NO FRAUD LEFT BEHIND The Effect of New Risk Assessment Auditing Standards on Schools Runyon Kersteen Ouellette.

Slides:



Advertisements
Similar presentations
Internal Control and Control Risk
Advertisements

Presented by YOUR NAME THE DATE
G L O B A L S E R V I C E / I N D U S T R Y A U D I T / T A X / A D V I S O R Y / L I N E O F B U S I N E S S SAS 112 Presentation California State University.
Internal Control.
Internal Control Chapter 7 covers two distinct, but related topics:
Learning Objectives LO1 Describe the current audit environment, including developments in regulatory oversight and provincial regulation of public accountants.
Review of Introduction to Auditing
INTERNAL CONTROL. INTERNAL CONTROL DEFINED  INTERNAL CONTROL IS A PROCESS - EFFECTED BY AN ENTITY'S BOARD OF DIRECTORS, MANAGEMENT, AND OTHER PERSONNEL.
Standar Pekerjaan Lapangan: Pemahaman Memadai atas Pengendalian Intern Pertemuan 5.
SAS 112 Update Chapter 9 Presented by Chris Ray, Partner KPMG LLP KPMG LLP.
6-1 McGraw-Hill/Irwin ©2002 by The McGraw-Hill Companies, Inc. All rights reserved. Chapter 6 Internal Control Evaluation: Assessing Control Risk.
Auditing A Risk-Based Approach To Conducting A Quality Audit
18- 1 © 2006 The McGraw-Hill Companies, Inc., All Rights Reserved. Chapter 18 Integrated Audits of Internal Control (For Public Companies Under Sarbanes-Oxley.
Internal Control in a Financial Statement Audit
CHAPTER 2 FINANCIAL STATEMENT AUDITS AND AUDITORS’ RESPONSIBILITIES Fall 2007 u G enerally Accepted Auditing Standards u Assurance Provided by an Audit.
Section 404 Audits of Internal Control and Control Risk
Nature of an Integrated Audit
Sarbanes-Oxley Project Summary of COSO Framework Presented by Larry Dillehay & Scott Reitan Parkfield Group LLC.
Statement on Auditing Standards (SAS) 112 Communicating Internal Control Related Matters Identified in an Audit.
Learning Objectives LO1 Describe the association framework. LO2 Determine whether a PA is associated with financial statements. LO3 Describe the three.
Elements of Internal Controls Preventing Fraud, Waste, and Abuse in Urban and Rural Transit Systems.
Auditing Internal Control over Financial Reporting
An Accountant’s Look at the Changing Horizons within SOX 404 Presented to Colorado Bar Association’s Securities Law Group Presented by Bill Evert Hein.
Planning an Audit The Audit Process consists of the following phases:
Auditing Internal Control over Financial Reporting
AICPA SAS 112 on Internal Controls: Implications and Impacts on State Agencies and Auditors Presented by Frank Crawford, CPA Crawford & Associates, P.C.
New Auditing Standards Laurie Ball, CPA Swenson Advisors, LLP (Murrieta) Audit Director Accounting Day May 12, 2008.
Chapter 07 Internal Control McGraw-Hill/IrwinCopyright © 2014 by The McGraw-Hill Companies, Inc. All rights reserved.
Connecting Great Ideas and Great People Finance and Business Operations Symposium Gelman, Rosenberg & Freedman, CPAs Ms. Terri McKnight, CPA, Director.
INTERNAL CONTROL OVER FINANCIAL REPORTING
Chapter 5 Internal Control over Financial Reporting
Considering Internal Control
Internal Control in a Financial Statement Audit
Chapter 7 Auditing Internal Control over Financial Reporting McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved.
Internal Control in a Financial Statement Audit
9 - 1 ©2003 Prentice Hall Business Publishing, Essentials of Auditing 1/e, Arens/Elder/Beasley Internal Control and Control Risk Chapter 9.
SAS Update GFOA Western Pa – January 2008 Presented by Rob Lent, CPA, CGFM.
