Exam 3 Review AIS
remittance list-
A document listing names and amounts of all customer payments received in the mail.
sales invoice-
A document notifying customers of the amount of a sale and where to send payment.
Evaluated Receipts Settlement system (ERS): IN CASH DISBURSEMENTS -
Paying for goods when they are received at the price which is stated in the purchase order. Avoid overpaying for merchandise. Want to only pay for what was requested and consequentially received.
packing slip
- A document listing the quantity and description of each item included in a shipment. accompanies merchandise shipped to a customer
Bill of Lading
- A legal contract that defines responsibility for goods while they are in transit. It identifies the carrier, source, destination, shipping instructions, and the party (customer or vendor) that must pay the carrier.
Balance forward method
- Customers pay towards an outstanding balance (similar to credit card payments). Customer does not have to be billed for each order, making it cheaper and more convenient than open-invoice.
Billing
1. Invoicing. Requires information from the shipping department for items and quantities shipped. Also need info from sales on prices and other sales terms. Ø Sales invoice is created in billing. It notifies the customer of the amount to be paid and where to send the payment. 2. Updating Accounts Receivable. This function reports to the controller. In A/R, the customer account is debited for the amount that the customer is invoiced and the customer is credited for the amount the customer pays. Ø Adjustments made be made because of returns, allowances for damaged goods and write-offs. These should be handled by the credit manager. Ø Shipment of inventory triggers the recording of account receivable.
Internal controls perform three important functions:
1. Preventive controls deter problems before they arise. Examples include hiring qualified personnel, segregating employee duties, and controlling physical access to assets and information. 2. Detective controls discover problems that are not prevented. Examples include duplicate checking of calculations and preparing bank reconciliations and monthly trial balances. 3. Corrective controls identify and correct problems as well as correct and recover from the resulting errors. Examples include maintaining backup copies of files, correcting data entry errors, and resubmitting transactions for subsequent processing.
PEO's and Payroll Service Bureaus benefit from:
1. Reduced Costs 2. Wider range of benefits 3. Freeing up of computer resources
Sales Order Entry
1. Take the customer's order (the order data are received on a sales order document) 2. Check the customer's credit (need to be approved before the order is processed any further) (general authorization for existing customers which involves checking against the master file and specific authorization which would require authorization by a credit manager) a. someone other than the sales representative should specifically approve extension of credit. Especially important if the sales staff is paid on commission because their motivation is to make sales, not focus on collectability. b. The credit manager, who sets credit policies and approves the extension of credit to new customers and the raising of credit limits for existing customers, is independent of the marketing function. To enforce this segregation of duties in ERP systems, sales order entry clerks should be granted read-only access to information about individual customer credit limits; the ability to actually change credit limits should be granted only to the credit manager. 3. Check inventory availability. If there are enough units to fulfill the order then complete the sales order, update "quantity allocated" in inventory file, notify shipping, inventory, billing, then send acknowledgement to customer a. If no units available, initiate a back order which would involve either notifying production to make more units are purchasing to buy more units 4. Respond to customer inquiries (done by customer service or sales order entry)
cash flow budget-
A budget that shows projected cash inflows and outflows for a specified period.
blanket purchase order-
A commitment to purchase specified items at designated prices from a particular supplier for a set time period, often one year.
procurement card-
A corporate credit card that employees can use only at designated suppliers to purchase specific kinds of items.
time sheet-
A data entry screen (or paper document) used by salaried professionals to record how much time was spent performing various tasks for specific clients.
back order-
A document authorizing the purchase or production of items that is created when there is insufficient inventory to meet customer orders. Initiate the process of requesting items
purchase requisition-
A document or electronic form that identifies the requisitioner; specifies the delivery location and date needed; identifies the item numbers, descriptions, quantity, and price of each item requested; and may suggest a vendor.
purchase order-
A document that formally requests a vendor to sell and deliver specified products at designated prices. It is also a promise to pay and becomes a contract once the vendor accepts it. It is also a promise to pay and becomes a contract once the supplier accepts it.
disbursement voucher-
A document that identifies the vendor, lists the outstanding invoices, and indicates the net amount to be paid after deducting any applicable discounts and allowances.
picking ticket-
A document that lists the items and quantities ordered and authorizing the inventory control function to release that merchandise to the shipping department. The picking ticket is often printed so that the item numbers and quantities are listed in the sequence in which they can be most efficiently retrieved from the warehouse. used by warehouse workers to fill the order.
receiving report-
A document that records details about each delivery, including the date received, shipper, vendor, quantity received.
time card-
A document that records the employee's arrival and departure times for each work shift. The time card records the total hours worked by an employee during a pay period.
debit memo-
A document used to record a reduction to the balance due to a vendor. One copy of the debit memo is sent to the supplier, who subsequently creates and returns a credit memo in acknowledgment. The accounts payable department is notified and adjusts the account balance owed to that supplier. A copy of the debit memo accompanies the goods to the shipping department to authorize their return to the supplier. In the case of damaged or poor-quality goods, a document called a debit memo is prepared after the supplier agrees to take back the goods or to grant a price reduction.
credit memo-
A document, approved by the credit manager, authorizing the billing department to credit a customer's account. Usually issued for sales returns, for allowances granted for damaged goods kept by the customer, or to write off uncollectible accounts.
payroll clearing account-
A general ledger account used to check the accuracy and completeness of recording payroll costs and their subsequent allocation to appropriate cost centers.
payroll register-
A listing of payroll data for each employee for a payroll period.
electronic lockbox-
A lockbox arrangement (see lockbox) in which the bank electronically sends the company information about the customer account number and the amount remitted as soon as it receives payments.
voucher system-
A method for processing accounts payable in which a disbursement voucher is prepared instead of posting invoices directly to vendor records in the accounts payable subsidiary ledger. The disbursement voucher identifies the vendor, lists the outstanding invoices, and indicates the net amount to be paid after deducting any applicable discounts and allowances. Contrast with nonvoucher system.
nonvoucher system-
A method for processing accounts payable in which each approved invoice is posted to individual vendor records in the accounts payable file and is then stored in an open invoice file. Contrast with voucher system.
universal payment identification code (UPIC)-
A number that enables customers to remit payments via an ACH credit without requiring the seller to divulge detailed information about its bank account.
flexible benefit plan-
A plan under which each employee receives some minimum coverage in medical insurance and pension contributions, plus additional benefit "credits" that can be used to acquire extra vacation time or additional health insurance. Sometimes called cafeteria-style benefit plans because they offer a menu of options.
Lockbox-
A postal address to which customers send their remittances. The company's bank opens the lockbox, deposits the customer checks in the company's account, and sends a list of customer remittances to the company. Provides a means to both improve the efficiency of processing customer payments and to enhance control over those payments Advantages: ● Prevents theft by employees ● Improves cash flow management ● International customers can use foreign banks
Accounts receivable aging report-
A report listing customer account balances by length of time outstanding. The report provides useful information for evaluating current credit policies, for estimating bad debts, and for deciding whether to increase the credit limit for specific customers. Useful for projecting the timing of future cash inflows related to sales, deciding whether to increase the credit limit for specific customers, and for estimating bad debts. To be effective, credit approval must occur before the goods are released from inventory and shipped to the customer. Nevertheless, problems will occur, and some customers will end up not paying off their accounts. Therefore, careful monitoring of accounts receivable is extremely important.
earnings statement-
A report listing the amount of gross pay, deductions, and net pay for the current period and the year-to-date totals for each category.
deduction register-
A report listing the miscellaneous voluntary deductions for each employee.
customer relationship management (CRM) systems-
A system designed to manage all the data related to customers, such as marketing, filed service, and contact management data. CRM's support the organizing and retrieving of information on historical sales activities and promotions planning. • Facilitates the matching of sales promotions and customer buying trends • Includes "segmentation" which is the grouping of customers into categories based on key characteristics.
just-in-time (JIT) inventory system: IN PURCHASING -
A system that minimizes or virtually eliminates inventories by purchasing and producing goods only in response to actual, rather than forecasted, sales. Basically eliminates finished goods inventory
System threats
A threat is any potential adverse occurrence or unwanted event that could injure the AIS or the organization.
evaluated receipt settlement (ERS): IN CASH DISBURSEMENTS -
An invoiceless approach to accounts payable that replaces the three-way matching process (vendor invoice, receiving report, and purchase order) with a two-way match of the purchase order and receiving report.
payroll service bureau-
An organization that maintains the payroll master file for each of its clients and performs their payroll processing activities for a fee.
professional employer organization (PEO)-
An organization that processes payroll and also provides human resource management services such as employee benefit design and administration.
Cobit
COBIT consolidates control standards from many different sources into a single framework that allows (1) management to benchmark security and control practices of IT environments, (2) users to be assured that adequate IT security and controls exist, and (3) auditors to substantiate their internal control opinions and to advise on IT security and control matters.
Open-invoice (open-item) -
Customers pay based on each invoice. 2 copies are sent, and the customer is supposed to return one of the invoices with payment. This turnaround document is remittance advice. More complex to maintain, but cash flow collections are more uniform, and discounts are taken more often.
The Internal Environment is the most critical component of the ERM and the internal control framework. Is the foundation on which the other seven components rest. Influences how organizations:
Establish strategies and objectives Structure business activities Identify, access, and respond to risk
Imprest Fund: IN CASH DISBURSEMENTS -
Fixed fund that is replenished based on vouchers that get turned in. For when petty cash is needed. Set up the petty cash as an imprest fund which is a fixed amount that gets replenished on presentation of vouchers.
System vulnerabilities
Flaws in programs that can be exploited to either crash the system or take control of it. · Monoculture · Inadequately protected systems · Poorly trained users · Dissatisfied employees / Unethical employees · Management Indifference
Expected Loss
Impact * Likelihood
Expenditure cycle 3 basic activities in the expenditure cycle process
Ordering goods, supplies and services Receiving and storing these items Paying for these items
Internal control objectives along with limitations of internal controls
Internal control is the process implemented by the board of directors, management, and those under their direction to provide reasonable assurance that the following control objectives are achieved: · Assets (including data) are safeguarded. · Records are maintained in sufficient detail to accurately and fairly reflect company assets. · Accurate and reliable information is provided. · There is reasonable assurance that financial reports are prepared in accordance with GAAP. · Operational efficiency is promoted and improved. · Adherence to prescribed managerial policies is encouraged. · The organization complies with applicable laws and regulations. Internal control provides reasonable assurance—complete assurance is difficult to achieve and prohibitively expensive. In addition, internal control systems have inherent limitations, such as susceptibility to simple errors and mistakes, faulty judgments and decision making, management overrides, and collusion.
Companies can endorse integrity as a basic operating principle by actively teaching and requiring it. Management should
Make it clear that honest reports are more important than favorable ones.
1. Internal environment consists of the following:
Management's philosophy, operating style, and risk appetite Board of Directors § Audit Committee Commitment to integrity, ethical values and competence** Organizational structures A company's organizational structure defines its lines of authority, responsibility, and reporting. Methods of assigning authority and responsibility Management should make sure: Employees understand the entity's objectives. Authority and responsibility for business objectives is assigned to specific departments and individuals. Ownership of responsibility encourages employees to take initiative in solving problems and holds them accountable for achieving objectives. Human resource standards: Employees are both the company's greatest control strength and the greatest control weakness. Organizations can implement human resource policies and practices with respect to hiring, training, compensating, evaluating, counseling, promoting, and discharging employees that send messages about the level of competence and ethical behavior required. Policies on working conditions, incentives, and career advancement can powerfully encourage efficiency and loyalty and reduce the organization's vulnerability. External influences that affect the control environment include requirements imposed by: FASB PCAOB SEC Insurance commissions Regulatory agencies
open-invoice method: IN BILLING -
Method for maintaining accounts receivable in which customers typically pay according to each invoice. Usually, two copies of the invoice are mailed to the customer, who is requested to return one copy with the payment. This copy is a turnaround document called a remittance advice. Most likely used when a company offers customers discounts for prompt payment. provides a means to offer discounts because it facilitates aging each invoice to verify whether a discount should be granted.
balance-forward method: IN BILLING -
Method of maintaining accounts receivable in which customers typically pay according to the amount shown on a monthly statement rather than by individual invoices. Remittances are applied against the total account balance rather than specific invoices. The monthly statement lists all transactions, including both sales and payments, that occurred during the past month and informs customers of their current account balances
vendor-managed inventory (VMI)-
Practice in which manufacturers and distributors manage a retail customer's inventory using EDI. The supplier accesses its customer's point-of-sale system in order to monitor inventory and automatically replenish products when they fall to agreed-upon levels.
cycle billing-
Producing monthly statements for subsets of customers at different times. For example, each week monthly statements would be prepared for one-fourth of the customers. Cycle billing produces a more uniform flow of cash collections throughout the month and reduces the time that the computer system is dedicated to printing monthly statements. Cycle billing can significantly affect processing requirements.
materials requirements planning (MRP): IN PURCHASING -
Seek to reduce inventory levels by improving the accuracy of forecasting techniques and carefully scheduling production and purchasing around that forecast. Better for companies that have predictable demand like consumer staples.
SCM: IN CASH DISBURSEMENTS - supply chain management.
Software that assists with demand planning; one of the most important areas of SCM. Want to have lower costs to the customer and higher availability of the product, reduced inventories along the supply chain, improved relationship between buyers and sellers, reduced overtime costs, and reduced product defects.
reorder point-
Specifies the level to which the inventory balance of an item must fall before an order to replenish stock is initiated.
financial electronic data interchange (FEDI): IN CASH COLLECTIONS -
The combination of EFT and EDI that enables both remittance data and funds transfer instructions to be included in one electronic package. The most efficient way to process customer payments and update accounts receivable.
Opportunities
The condition or situation that allows a person or organization to commit and conceal a dishonest act and convert it to personal gain.
Sales Order
The document created during sales order entry, listing the item numbers, quantities, prices, and terms of the sale
Embezzlement
The fraudulent appropriation of business property by an employee to whom it has been entrusted. It is often accompanied by falsification of records.
Risks
The likelihood that a threat or hazard will actually come to pass.
Event likelihood
The probability that a threat to an AIS will come to pass.
Credit Limit-
The maximum allowable credit account balance for each customer, based on past credit history and ability to pay.
Exposure/Impact
The potential dollar loss should a particular threat become a reality.
Internal control
The processes and procedures implemented within a business organization to provide reasonable assurance that data is processed correctly, assets and information are safeguarded, and applicable laws are followed.
Control risk
The risk that a material misstatement will get through the internal control structure and into the financial statements
Residual Risk
The risk that remains after management implements internal controls or some other form of response to risk
voucher package-
The set of documents used to authorize payment to a vendor. It consists of a purchase order, receiving report, and vendor invoice.
Inherent risk
The susceptibility to significant control problems in the absence of internal control.
EOQ (Economic Order Quantity): IN PURCHASING -
The traditional approach to managing inventory. The goal is to maintain enough stock so that production doesn't get interrupted. Optimal order size is calculated by minimizing the sum of several costs like ordering, carrying and stockout costs. Least cost-effective approach when looking at MRP and JIT.
electronic funds transfer (EFT): IN CASH COLLECTIONS -
The transfer of funds using online banking software.
Electronic Data Interchange (EDI)
The use of computerized communications and a standard coding scheme to submit business documents electronically in a format that can be automatically processed by the recipient's information system.
Laping
altering accounts receivables to hide a stolen receivables payment. The method involves taking a subsequent receivables payment and using that to cover the cover the theft. The next receivable is then applied to the previous unpaid receivable, and so on.
Fraud
any and all means a person uses to gain an unfair advantage over another person. Legally, for an act to be fraudulent there must be: 1. A false statement, representation, or disclosure 2. A material fact, which is something that induces a person to act 3. An intent to deceive 4. A justifiable reliance; that is, the person relies on the misrepresentation to take an action 5. An injury or loss suffered by the victim
5. Control activities
are policies, procedures, and rules that provide reasonable assurance that management's control objectives are met and their risk responses are carried out. · It is management's responsibility to develop a secure and adequately controlled system. § Controls are much more effective when built in on the front end. § Consequently, systems analysts, designers, and end users should be involved in designing adequate computer-based control systems. · Management must also establish a set of procedures to ensure control compliance and enforcement. · Generally, control procedures fall into one of the following categories: 1. Proper authorization of transactions and activities 2. Segregation of accounting duties 3. Project development and acquisition controls 4. Change management controls 5. Design and use of documents and records 6. Safeguard assets, records, and data 7. Independent checks on performance
Ordering goods, supplies and services
consists of identifying what when and how much to purchase and from whom. Alternate inventory control methods - 1. Economic Order Quantity (EOQ) 2. Just in Time Inventory (JIT) 3. Materials Requirements Planning (MRP) Ø This process begins with a purchase request followed by the generation of a purchase order. Ø Purchase requisition identifies who is requesting the goods, where they should be delivered, when they're needed, item numbers/descriptions/quantities/prices, department number and account number to be charged. Ø Purchase rec is received by a buyer in the purchasing department Ø There should be a vendor and product inventory master file so the selection process of who to buy from doesn't have to be carried out every time Ø Purchase order - formally requests a supplier to sell and deliver specified products and specified prices. It's both a contract and promise to pay. Ø Blanket order - commitment to buy specified items at specified prices from a particular supplier for a set time period.
Misappropriation
misappropriation is the intentional, illegal use of the property or funds of another person for one's own use or other unauthorized purpose
Shipping
o 2 steps (Both include custody of inventory and report to the vice president of manufacturing.) 1. Picking and packing the order. (triggered by the picking ticket that is given from sales order entry à says what and how much to pick) (warehouse workers record the quantities picked on the picking ticket) 2. Shipping the order. Shipping department compares the physical count of inventory, quantities indicated on picking ticket and the quantities on the sales order that they receive. (3) · From there, the shipping clerk records online the sales order number, item number and the quantities shipped. This updates the inventory master file, produces a packing slip and creates multiple copies of the bill of lading. · Packing slip and bill of lading go with the freight carrier. · Another copy of BOL stays in shipping to track and confirm delivery, the other goes to billing to trigger an invoice. · For internal control purposes, the packing slip and bill of lading should not be printed until the accuracy of the shipment has been verified. Wireless communication and RFID tags can help with real-time tracking which keeps your inventory up to date as it moves around the warehouse. Physical counts of inventory should be made periodically.
· Payroll has high potential for fraud including:
o Ghost employees who don't exist but collect a check o Falsification of hours o Commission schemes when sales employees collect commission on false sales or using false commission rates. o Workers Comp schemes when employees fake an injury to receive compensation
The 5 major sources of input to the payroll process include:
o HRM department - provides information about hiring, terminations and pay-rate changes. o Employees - provide changes in discretionary deductions (like life insurance) o Various departments - provide data about the actual hours worked by an employee o Government agencies - provide tax rates and regulatory instructions o Insurance companies - provide instructions for calculating and remitting various withholdings.
