Audit Program Design
The audit will be performed within the guidelines of generally accepted accounting principles as prescribed by the Government of the united States. The audit will satisfy the requirements of the Serbians-Solely Act (Sox) Section 404 and will be conducted in accordance with the united States Public Company Accounting Oversight Board (PEPCO). The ultimate objective of the audit is to render a report on the presentation of the financial that provides reasonable assurance that they are free of material misstatements.
In addition IOWA hopes to identify any significant risks, Including fraud or other adverse circumstances with a IEEE to assess It Internal controls, Description of the Relationship between Internal controls and the Audit Process An Internal control system consists of policies and procedures designed to provide management with reasonable assurance that the company achieves its objectives. These policies and procedures are often called controls and comprise the entity’s internal control (Arenas, 2006, P. 70). As mandated by SOX, management is responsible for the generation of an entity’s Internal controls as well as preparing and maintaining the Flanagan statements. In addition, management must also “Identify the framework used to evaluate the effectiveness of those internal controls” (Arenas, 2006, P. 271 Good internal controls will provide a high level of assurance that the financial are prepared fairly; however, this does not, nor should not, imply that they are error free.
Conversely, auditors are responsible for reviewing an entity’s established controls to validate that the financial statements are accurately and fairly stated. Auditors use the results of the evaluation to ascertain control risks. Auditors must gain knowledge of an entitles Internal controls NY risks inherent within the controls under audit. In the course of attempting to gain an understanding of internal control and assessing control risk, the auditor’s primary objectives involve transaction-based audit objectives (Arenas, 2006, P. 73). These transaction-related audit objectives are in contrast with controls which may adversely affect the efficiency of operations. This is a primary concern of management and not necessarily that of the auditor. Although these are not of primary importance to the auditor, a review of these controls and the information hey reveal should not be taken for granted. Significant Regulations and Guidelines Related to Audits of Internal Control There are primarily three significant regulations related to audits of internal control.
They are: * Committee of Sponsoring Organizations (COOS) of the Tramway Commission, a private organization that offers organizations a framework to assess their control systems. * Serbians-Solely Act Section 404 (SOX 404) necessitates both the management and the external auditor to report on the sufficiency of the internal control. * Statement on Auditing Standard ASS) requires auditors to evaluate control deficiencies and communicate in writing the significant deficiencies and material weaknesses to management.
According to the COOS Framework, the responsibility for internal control belongs to everyone in an organization. This includes company employees, management, and the board of directors. Employees generate data or contribute information for the internal control system. Hence, they are responsible for communicating operational issues, unconformable with the code of conduct, violations of corporate policies or illegal activities. COOS defines internal control with five components. These include the control environment, risk assessment, information and communication, control activities, and monitoring.
SOX 404 refer to the management assessment of internal control. The external auditor defines what aspects of the operations he or she feels are material and to what degree. This will be based on multiple criteria, including the auditor’s own control objectives. Some identified systems will be deemed critical whereas others are deemed supporting. Under the guidance of the external auditor, the company’s internal auditor defines the scope of the effort. This effort encompasses three aspects: the business perspective, its importance, and the acceptable level of risk.
ASS number 115 has altered the definitions of significant deficiency and material weakness in internal control to align them with the Public Companies Accounting Oversight Board (PEPCO). A material weakness occurs when there is a reasonable possibility that a material misstatement in the financial statements will not be prevented, or detected, and corrected on a timely basis. A significant deficiency is less severe than a material weakness, yet important enough o merit attention by those charged with governance (Pleaser, p. L).
A Brief Synopsis of Responsibility in Detecting and Reporting Fraud The treasurer of Apollo Shoes, Ms. Sustain, inquired if Anderson, Olds, and Watershed (IOWA) will plan enough in-depth auditing to provide assurances about errors and frauds in the accounts (Lowers, et. Al. , 2007, p. 9). As previously stated by Ms. Ward a manager at IOWA, there are guidelines an auditor must follow in detecting and reporting fraud. Sow’s responsibility is to obtain reasonable but not absolute assurance that material misstatements are detected.
These misstatements may stem from errors or fraud pertaining to the professional and unbiased attitude all IOWA auditors must maintain as they investigate, analyze, and identify possible fraud risks in Apollo Shoes. Information will be collected through communications by the audit team, analytical procedures, analyzing the company’s risk factors, and inquiries of management, employees, and other associates. This information will allow IOWA to “identify risks of material misstatements due to fraud” (Arenas, et. Al. , 2006, p. 320) Professional standards require that identified risks be documented.
The following matters will be documented accordingly: * The discussion among engagement team personnel in planning the audit about the susceptibility of the entity’s financial statements to material fraud. * Procedures performed to obtain information necessary to identify and assess the risks of material fraud. * Specific risks of material fraud identified, and a description of the auditor’s response to those risks. * Reasons supporting a conclusion that there is not a significant risk of material improper revenue recognition. Results of procedures performed to address the risk of management override of controls. * Other conditions and analytical relationships indicating that additional auditing procedures or other responses were required, and the actions taken by the auditor. * The nature of communications about fraud made to management, the audit committee, or others (Arenas, et. Al. , 2006, p. 322). After the documentation, IOWA will reevaluate Apollo Shoes internal controls to minimize the fraud. The preferred way of minimizing fraud is preventing and deterring fraud because it is more cost effective to stop fraud before it happens.
There are guidelines he CPA has established to assist management with antiradar programs. Internal Control Risks Identified Within Apollo As mentioned earlier, adequate internal controls are instrumental in helping organizations to protect business operations and prevent management and employees from committing theft and fraud. Serbians-Solely Act of 2002 (SOX), holds public organizations to a higher scrutiny with regard to internal controls . SOX set the standards for all U. S. Public company boards, management, and public accounting firms. There are three types of internal control risks.
They are compliance risks, fraud asks, and control risks. Compliance risks involve the organization violating local and federal laws and policies. Fraud risks involve the separation of employees and their duties. Control risks involve the failure to monitor employees to ensure that they are complying with the regulations and the company’s policies and procedures. It is virtually impossible to totally avoid risks. Risks hinder the organization from fulfilling its goals and objectives. Internal controls limit the opportunity for risks to occur.
Senior management must carefully assess the risks of the organization, when outing internal control in place. The areas where the highest risks would occur should be identified to create strong preventative and detective controls. Several internal control risks are identified within Apollo Shoes. There are related- party transactions, which are prohibited. Mr.. Lancaster is advanced $1,000,000 to cover legal expenses and loans are made available to executives and the board of directors. SOX have strict rules against giving loans to executives and directors.
Another party related transaction that may pose a threat is paying director, Josephine commented and the auditing team’s findings will be communicated to Apollo management in writing at the end of the audit. Our fees have no relationship to the outcome of the audit. Instead they will be based on the agreed upon rates before the audit commencement. The fees are for this engagement is $750,000. It is important that Apollo acknowledge that this amount may be subject to change. A new estimate and your approval will be required in the event that additional work is necessary to complete the audit.
This engagement represents the contract for the audit and includes the pertinent terms that will govern the audit engagement. These terms override any prior written communication or contrary agreements between both parties. A written amendment signed by both parties is required to alter the terms of this contract. Any additional services not covered in this letter will require a new letter to be drafted. If you fully agree to the terms of this contract after careful consideration and full diligence, please sign the letter in the space provided below and return the original letter to the included address and retain a copy for your records.
I thank you in advance for you attention to this matter and look forward to doing business with you.