No fraud left behind
Download
1 / 36

NO FRAUD LEFT BEHIND - PowerPoint PPT Presentation


  • 101 Views
  • Updated On :

NO FRAUD LEFT BEHIND. The Effect of New Risk Assessment Auditing Standards on Schools Runyon Kersteen Ouellette. Risk Assessment Standards. Statements on Auditing Standards SAS 104 – 111 (risk assessment) Other recently issued standards SAS 112 – 115

Related searches for NO FRAUD LEFT BEHIND

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'NO FRAUD LEFT BEHIND' - maylin


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
No fraud left behind l.jpg

NO FRAUD LEFT BEHIND

The Effect of New Risk Assessment Auditing Standards on Schools

Runyon Kersteen Ouellette


Risk assessment standards l.jpg
Risk Assessment Standards

  • Statements on Auditing Standards

  • SAS 104 – 111 (risk assessment)

  • Other recently issued standards

  • SAS 112 – 115

  • How will these new audit standards affect school audits?


Sas 104 l.jpg
SAS 104

  • Due professional care in the performance of work

  • Clarified the definition of reasonable assurance

  • Emphasized that reasonable assurance is a high level of assurance, but not absolute assurance


Sas 105 l.jpg
SAS 105

  • Amendment to SAS 95, Generally Accepted Auditing Standards

  • Expands the scope of the understanding that the auditor is required to obtain from “internal control” to “the entity and its environment, including its internal control”


Sas 1055 l.jpg
SAS 105

  • Emphasizes that the understanding is obtained to “assess the risk of material misstatement of the financial statements”

  • The understanding of the entity and its internal control is part of the audit evidence that supports the opinion

  • Used to be only part of the audit planning


Sas 106 l.jpg
SAS 106

  • Audit evidence

  • Identifies “risk assessment procedures” as procedures performed to obtain an understanding of the entity in order to assess the risk of material misstatement


Sas 1067 l.jpg
SAS 106

  • Evidence obtained from performing risk assessment procedures, including gaining an understanding of the entity and its environment, including its internal controls as well as tests of controls and substantive procedures is part of the evidence obtained to support the audit opinion (not just to plan the audit)


Sas 1068 l.jpg
SAS 106

  • Risk assessment procedures include:

    • Inquiries of management and others

    • Analytical procedures

    • Observation and inspection

  • Inquiry alone is no longer sufficient to evaluate controls and whether they have been implemented


Sas 107 l.jpg
SAS 107

  • Audit risk and materiality in conducting an audit

  • Auditors can no longer default to maximum risk (instead of testing controls)

  • Materiality should take qualitative considerations into account as well as quantitative


Sas 108 l.jpg
SAS 108

  • Planning and supervision

  • New guidance on development of overall audit strategy and audit plan

  • Establish an understanding with the client

    • What is management’s responsibility compared to the auditor’s responsibility


Sas 109 l.jpg
SAS 109

  • Understanding the entity and its environment and assessing the risks of material misstatements

  • Understanding the entity:

    • Industry, regulatory, and other external factors

    • Nature of the entity

    • Objectives and strategies and the related risks

    • Measurement and review of financial performance

    • Internal control, which includes accounting policies


Sas 10912 l.jpg
SAS 109

  • Understanding of internal control

    • Evaluating design of a control

    • Determining whether it has been implemented

  • Evaluating the design of control involves considering whether the control, individually or in combination with other controls, is capable of effectively preventing or detecting and correcting material misstatements


Sas 10913 l.jpg
SAS 109

  • Components of internal control:

    • Control environment – tone of organization

    • Risk assessment – identification and analysis of relevant risks

    • Information and communication systems – identification, capture and communication of information

    • Control activities – policies and procedures

    • Monitoring – assessment of the quality of internal control performance


Control environment l.jpg
Control Environment

  • Primary responsibility for the prevention and detection of fraud and errors rests with those charged with governance and management

  • The absence or inadequacy of such programs and controls may constitute a significant deficiency or material weakness


Control environment15 l.jpg
Control Environment

  • Communication and enforcement of integrity and ethical values

  • Commitment to competence

  • Participation of those charged with governance

  • Management’s philosophy and operating style

  • Organizational structure

  • Assignment of authority and responsibility

  • Human resource policies and practices


Risk assessment l.jpg
Risk Assessment

  • Risk assessment process for financial reporting purposes is its identification, analysis, and management of risks relevant to the preparation of financial statements that are presented fairly in conformity with GAAP


Risk assessment17 l.jpg
Risk Assessment

  • Risks relevant to financial reporting:

    • Changes in operating environment

    • New personnel

    • New or revamped information systems

    • Rapid growth

    • New accounting pronouncements


Information and communication systems l.jpg
Information and Communication Systems

  • Information systems consist of procedures, whether automated or manual, and records established to initiate, authorize, record, process, and report entity transactions and to maintain accountability for the related assets, liabilities and equity


Information and communication systems19 l.jpg
Information and Communication Systems

  • Communication involves providing an understanding of individual roles and responsibilities pertaining to internal control over financial reporting


Control activities l.jpg
Control Activities

  • Authorization

  • Segregation of duties

  • Safeguarding

  • Asset accountability


Monitoring l.jpg
Monitoring

  • Management is responsible for establishing and maintaining internal controls on an ongoing basis

  • Monitoring controls includes determining whether internal controls are operating as intended and modifying as appropriate for changes in conditions

  • Monitoring is done to ensure that controls continue to operate effectively


Sas 110 l.jpg
SAS 110

  • Performing audit procedures in response to assessed risks and evaluating the audit evidence obtained

  • Requires tests of controls to obtain audit evidence about their operating effectiveness when assessment of risks is based on the expectation that controls are operating effectively


Sas 112 l.jpg
SAS 112

  • Communicating internal control related matters identified in an audit

  • Defines the terms significant deficiency and material weakness (revised by SAS 115)

  • Provides guidance on the severity of control deficiencies

  • Requires communication in writing to management and those changed with governance


Control deficiency l.jpg
Control Deficiency

  • Exists when the design or operation of a control does not allow management or employees, in the normal course of performing their assigned functions, to prevent or detect misstatements on a timely basis


Control deficiency25 l.jpg
Control Deficiency

  • Deficiency in design exists when:

    • a control necessary to meet the control objective is missing or

    • an existing control is not properly designed so that even if the control operates as designed, the control objective is not always met


Control deficiency26 l.jpg
Control Deficiency

  • Deficiency in operation exists when:

    • a properly designed control does not operate as designed or

    • when the person performing the control does not possess the necessary authority or qualifications to perform the control effectively


Significant deficiency sas 112 l.jpg
SIGNIFICANT DEFICIENCY (SAS 112)

  • A control deficiency, or combination of control deficiencies, that adversely affects the entity’s ability to initiate, authorize, record, process, or report financial data reliably in accordance with generally accepted accounting principles such that there is more than a remote likelihood that a misstatement of the entity’s financial statements that is more than inconsequential will not be prevented or detected


Significant deficiency sas 115 l.jpg
SIGNIFICANT DEFICIENCY (SAS 115)

  • A deficiency, or a combination of deficiencies, in internal control that is less severe than a material weakness, yet important enough to merit attention by those charged with governance


Material weakness sas 112 l.jpg
Material Weakness (SAS 112)

  • A significant deficiency, or a combination of significant deficiencies, that results in more than a remote likelihood that a material misstatement of the financial statements will not be prevented or detected


Material weakness sas 115 l.jpg
Material Weakness (SAS 115)

  • A deficiency, or combination of deficiencies, in internal control, such that there is a reasonable possibility that a material misstatement of the entity’s financial statements will not be prevented, or detected and corrected on a timely basis


Material weakness sas 11531 l.jpg
Material Weakness (SAS 115)

  • Identification of fraud, whether or not material, on the part of senior management

  • Restatement of previously issued financial statements to reflect the correction of a material misstatement due to error or fraud


Material weakness sas 11532 l.jpg
Material Weakness (SAS 115)

  • Identification by the auditor of a material misstatement of the financial statements under the audit in circumstances that indicate that the misstatement would not have been detected by the entity’s internal control

  • Ineffective oversight of the entity’s financial reporting and internal control by those charged with governance


Sas 114 l.jpg
SAS 114

  • Auditor’s communication with those charged with governance

  • Supersedes SAS 61

  • Requires communication before and after the audit


Sas 11434 l.jpg
SAS 114

  • Planned scope and timing of audit

    • Assist those charged with governance in understanding the consequences of the auditor’s work

    • Discussing issues of risk and materiality

    • Identifying any areas that those charged with governance request the auditor to undertake additional procedures

    • Assist auditor to understand the entity and its environment


Sas 11435 l.jpg
SAS 114

  • Auditor’s responsibilities under GAAS

  • Significant findings from audit

    • Qualitative aspects of the entity’s significant accounting practices, including policies, estimates, and disclosures

    • Significant difficulties or disagreements

    • Uncorrected misstatements, unless trivial

    • Other findings or issues



ad