© Copyright 2012 Pearson Education. All Rights Reserved. Chapter 10 Fraud & Internal Control ACCOUNTING INFORMATION SYSTEMS The Crossroads of Accounting.

Slides:



Advertisements
Similar presentations
Bodnar/Hopwood AIS 7th Ed1 Chapter 5 u TRANSACTION PROCESSING AND INTERNAL CONTROL PROCESS.
Advertisements

Sarbanes-Oxley Act of 2002 UAA – ACCT 316 – Fall 2003 Accounting Information Systems Dr. Fred Barbee.
Chapter 10 Accounting Information Systems and Internal Controls
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Control and Accounting Information Systems
Control and Accounting Information Systems
Welcome! Internal Auditing CHAPTER 1. Definition Internal auditing is an independent, objective, assurance and consulting activity designed to add value.
8 - 1 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder Audit Planning and Analytical Procedures Chapter 8.
Auditing Computer-Based Information Systems
Sarbanes-Oxley Act. 2 What Is It? Act passed by Congress in response to the recent and continuing corporate scandals. Signed into law July 30, Established.
Audit Planning and Analytical Procedures Chapter 8.
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
6-1 McGraw-Hill/Irwin ©2002 by The McGraw-Hill Companies, Inc. All rights reserved. Chapter 6 Internal Control Evaluation: Assessing Control Risk.
Auditing A Risk-Based Approach To Conducting A Quality Audit
18- 1 © 2006 The McGraw-Hill Companies, Inc., All Rights Reserved. Chapter 18 Integrated Audits of Internal Control (For Public Companies Under Sarbanes-Oxley.
Chapter 4 IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESSES.
Auditing II Unit 1 : Audit Procedures Unit 2: Audit of Limited Companies Unit 3: Audit of Government Companies.
Learning Objectives LO1 Distinguish between management and auditor’s responsibilities regarding an auditee organization’s internal controls. LO2 Explain.
Information Systems Controls for System Reliability -Information Security-
1 Rittenberg/Schwieger/Johnstone Auditing: A Business Risk Approach Sixth Edition Chapter 7 Performing an Integrated Audit Copyright © 2008 Thomson South-Western,
Auditing Internal Control over Financial Reporting
Chapter 3 Internal Controls.
Presented to President’s Cabinet. INTERNAL CONTROLS are the integration of the activities, plans, attitudes, policies and efforts of the people of an.
Auditing Internal Control over Financial Reporting
Chapter 07 Internal Control McGraw-Hill/IrwinCopyright © 2014 by The McGraw-Hill Companies, Inc. All rights reserved.
INTERNAL CONTROL OVER FINANCIAL REPORTING
Implementation Issues of Sarbanes-Oxley CASE Presentation September 23, 2004 By Denise Farnan.
Chapter 5 Internal Control over Financial Reporting
Internal Control in a Financial Statement Audit
Chapter 7 Auditing Internal Control over Financial Reporting McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved.
©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley Audit Planning and Analytical Procedures Chapter 8.
Summary of the Investor Protection, Auditor Reform, and Transparency Act of 2002 (Sarbanes-Oxley Act)
1 Today’s Presentation Sarbanes Oxley and Financial Reporting An NSTAR Perspective.
Spiceland | Thomas | Herrmann Financial Accounting Copyright © 2014 McGraw-Hill Education. All rights reserved. No reproduction or distribution without.
©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley Audit Planning and Analytical Procedures Chapter 8.
Chapter 8 Audit Planning 1.
Chapter 3 Audit Planning, Types of Audit Tests, and Materiality McGraw-Hill/IrwinCopyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.
©2008 Prentice Hall Business Publishing, Auditing 12/e, Arens/Beasley/Elder Audit Planning and Analytical Procedures Chapter 8.
Chapter 7 Auditing Internal Control over Financial Reporting McGraw-Hill/IrwinCopyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.
Fundamentals I: Accounting Information Systems McGraw-Hill/Irwin Copyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.
Chapter 6 Internal Control in a Financial Statement Audit Copyright © 2014 McGraw-Hill Education. All rights reserved. No reproduction or distribution.
1 Sarbanes-Oxley Overview. 2 Sarbanes-Oxley Act Summary The Sarbanes-Oxley Act of 2002 §201Prohibited Non-Audit Services §202Audit Committee Pre-Approval.
[Hayes, Dassen, Schilder and Wallage, Principles of Auditing An Introduction to ISAs, edition 2.1] © Pearson Education Limited 2007 Slide 7.1 Internal.
Casualty Loss Reserve Seminar General Session II September 9, 2003 Section 302/404 of Sarbanes-Oxley Act What Actuaries Need to Know Jan A. Lommele, FCAS,
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin 6-1 Chapter Six Internal Control in a Financial Statement Audit.
Chapter 9: Introduction to Internal Control Systems
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin 7-1 Chapter Seven Auditing Internal Control over Financial Reporting.
Chapter 41 Corporations: Securities and Investor Protection McGraw-Hill/Irwin Copyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.
Spiceland | Thomas | Herrmann Financial Accounting Copyright © 2014 McGraw-Hill Education. All rights reserved. No reproduction or distribution without.
IS 630 : Accounting Information Systems Auditing Computer-based Information Systems Lecture 10.
McGraw-Hill/Irwin © The McGraw-Hill Companies 2010 Auditing Internal Control over Financial Reporting Chapter Seven.
 2013 Pearson Education, Inc. Publishing as Prentice Hall, AIS, 11/e, by Bodnar/Hopwood Chapter 4 4 – 1 Transaction Processing and the Internal Control.
Copyright © Cengage Learning. All rights reserved Why Accounting Information Is Important Recent accounting problems for corporations and their auditors.
Chapter 3-Auditing Computer-based Information Systems.
18-1 Copyright © 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Lecture 5 Control and AIS Copyright © 2012 Pearson Education 7-1.
McGraw-Hill/Irwin © The McGraw-Hill Companies 2010 Internal Control in a Financial Statement Audit Chapter Six.
Chapter 6 Internal Control in a Financial Statement Audit McGraw-Hill/IrwinCopyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.
©2005 Prentice Hall Business Publishing, Auditing and Assurance Services 10/e, Arens/Elder/Beasley Audit Planning and Analytical Procedures Chapter.
Risk Management Dr. Clive Vlieland-Boddy. Managements Responsibilities Strategy – Hopefully sustainable! Control – Hopefully maximising profits! Risk.
©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley Audit Planning and Analytical Procedures Chapter 8.
Audit Planning and Analytical Procedures
Chapter 9 Control, security and audit
Internal control objectives
Defining Internal Control
Fraud & Internal Control
Fraud & Internal Control
Fraud & Internal Control
An overview of Internal Controls Structure & Mechanism
Presentation transcript:

© Copyright 2012 Pearson Education. All Rights Reserved. Chapter 10 Fraud & Internal Control ACCOUNTING INFORMATION SYSTEMS The Crossroads of Accounting & IT

Why Does Fraud Occur? Top two reasons given for why executive fraud occurs: 1. Pressure to meet goals: 81% 2. Personal gain: 72% © Copyright 2012 Pearson Education. All Rights Reserved.

Fraud: What Will I Tell my MOM? © Copyright 2012 Pearson Education. All Rights Reserved.

Sarbanes-Oxley Act of 2002 Section 404. Management Assessment of Internal Controls. The public accounting firm that audits the financial statements of the company must issue an attestation report regarding the effectiveness of the company’s internal control. Section 302. Corporate Responsibility for Financial Reports. Section 302 requires the chief executive officer and chief financial officer to certify in each annual or quarterly report that the signing officer reviewed the report and that the report does not contain any untrue or omission of material fact that make the statements misleading. © Copyright 2012 Pearson Education. All Rights Reserved.

Sarbanes-Oxley Act of 2002 Section 806. Protection for Employees of Publicly Traded Companies Who Provide Evidence of Fraud. Known as Whistleblower Protection for Employees of Publicly Traded Companies. Section 806 provides for protection against retaliation for employees, such as company accountants, who provide information in fraud cases of publicly traded companies. Section 906. Corporate Responsibility for Financial Reports. Section 906 requires corporate management to certify reports filed with the SEC, such as the annual 10-K and quarterly 10-Q. Provides for criminal penalties of up to $5 million or 20 years imprisonment. © Copyright 2012 Pearson Education. All Rights Reserved.