©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley Internal Control and Control Risk Chapter 10.
Evaluation of Internal Control System
Evaluation of Internal Control System. Learning Objective 1 Contrast management’s need for internal control with the auditor’s need to consider internal.
Chapter 7 Auditing Internal Control over Financial Reporting McGraw-Hill/IrwinCopyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.
[Hayes, Dassen, Schilder and Wallage, Principles of Auditing An Introduction to ISAs, edition 2.1] © Pearson Education Limited 2007 Slide 7.1 Internal.
McGraw-Hill/Irwin © 2003 The McGraw-Hill Companies, Inc., All Rights Reserved. 6-1 Chapter 6 CHAPTER 6 INTERNAL CONTROL IN A FINANCIAL STATEMENT AUDIT.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin 6-1 Chapter Six Internal Control in a Financial Statement Audit.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin 7-1 Chapter Seven Auditing Internal Control over Financial Reporting.
A Guide for Management. Overview Benefits of entity-level controls Nature of entity-level controls Types of entity-level controls, control objectives,
McGraw-Hill/Irwin © The McGraw-Hill Companies 2010 Auditing Internal Control over Financial Reporting Chapter Seven.
OVERVIEW THE AUDIT PROCESS Overview of the Audit Process.
Internal Control Chapter 7. McGraw-Hill/Irwin © 2006 The McGraw-Hill Companies, Inc., All Rights Reserved. 7-2 Summary of Internal Control Definition.
©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley Section 404 Audits of Internal Control and Control Risk Chapter.
Copyright © 2007 Pearson Education Canada 9-1 Chapter 9: Internal Controls and Control Risk.
1 Overview of PCAOB Auditing Standard No. 5 An Audit of Internal Control Over Financial Reporting that is Integrated with an Audit of Financial Statements.
18-1 Copyright © 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
©©2012 Pearson Education, Auditing 14/e, Arens/Elder/Beasley Considering Internal Control Chapter 10.
Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall. Chapter
McGraw-Hill/Irwin © The McGraw-Hill Companies 2010 Internal Control in a Financial Statement Audit Chapter Six.
AUDIT STAFF TRAINING WORKSHOP 13 TH – 14 TH NOVEMBER 2014, HILTON HOTEL NAIROBI AUDIT PLANNING 1.
Internal Control. McGraw-Hill/Irwin © 2004 The McGraw-Hill Companies, Inc., All Rights Reserved. 7-2 Summary of Internal Control Definition A process...designed.
Chapter 6 Internal Control in a Financial Statement Audit McGraw-Hill/IrwinCopyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.
 Planning an audit of cost statements, records and other related documents is considered necessary to ensure achievement of audit objectives with available.
©2005 Prentice Hall Business Publishing, Auditing and Assurance Services 10/e, Arens/Elder/Beasley Internal Control and Control Risk Chapter 10.
Internal Control Chapter 7. McGraw-Hill/Irwin © 2008 The McGraw-Hill Companies, Inc., All Rights Reserved. 7-2 Summary of Internal Control Definition.
Illinois Office of the Comptroller Financial Training Workshop 2016.
Section 404 Audits of Internal Control and Control Risk
Internal Control Evaluation: Assessing Control Risk
Question 4-1 Which of the following statements concerning noncompliance by clients is correct?    A.  An auditor's responsibility to detect noncompliance.
Chapter Two The CPA Profession
Internal Control in a Financial Statement Audit
Internal Control Internal control is the process designed and affected by owners, management, and other personnel. It is implemented to address business.
Presentation transcript:

NO FRAUD LEFT BEHIND The Effect of New Risk Assessment Auditing Standards on Schools Runyon Kersteen Ouellette

Risk Assessment Standards Statements on Auditing Standards Statements on Auditing Standards SAS 104 – 111 (risk assessment) SAS 104 – 111 (risk assessment) Other recently issued standards Other recently issued standards SAS 112 – 115 SAS 112 – 115 How will these new audit standards affect school audits? How will these new audit standards affect school audits?

SAS 104 Due professional care in the performance of work Due professional care in the performance of work Clarified the definition of reasonable assurance Clarified the definition of reasonable assurance Emphasized that reasonable assurance is a high level of assurance, but not absolute assurance Emphasized that reasonable assurance is a high level of assurance, but not absolute assurance

SAS 105 Amendment to SAS 95, Generally Accepted Auditing Standards Amendment to SAS 95, Generally Accepted Auditing Standards Expands the scope of the understanding that the auditor is required to obtain from “internal control” to “the entity and its environment, including its internal control” Expands the scope of the understanding that the auditor is required to obtain from “internal control” to “the entity and its environment, including its internal control”

SAS 105 Emphasizes that the understanding is obtained to “assess the risk of material misstatement of the financial statements” Emphasizes that the understanding is obtained to “assess the risk of material misstatement of the financial statements” The understanding of the entity and its internal control is part of the audit evidence that supports the opinion The understanding of the entity and its internal control is part of the audit evidence that supports the opinion Used to be only part of the audit planning Used to be only part of the audit planning

SAS 106 Audit evidence Audit evidence Identifies “risk assessment procedures” as procedures performed to obtain an understanding of the entity in order to assess the risk of material misstatement Identifies “risk assessment procedures” as procedures performed to obtain an understanding of the entity in order to assess the risk of material misstatement

SAS 106 Evidence obtained from performing risk assessment procedures, including gaining an understanding of the entity and its environment, including its internal controls as well as tests of controls and substantive procedures is part of the evidence obtained to support the audit opinion (not just to plan the audit) Evidence obtained from performing risk assessment procedures, including gaining an understanding of the entity and its environment, including its internal controls as well as tests of controls and substantive procedures is part of the evidence obtained to support the audit opinion (not just to plan the audit)

SAS 106 Risk assessment procedures include: Risk assessment procedures include: Inquiries of management and others Inquiries of management and others Analytical procedures Analytical procedures Observation and inspection Observation and inspection Inquiry alone is no longer sufficient to evaluate controls and whether they have been implemented Inquiry alone is no longer sufficient to evaluate controls and whether they have been implemented

SAS 107 Audit risk and materiality in conducting an audit Audit risk and materiality in conducting an audit Auditors can no longer default to maximum risk (instead of testing controls) Auditors can no longer default to maximum risk (instead of testing controls) Materiality should take qualitative considerations into account as well as quantitative Materiality should take qualitative considerations into account as well as quantitative

SAS 108 Planning and supervision Planning and supervision New guidance on development of overall audit strategy and audit plan New guidance on development of overall audit strategy and audit plan Establish an understanding with the client Establish an understanding with the client What is management’s responsibility compared to the auditor’s responsibility What is management’s responsibility compared to the auditor’s responsibility

SAS 109 Understanding the entity and its environment and assessing the risks of material misstatements Understanding the entity and its environment and assessing the risks of material misstatements Understanding the entity: Understanding the entity: Industry, regulatory, and other external factors Industry, regulatory, and other external factors Nature of the entity Nature of the entity Objectives and strategies and the related risks Objectives and strategies and the related risks Measurement and review of financial performance Measurement and review of financial performance Internal control, which includes accounting policies Internal control, which includes accounting policies

SAS 109 Understanding of internal control Understanding of internal control Evaluating design of a control Evaluating design of a control Determining whether it has been implemented Determining whether it has been implemented Evaluating the design of control involves considering whether the control, individually or in combination with other controls, is capable of effectively preventing or detecting and correcting material misstatements Evaluating the design of control involves considering whether the control, individually or in combination with other controls, is capable of effectively preventing or detecting and correcting material misstatements

SAS 109 Components of internal control: Components of internal control: Control environment – tone of organization Control environment – tone of organization Risk assessment – identification and analysis of relevant risks Risk assessment – identification and analysis of relevant risks Information and communication systems – identification, capture and communication of information Information and communication systems – identification, capture and communication of information Control activities – policies and procedures Control activities – policies and procedures Monitoring – assessment of the quality of internal control performance Monitoring – assessment of the quality of internal control performance

