gather Information on the Risk of Fraud?


Procedures to obtain information re risk of fraud l.jpg
Procedures to Obtain Information re: risk of fraud

  • You must understand the entity’s business and the industry in which it operates (SAS #22), first and foremost.

  • Make inquiries

  • Consider unusual or unexpected relationships

  • Consider whether fraud risk factors exist

  • Consider other information

  • Must document procedures performed


Part iii identify risks from information gathered l.jpg
PART III –Identify Risks from Information Gathered


Identifying risks due to fraud l.jpg
Identifying Risks Due to Fraud

  • ¶35

  • The 3 factors can occur in differing degrees, thus may NOT seem to be present when in fact they are.

  • Identify risks by assertion or for the financial statements as a whole


When identifying risks consider l.jpg
When identifying risks, consider:

  • The type of risk (FFR or MA);

  • The significance of the risk (how material it is);

  • The likelihood of the risk; and,

  • The pervasiveness of the risk.


41 revenue recognition l.jpg
¶41 – Revenue Recognition

  • Start with presumption that there IS a risk of MM due to fraud in revenue recognition.

  • If you don’t, you will have to justify why not.


42 management override l.jpg
¶42 – Management Override

  • Same as with RR – always should address the risk of management override, regardless of finding any other risks present.

  • ¶57 – 67 describe specific procedures you may want to perform on every audit.


Part iv now that we have identified risks what next l.jpg
PART IV –Now That We Have Identified Risks, What Next?


For each risk identified we must l.jpg
For Each Risk Identified, We Must:

  • 1) determine what management is doing to mitigate those risks (if anything); and,

  • 2) after considering management’s controls, respond by modifying our audit programs, assigning staff, etc. where appropriate.


Slide23 l.jpg

¶44 – Evaluating Management’s Programs and Controls:

  • For “risks of MM due to fraud” that have been identified:

    • evaluate whether entity programs and controls address these risk;

    • whether they have been suitably designed; and,


44 evaluating management s programs and controls continued l.jpg
¶44 – Evaluating Management’s Programs and Controls (continued):

  • whether they have been placedinoperation

  • basically apply the old SAS#1 technique just like any other thing that could go wrong


Part v how do we respond l.jpg
PART V (continued):-How Do WeRespond?


Auditor s response to identified risks l.jpg
Auditor’s Response to Identified Risks: (continued):

¶46 - Apply professional skepticism

¶48 – The auditor also responds in the following 3 ways:

a) Assesses overall considerations

b) Alters nature, timing, and extent

c) Performs procedures to address management override


50 overall responses l.jpg
¶50 – Overall Responses: (continued):

  • Assignment of personnel & supervision

  • Accounting Principles

    • - consider management’s judgment

  • Predictability of audit procedures

    • - change timing or methods

    • - look @ otherwise immaterial balances

    • - unannounced tests


51 n t e responses l.jpg
¶51 – N, T, E Responses: (continued):

  • Must test (substantive) for fraud. The risk cannot be reduced to an approp. low level thru tests of controls only.

  • Nature – more reliable tests (SAS #31)

  • Timing – closer to end of period

  • Extent – larger sample sizes, etc.

  • See ¶53 for examples


54 n t e responses to ffr risk l.jpg
¶54 – N, T, E Responses to FFR risk: (continued):

  • Revenue recognition

  • Inventory quantities

    • - cattle example

  • Management estimates

    • - SAS #57, prepare own estimate

    • - retrospective review


55 56 n t e response to ma risk l.jpg
¶55-56 - N, T, E Response to MA risk: (continued):

  • Test operating effectiveness of controls

  • inspect assets at or near period end

  • use highly reliable analytical review procedures

  • In summary, do things you would not normally do


57 response to risk of management override l.jpg
¶57 – Response to risk of Management Override: (continued):

  • Always respond to this risk even if no other responses are warranted

  • Following procedures must be performed:

    • examine journal entries;

    • review accounting estimates for biases;

    • evaluate business rationale for transact.


Parts vi vii evaluating and communicating results l.jpg
PARTS VI & VII (continued): –Evaluating and Communicating Results


68 evaluating audit results l.jpg
¶68 – Evaluating Audit Results (continued):

  • Should be an ongoing process

  • Put all the results together and see if any patterns show up

  • Keep up the “brainstorming” sessions


69 analytical review l.jpg
¶69 – Analytical Review (continued):

  • In the overall review stage, make sure you have performed analytical review steps of REVENUE

  • Management is generally unable to manipulate certain info. to create seemingly normal or expected relationships

  • Ex: If theft overstates assets, certain ratios to sales will be off.


79 communicating results l.jpg
¶79 – Communicating Results (continued):

  • To management

  • To Board or Audit Committee

  • To Outsiders if:

    • - legally required

    • - to successor auditor (SAS #84)

    • - responding to subpoena

    • - funding agency


Part viii documentation requirements l.jpg
PART VIII (continued):–Documentation Requirements


80 documentation l.jpg
¶80 – Documentation (continued):

  • The auditor should document:

  • “brainstorming”;

  • procedures performed to identify risks;

  • specific risks identified;

  • auditor’s response to those risks;

  • why improper revenue recognition is not a risk (if so);


80 documentation cont l.jpg
¶80 – Documentation (cont.) (continued):

  • procedures performed (and results) regarding risk of management override;

  • other conditions and analytical review relationships; and,

  • communications to management, board, and others


In summary of sas 99 l.jpg
In Summary of SAS #99: (continued):

  • 1) “brainstorm” with colleagues;

  • 2) gather information;

  • 3) identify risks of mm due to fraud;

  • 4) assess client response (i/c);

  • 5) modify audit plan (respond) as approp.;

  • 6) evaluate audit results;

  • 7) communicate results; and,

  • 8) document, document, document


The end l.jpg
THE END (continued):


ad