Presentation is loading. Please wait.

Presentation is loading. Please wait.

© Copyright 2012 Pearson Education. All Rights Reserved. Chapter 10 Fraud & Internal Control ACCOUNTING INFORMATION SYSTEMS The Crossroads of Accounting.

Published byDaisy Cecilia Wilkerson Modified over 8 years ago

Similar presentations

Presentation on theme: "© Copyright 2012 Pearson Education. All Rights Reserved. Chapter 10 Fraud & Internal Control ACCOUNTING INFORMATION SYSTEMS The Crossroads of Accounting."— Presentation transcript:

1 © Copyright 2012 Pearson Education. All Rights Reserved. Chapter 10 Fraud & Internal Control ACCOUNTING INFORMATION SYSTEMS The Crossroads of Accounting & IT

2 Why Does Fraud Occur? Top two reasons given for why executive fraud occurs: 1. Pressure to meet goals: 81% 2. Personal gain: 72% © Copyright 2012 Pearson Education. All Rights Reserved.

3 Fraud: What Will I Tell my MOM? © Copyright 2012 Pearson Education. All Rights Reserved.

4 Sarbanes-Oxley Act of 2002 Section 404. Management Assessment of Internal Controls. The public accounting firm that audits the financial statements of the company must issue an attestation report regarding the effectiveness of the company’s internal control. Section 302. Corporate Responsibility for Financial Reports. Section 302 requires the chief executive officer and chief financial officer to certify in each annual or quarterly report that the signing officer reviewed the report and that the report does not contain any untrue or omission of material fact that make the statements misleading. © Copyright 2012 Pearson Education. All Rights Reserved.

5 Sarbanes-Oxley Act of 2002 Section 806. Protection for Employees of Publicly Traded Companies Who Provide Evidence of Fraud. Known as Whistleblower Protection for Employees of Publicly Traded Companies. Section 806 provides for protection against retaliation for employees, such as company accountants, who provide information in fraud cases of publicly traded companies. Section 906. Corporate Responsibility for Financial Reports. Section 906 requires corporate management to certify reports filed with the SEC, such as the annual 10-K and quarterly 10-Q. Provides for criminal penalties of up to $5 million or 20 years imprisonment. © Copyright 2012 Pearson Education. All Rights Reserved.

6 Audit & Internal Control Types of Audits: Audit of internal control: tests of controls to obtain evidence that internal control over financial reporting has operated effectively. Audit of financial statements: tests of controls to assess control risk. Substantive procedures collect evidence regarding accuracy, completeness, and validity of data produced by the accounting system. IT audit: tests of IT to understand how IT affects internal control over financial reporting. PCAOB expects auditors to understand how IT affects the audit and integrate IT into the audit. Integrated audit: required by Auditing Standard No. 5, integrates the audit of internal control with the audit of financial statements. © Copyright 2012 Pearson Education. All Rights Reserved.

7 Controls Over Financial Reporting Preventive controls: The objective of preventive controls is to prevent errors or fraud that could result in a misstatement of the financial statements. Detective controls: The objective of detective controls is to detect errors or fraud that has occurred and that could result in a misstatement of the financial statements. Corrective controls: The objective of corrective controls is to remedy problems that have occurred by identifying the cause, correcting the resulting errors and modifying the system to prevent future problems of this sort. © Copyright 2012 Pearson Education. All Rights Reserved.

8 Effective System of Internal Controls An effective system of internal controls should exist in all organizations to: Help them achieve their missions and goals. Minimize surprises. © Copyright 2012 Pearson Education. All Rights Reserved.

9 COBIT Control Objectives for Information & Related Technology © Copyright 2012 Pearson Education. All Rights Reserved.

10 Enterprise Goals Drive IT Goals COBIT IT Related Goals Alignment of IT and business strategy Compliance with external laws and regulations Managed IT related business risk Realized benefits from IT investments, while being transparent about those investments and related risks IT services are in-line with business requirements, and enable and support the business processes through the use of IT IT investments deliver benefits on-time and on-budget IT assets, processing and information are secure Reliable and useful information for decision-making is available where and when needed © Copyright 2012 Pearson Education. All Rights Reserved.

11

12 IT Controls © Copyright 2012 Pearson Education. All Rights Reserved.

13 Purchasing Cycle: Application Control Objectives © Copyright 2012 Pearson Education. All Rights Reserved.

14 Sales Cycle: Application Control Objectives © Copyright 2012 Pearson Education. All Rights Reserved.

15 Payroll Cycle: Application Control Objectives © Copyright 2012 Pearson Education. All Rights Reserved.

16 Banking/Cash: Application Control Objectives © