sas 99 l.
Skip this Video
Loading SlideShow in 5 Seconds..
SAS #99 PowerPoint Presentation
Download Presentation
SAS #99

Loading in 2 Seconds...

play fullscreen
1 / 40

SAS #99 - PowerPoint PPT Presentation

  • Uploaded on

SAS #99. Introduction & Overview. Supercedes SAS #82 “The auditor has a responsibility to plan and perform the audit to obtain reasonable assurance about whether the financial statements are free of material misstatement, whether caused by error or fraud.” (SAS #1)

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'SAS #99' - amaryllis

Download Now An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
introduction overview
Introduction & Overview
  • Supercedes SAS #82
  • “The auditor has a responsibility to plan
  • and perform the audit to obtain reasonable
  • assurance about whether the financial
  • statements are free of material
  • misstatement, whether caused by
  • error or fraud.” (SAS #1)
  • Periods beginning after 12-15-2002
description and characteristics of fraud
Description and Characteristicsof Fraud
  • For purposes of this statement, fraud is:
  • “an intentional act that results in a material misstatement in financial statements that are the subject of an audit.”
  • More narrow definition that legal definition
black s law dictionary
Black’s Law Dictionary
  • Fraud is defined as, “…all multifarious means which human ingenuity can devise, and which are resorted to by one individual to get an advantage over another by false suggestions or suppression of the truth. It includes all surprise, trick, cunning, or dissembling, and any unfair way by which another is cheated.”
common law fraud
Common Law Fraud

Four elements:

  • Material false statement
  • Knowledge that the statement was false
  • Reliance on the statement by victim
  • Damages
cfe categories of fraud
CFE Categories of Fraud
  • Misrepresentation of material facts
  • Concealment of material facts
  • Bribery
  • Conflicts of interest
  • Theft of money or property
  • Theft of trade secrets or intell. property
  • Breach of fiduciary duty
  • Statutory offenses
sas 99 2 types of fraud
SAS #99 – 2 types of fraud
  • Misstatements arising from:
  • 1) Fraudulent financial reporting; and,
  • 2) Misappropriation of assets


F R A U D a n d A B U S E



7 3 conditions present when fraud occurs
¶7: 3 conditions present when fraud occurs:
  • Incentive or Pressure;
  • Opportunity; and,
  • Rationalization
  • The Fraud Triangle!
  • However, see ¶35
the fraud triangle
The Fraud Triangle
  • According to Cressey, p. 20 of text:
  • One of the most fundamental observations of the Cressey study was that it took all 3 elements (conditions) for the trust violation to occur.
  • Compare that with ¶35 of SAS #99:
35 of sas 99
¶35 of SAS #99:
  • “the auditor should not assume that all 3 conditions must be observed or evident before concluding that there are identified risks.”
  • “…the auditor cannot assume that the inability to observe one or two of these conditions means there is no risk…”
13 professional skepticism
¶13 – Professional Skepticism
  • Includes a questioning mind, and,
  • A critical assessment of audit evidence
  • Mindset that fraud may exist, regardless of past experience with that client and
  • Regardless of the auditor’s belief about management’s honesty and integrity.
discussion among personnel
Discussion Among Personnel
  • Required brainstorming throughout the audit, but especially during planning
  • Helps set the tone or mindset for staff
  • Must be documented (¶83)
  • DOH Audit example
procedures to obtain information re risk of fraud
Procedures to Obtain Information re: risk of fraud
  • You must understand the entity’s business and the industry in which it operates (SAS #22), first and foremost.
  • Make inquiries
  • Consider unusual or unexpected relationships
  • Consider whether fraud risk factors exist
  • Consider other information
  • Must document procedures performed
identifying risks due to fraud
Identifying Risks Due to Fraud
  • ¶35
  • The 3 factors can occur in differing degrees, thus may NOT seem to be present when in fact they are.
  • Identify risks by assertion or for the financial statements as a whole
when identifying risks consider
When identifying risks, consider:
  • The type of risk (FFR or MA);
  • The significance of the risk (how material it is);
  • The likelihood of the risk; and,
  • The pervasiveness of the risk.
41 revenue recognition
¶41 – Revenue Recognition
  • Start with presumption that there IS a risk of MM due to fraud in revenue recognition.
  • If you don’t, you will have to justify why not.
42 management override
¶42 – Management Override
  • Same as with RR – always should address the risk of management override, regardless of finding any other risks present.
  • ¶57 – 67 describe specific procedures you may want to perform on every audit.
for each risk identified we must
For Each Risk Identified, We Must:
  • 1) determine what management is doing to mitigate those risks (if anything); and,
  • 2) after considering management’s controls, respond by modifying our audit programs, assigning staff, etc. where appropriate.

¶44 – Evaluating Management’s Programs and Controls:

  • For “risks of MM due to fraud” that have been identified:
    • evaluate whether entity programs and controls address these risk;
    • whether they have been suitably designed; and,
44 evaluating management s programs and controls continued
¶44 – Evaluating Management’s Programs and Controls (continued):
  • whether they have been placedinoperation
  • basically apply the old SAS#1 technique just like any other thing that could go wrong
auditor s response to identified risks
Auditor’s Response to Identified Risks:

¶46 - Apply professional skepticism

¶48 – The auditor also responds in the following 3 ways:

a) Assesses overall considerations

b) Alters nature, timing, and extent

c) Performs procedures to address management override

50 overall responses
¶50 – Overall Responses:
  • Assignment of personnel & supervision
  • Accounting Principles
    • - consider management’s judgment
  • Predictability of audit procedures
    • - change timing or methods
    • - look @ otherwise immaterial balances
    • - unannounced tests
51 n t e responses
¶51 – N, T, E Responses:
  • Must test (substantive) for fraud. The risk cannot be reduced to an approp. low level thru tests of controls only.
  • Nature – more reliable tests (SAS #31)
  • Timing – closer to end of period
  • Extent – larger sample sizes, etc.
  • See ¶53 for examples
54 n t e responses to ffr risk
¶54 – N, T, E Responses to FFR risk:
  • Revenue recognition
  • Inventory quantities
    • - cattle example
  • Management estimates
    • - SAS #57, prepare own estimate
    • - retrospective review
55 56 n t e response to ma risk
¶55-56 - N, T, E Response to MA risk:
  • Test operating effectiveness of controls
  • inspect assets at or near period end
  • use highly reliable analytical review procedures
  • In summary, do things you would not normally do
57 response to risk of management override
¶57 – Response to risk of Management Override:
  • Always respond to this risk even if no other responses are warranted
  • Following procedures must be performed:
    • examine journal entries;
    • review accounting estimates for biases;
    • evaluate business rationale for transact.
68 evaluating audit results
¶68 – Evaluating Audit Results
  • Should be an ongoing process
  • Put all the results together and see if any patterns show up
  • Keep up the “brainstorming” sessions
69 analytical review
¶69 – Analytical Review
  • In the overall review stage, make sure you have performed analytical review steps of REVENUE
  • Management is generally unable to manipulate certain info. to create seemingly normal or expected relationships
  • Ex: If theft overstates assets, certain ratios to sales will be off.
79 communicating results
¶79 – Communicating Results
  • To management
  • To Board or Audit Committee
  • To Outsiders if:
    • - legally required
    • - to successor auditor (SAS #84)
    • - responding to subpoena
    • - funding agency
80 documentation
¶80 – Documentation
  • The auditor should document:
  • “brainstorming”;
  • procedures performed to identify risks;
  • specific risks identified;
  • auditor’s response to those risks;
  • why improper revenue recognition is not a risk (if so);
80 documentation cont
¶80 – Documentation (cont.)
  • procedures performed (and results) regarding risk of management override;
  • other conditions and analytical review relationships; and,
  • communications to management, board, and others
in summary of sas 99
In Summary of SAS #99:
  • 1) “brainstorm” with colleagues;
  • 2) gather information;
  • 3) identify risks of mm due to fraud;
  • 4) assess client response (i/c);
  • 5) modify audit plan (respond) as approp.;
  • 6) evaluate audit results;
  • 7) communicate results; and,
  • 8) document, document, document