4 basic business activities are performed in the revenue cycle:
o Sales Order Entry: o Shipping: o Billing: o Cash Collection:
· The 7 basic activities in the payroll process:
o Update payroll master file o Update tax rates and deductions o Validate time and attendance data o Prepare payroll o Disburse payroll o Calculate employer-paid benefits and taxes o Disburse payroll taxes and miscellaneous deductions
Paying for the items
o corruption cases often involve arrangements between a company's purchasing agent and a sales representative for one of the company's vendors. This happens in the form of bribery, conflict of interest, economic extortion, illegal gratuities · Approval of vendor invoices - done by the accounts payable department, who reports to the controller. The LEGAL obligation to pay arises when the goods are received. · Actual payment of the invoices - requires info from purchasing to validate the purchase order and receiving for a receiving report that indicates the goods were received. Payment is done by the cashier who reports to the treasurer. Ø Cashier receives a voucher package, which consists of the vendor invoice and supporting documentation such as PO and receiving report. This voucher package authorizes issuance of a check or EFT to the supplier. Ø Use proper segregation of duties. The accounts payable authorizes the payment and the treasurer or cashier signs and mails the check.
o Cash Collection:
possible approaches to collecting cash - 1. Turnaround documents forwarded to A/R. (remittance advices) 2. Lockbox arrangements. (customers remit payments to a bank PO box) (prevents theft by company employees) 3. Electronic lockboxes (bank receives and scans the checks, then immediately sends an electronic notification to the company) 4. Electronic Funds Transfer and Bill Payments (eliminates mailing delays) 5. Financial Electronic Data Interchange (FEDI) 6. Accept credit cards or procurement cards from customers. Speeds collection because credit card issuer usually transfers funds within 2 days. Ø A good segregation of duties is having remittance data sent to accounts receivable while cash and checks are sent to the cashier (cashier reports to the treasurer) Ø Good to have bank recs done by an independent party. Ø Websites should use SSL for secure customer communications
o Receiving and storing the items:
receiving department accepts deliveries from suppliers. They report to the warehouse manager who reports to the VP of Manufacturing. Receipt of goods must be communicated to the inventory controls function to update inventory records. · Receiving department must decide whether to accept the delivery (need a valid purchase order) and verify the quantity and quality of delivered goods. · Receiving report - primary document used in this process. It documents the date goods were received, the shipper, supplier and PO number related to the delivery. It shows an item number, description, unit of measure and quantity for each item. Ø Inventory control works in the warehouse department. They should count the items transferred from receiving department. (because receiving may not get told that quantity ordered as a control).
Kiting
the fraudulent use of a financial instrument to obtain additional credit that is not authorized.
All components/parts that make up the Enterprise Risk Management (ERM) along with what is evaluated and developed within each component
· An enhanced corporate governance framework. · Expands on elements of COSO · Provides a focus on the broader subject of enterprise risk management.
3. Event Identification
· By their nature, events represent uncertainty · Management must do its best to anticipate all possible events—positive or negative—that might affect the company: § Try to determine which are most and least likely. § Understand the interrelationships of events. · COSO identified many internal and external factors that could influence events and affect a company's ability to implement strategy and achieve objectives.
4. Risk Assessment and Risk Response
· Companies should: 1. Assess inherent risk- The risk that exists before management takes any steps to control the likelihood or impact of a risk. 2. Develop a response 3. Then assess residual risk · The ERM model indicates four ways to respond to risk: 1. Reduce it 2. Accept it 3. Share it 4. Avoid it
HRM and payroll cycle
· Human capital management is the process of managing how people are hired, developed, assigned, motivated, retained and fired. Costs include compensation, benefits. HR represented on average 43% of a corporations total operating expenses. · Selecting employees may be initiated by supervisors to satisfy their immediate hiring needs, or the system may automatically start the selection - these systems are tied to production needs. · Only HRM department should be able to make changes to the payroll master file and should NOT directly participate in payroll processing or distribution (this prevents the creation of ghost employees and fraudulent checks) · The HRM Payroll/Master File typically contains only descriptive information, such as which employees possess which skills and who has attended various training programs. Although such information enables managers to make staffing-related decisions, it does not help leverage the specific knowledge and expertise possessed by their employees. To more effectively use employees' knowledge and skills, many organizations have invested in knowledge management systems, which can significantly improve productivity · To prevent inaccurate time data, implement field checks for employee number and hours worked, limit checks on hours worked and validity checks on employee numbers · People who process payroll should not have access to payroll master file. Supervisors should approve all changes. · Payroll Clearing Account: a general ledger account used in a 2-step process. 1. Payroll control account is debited for amount of gross pay, cash is credited for net pay and various liabilities are credited for withholdings 2. Cost accounting process distributes labor cots to various expense categories and credits payroll control account for sum of the allocations. The result should be a 0 balance in the control account. · Payroll service bureaus and PEO's (professional employer organizations) can help provide security for data. VPNs should be used to exchange data service bureaus or PEOs o Many companies outsource payroll and HRM to the payroll service bureaus and PEO's. PEO's are generally more expensive.