Control Environment Primary responsibility for the prevention and detection of fraud and errors rests with those charged with governance and management Primary responsibility for the prevention and detection of fraud and errors rests with those charged with governance and management The absence or inadequacy of such programs and controls may constitute a significant deficiency or material weakness The absence or inadequacy of such programs and controls may constitute a significant deficiency or material weakness

Control Environment Communication and enforcement of integrity and ethical values Communication and enforcement of integrity and ethical values Commitment to competence Commitment to competence Participation of those charged with governance Participation of those charged with governance Management’s philosophy and operating style Management’s philosophy and operating style Organizational structure Organizational structure Assignment of authority and responsibility Assignment of authority and responsibility Human resource policies and practices Human resource policies and practices

Risk Assessment Risk assessment process for financial reporting purposes is its identification, analysis, and management of risks relevant to the preparation of financial statements that are presented fairly in conformity with GAAP Risk assessment process for financial reporting purposes is its identification, analysis, and management of risks relevant to the preparation of financial statements that are presented fairly in conformity with GAAP

Risk Assessment Risks relevant to financial reporting: Risks relevant to financial reporting: Changes in operating environment Changes in operating environment New personnel New personnel New or revamped information systems New or revamped information systems Rapid growth Rapid growth New accounting pronouncements New accounting pronouncements

Information and Communication Systems Information systems consist of procedures, whether automated or manual, and records established to initiate, authorize, record, process, and report entity transactions and to maintain accountability for the related assets, liabilities and equity Information systems consist of procedures, whether automated or manual, and records established to initiate, authorize, record, process, and report entity transactions and to maintain accountability for the related assets, liabilities and equity

Information and Communication Systems Communication involves providing an understanding of individual roles and responsibilities pertaining to internal control over financial reporting Communication involves providing an understanding of individual roles and responsibilities pertaining to internal control over financial reporting

Control Activities Authorization Authorization Segregation of duties Segregation of duties Safeguarding Safeguarding Asset accountability Asset accountability

Monitoring Management is responsible for establishing and maintaining internal controls on an ongoing basis Management is responsible for establishing and maintaining internal controls on an ongoing basis Monitoring controls includes determining whether internal controls are operating as intended and modifying as appropriate for changes in conditions Monitoring controls includes determining whether internal controls are operating as intended and modifying as appropriate for changes in conditions Monitoring is done to ensure that controls continue to operate effectively Monitoring is done to ensure that controls continue to operate effectively

SAS 110 Performing audit procedures in response to assessed risks and evaluating the audit evidence obtained Performing audit procedures in response to assessed risks and evaluating the audit evidence obtained Requires tests of controls to obtain audit evidence about their operating effectiveness when assessment of risks is based on the expectation that controls are operating effectively Requires tests of controls to obtain audit evidence about their operating effectiveness when assessment of risks is based on the expectation that controls are operating effectively

SAS 112 Communicating internal control related matters identified in an audit Communicating internal control related matters identified in an audit Defines the terms significant deficiency and material weakness (revised by SAS 115) Defines the terms significant deficiency and material weakness (revised by SAS 115) Provides guidance on the severity of control deficiencies Provides guidance on the severity of control deficiencies Requires communication in writing to management and those changed with governance Requires communication in writing to management and those changed with governance

Control Deficiency Exists when the design or operation of a control does not allow management or employees, in the normal course of performing their assigned functions, to prevent or detect misstatements on a timely basis Exists when the design or operation of a control does not allow management or employees, in the normal course of performing their assigned functions, to prevent or detect misstatements on a timely basis

Control Deficiency Deficiency in design exists when: Deficiency in design exists when: a control necessary to meet the control objective is missing or a control necessary to meet the control objective is missing or an existing control is not properly designed so that even if the control operates as designed, the control objective is not always met an existing control is not properly designed so that even if the control operates as designed, the control objective is not always met