Audit & Internal Control Types of Audits: Audit of internal control: tests of controls to obtain evidence that internal control over financial reporting has operated effectively. Audit of financial statements: tests of controls to assess control risk. Substantive procedures collect evidence regarding accuracy, completeness, and validity of data produced by the accounting system. IT audit: tests of IT to understand how IT affects internal control over financial reporting. PCAOB expects auditors to understand how IT affects the audit and integrate IT into the audit. Integrated audit: required by Auditing Standard No. 5, integrates the audit of internal control with the audit of financial statements. © Copyright 2012 Pearson Education. All Rights Reserved.

Controls Over Financial Reporting Preventive controls: The objective of preventive controls is to prevent errors or fraud that could result in a misstatement of the financial statements. Detective controls: The objective of detective controls is to detect errors or fraud that has occurred and that could result in a misstatement of the financial statements. Corrective controls: The objective of corrective controls is to remedy problems that have occurred by identifying the cause, correcting the resulting errors and modifying the system to prevent future problems of this sort. © Copyright 2012 Pearson Education. All Rights Reserved.

Effective System of Internal Controls An effective system of internal controls should exist in all organizations to: Help them achieve their missions and goals. Minimize surprises. © Copyright 2012 Pearson Education. All Rights Reserved.

COBIT Control Objectives for Information & Related Technology © Copyright 2012 Pearson Education. All Rights Reserved.

Enterprise Goals Drive IT Goals COBIT IT Related Goals Alignment of IT and business strategy Compliance with external laws and regulations Managed IT related business risk Realized benefits from IT investments, while being transparent about those investments and related risks IT services are in-line with business requirements, and enable and support the business processes through the use of IT IT investments deliver benefits on-time and on-budget IT assets, processing and information are secure Reliable and useful information for decision-making is available where and when needed © Copyright 2012 Pearson Education. All Rights Reserved.

IT Controls © Copyright 2012 Pearson Education. All Rights Reserved.

Purchasing Cycle: Application Control Objectives © Copyright 2012 Pearson Education. All Rights Reserved.

Sales Cycle: Application Control Objectives © Copyright 2012 Pearson Education. All Rights Reserved.

Payroll Cycle: Application Control Objectives © Copyright 2012 Pearson Education. All Rights Reserved.

Banking/Cash: Application Control Objectives © Copyright 2012 Pearson Education. All Rights Reserved.

Financial Cycle: Application Control Objectives © Copyright 2012 Pearson Education. All Rights Reserved.

Reporting Control Objectives © Copyright 2012 Pearson Education. All Rights Reserved.

Managing the Risk of Fraud Five principles for establishing an environment to effectively manage fraud risk: Principle 1: Fraud Risk Governance. There should be a written policy to convey the expectation of the board of directors and top management regarding managing fraud risk. Principle 2: Fraud Risk Assessment. Fraud risk exposure should be assessed periodically to identify potential events the organization should mitigate. Principle 3: Fraud Prevention. Prevention techniques should be established to avoid fraud risk events and mitigate impact on the organization. Principle 4: Fraud Detection. Detection techniques should be established to uncover fraud events when preventive measures fail or unmitigated risks are realized. Principle 5: Fraud Investigation and Corrective Action. A reporting process should be in place to solicit input on potential fraud. Take corrective action including identify the cause, correct the resulting errors and modify the system to prevent future similar problems. © Copyright 2012 Pearson Education. All Rights Reserved.

How Do I Document Control HotSpots? 1.Build a DFD. 2.Identify risks. 3.Document controls. 4.Document control HotSpots. © Copyright 2012 Pearson Education. All Rights Reserved.

Step 1: Build DFD © Copyright 2012 Pearson Education. All Rights Reserved.

Documenting Process Risks 1.Customer Identify- Customer is not authenticated prior to logging-in 2.Items Ordered- Incorrect or incomplete item number is entered Items ordered are out-of-stock or no longer available for purchase 3.Customer Credit- Orders are processed for customers who are not credit-worthy 4.Order Information- Sales order and sales order line totals don’t reconcile Customer returns item(s) for a refund © Copyright 2012 Pearson Education. All Rights Reserved.

Step 2: Document Controls © Copyright 2012 Pearson Education. All Rights Reserved.

Step 2: Document Controls © Copyright 2012 Pearson Education. All Rights Reserved.

Step 3: Document Control HotSpots © Copyright 2012 Pearson Education. All Rights Reserved.