7. Monitoring
· Key methods of monitoring performance include: 1. Perform ERM evaluation 2. Implement effective supervision 3. Use responsibility accounting § Includes use of: § Budgets, quotas, schedules, standard costs, and quality standards; § Performance reports that compare actual with planned performance and highlight variances; and § for investigating significant variances and taking timely actions to correct adverse conditions. 4. Monitor system activities 5. Track purchased software § The Business Software Alliance (BSA) aggressively tracks down and fines companies who violate software license agreements. § To comply with copyrights, companies should periodically conduct software audits to ensure that. § There are enough licenses for all users; and § The company is not paying for more licenses than needed. 6. Conduct periodic audits 7. Employ a computer security officer, a Chief Compliance Officer, and security consultants § The computer security officer (CSO) is in charge of AIS security o Should be independent of the IS function o Should report to the COO or CEO 8. Install fraud detection software 9. Implement a fraud hotline
New rules for audit committees
· Members must be on the company's board of directors and must otherwise be independent of the company. · One member must be a financial expert. · The committee hires, compensates, and oversees the auditors, and the auditors report directly to the committee.
Fraud triangle:
· Pressure: a person's incentive or motivation for committing fraud. o Financial- debt, luxury requirements, tax avoidance, bad investments o Emotional- ego, dissatisfaction, fear, power hungry o Lifestyle- gambling, addiction, peer pressure · Rationalization: allows perpetrators to justify their illegal behavior. o The only way a fraudster can commit their frauds and maintain their self image as principled individuals is to create rationalizations that recast their actions as "morally acceptable" behaviors. · Opportunity: the condition or situation, including one's personal abilities, that allows a perpetrator to do three things: o Commit the fraud o Conceal the fraud o Convert the theft or misrepresentation to personal gain
6. Information and Communication
· The primary purpose of the AIS is to gather, record, process, store, summarize, and communicate information about an organization. · So accountants must understand how: § Transactions are initiated § Data are captured in or converted to machine-readable form § Computer files are accessed and updated § Data are processed § Information is reported to internal and external parties
Audit committee members and responsibilities
· They must report specific information to the company's audit committee, such as: o Critical accounting policies and practices o Alternative GAAP treatments o Auditor-management disagreements · Audit partners must be rotated periodically. · Auditors cannot perform certain non-audit services, such as: o Bookkeeping o Information systems design and implementation o Internal audit outsourcing services o Management functions o Human resource services
2. Objective Setting
· Top management, with board approval, must articulate why the company exists and what it hopes to achieve. § Often referred to as the corporate vision or mission. · Uses the mission statement as a base from which to set corporate objectives. · The objectives: § Need to be easy to understand and measure. § Should be prioritized. § Should be aligned with the company's risk appetite. · Objective-setting process proceeds as follows: § First, set strategic objectives, the high-level goals that support the company's mission and create value for shareholders. § To meet these objectives, identify alternative ways of accomplishing them. § For each alternative, identify and assess risks and implications. § Formulate a corporate strategy. § Then set operations, compliance, and reporting objectives.
SAS-99 requires auditors to:
· Understand fraud · Discuss the risks of material fraudulent misstatements · Obtain information · Identify, assess, and respond to risks · Evaluate the results of their audit tests · Communicate findings · Document their audit work · Incorporate a technology focus