Control Deficiency Deficiency in operation exists when: Deficiency in operation exists when: a properly designed control does not operate as designed or a properly designed control does not operate as designed or when the person performing the control does not possess the necessary authority or qualifications to perform the control effectively when the person performing the control does not possess the necessary authority or qualifications to perform the control effectively

SIGNIFICANT DEFICIENCY (SAS 112) A control deficiency, or combination of control deficiencies, that adversely affects the entity’s ability to initiate, authorize, record, process, or report financial data reliably in accordance with generally accepted accounting principles such that there is more than a remote likelihood that a misstatement of the entity’s financial statements that is more than inconsequential will not be prevented or detected A control deficiency, or combination of control deficiencies, that adversely affects the entity’s ability to initiate, authorize, record, process, or report financial data reliably in accordance with generally accepted accounting principles such that there is more than a remote likelihood that a misstatement of the entity’s financial statements that is more than inconsequential will not be prevented or detected

SIGNIFICANT DEFICIENCY (SAS 115) A deficiency, or a combination of deficiencies, in internal control that is less severe than a material weakness, yet important enough to merit attention by those charged with governance A deficiency, or a combination of deficiencies, in internal control that is less severe than a material weakness, yet important enough to merit attention by those charged with governance

Material Weakness (SAS 112) A significant deficiency, or a combination of significant deficiencies, that results in more than a remote likelihood that a material misstatement of the financial statements will not be prevented or detected A significant deficiency, or a combination of significant deficiencies, that results in more than a remote likelihood that a material misstatement of the financial statements will not be prevented or detected

Material Weakness (SAS 115) A deficiency, or combination of deficiencies, in internal control, such that there is a reasonable possibility that a material misstatement of the entity’s financial statements will not be prevented, or detected and corrected on a timely basis A deficiency, or combination of deficiencies, in internal control, such that there is a reasonable possibility that a material misstatement of the entity’s financial statements will not be prevented, or detected and corrected on a timely basis

Material Weakness (SAS 115) Identification of fraud, whether or not material, on the part of senior management Identification of fraud, whether or not material, on the part of senior management Restatement of previously issued financial statements to reflect the correction of a material misstatement due to error or fraud Restatement of previously issued financial statements to reflect the correction of a material misstatement due to error or fraud

Material Weakness (SAS 115) Identification by the auditor of a material misstatement of the financial statements under the audit in circumstances that indicate that the misstatement would not have been detected by the entity’s internal control Identification by the auditor of a material misstatement of the financial statements under the audit in circumstances that indicate that the misstatement would not have been detected by the entity’s internal control Ineffective oversight of the entity’s financial reporting and internal control by those charged with governance Ineffective oversight of the entity’s financial reporting and internal control by those charged with governance

SAS 114 Auditor’s communication with those charged with governance Auditor’s communication with those charged with governance Supersedes SAS 61 Supersedes SAS 61 Requires communication before and after the audit Requires communication before and after the audit

SAS 114 Planned scope and timing of audit Planned scope and timing of audit Assist those charged with governance in understanding the consequences of the auditor’s work Assist those charged with governance in understanding the consequences of the auditor’s work Discussing issues of risk and materiality Discussing issues of risk and materiality Identifying any areas that those charged with governance request the auditor to undertake additional procedures Identifying any areas that those charged with governance request the auditor to undertake additional procedures Assist auditor to understand the entity and its environment Assist auditor to understand the entity and its environment

SAS 114 Auditor’s responsibilities under GAAS Auditor’s responsibilities under GAAS Significant findings from audit Significant findings from audit Qualitative aspects of the entity’s significant accounting practices, including policies, estimates, and disclosures Qualitative aspects of the entity’s significant accounting practices, including policies, estimates, and disclosures Significant difficulties or disagreements Significant difficulties or disagreements Uncorrected misstatements, unless trivial Uncorrected misstatements, unless trivial Other findings or issues Other findings or issues

ANY QUESTIONS????

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.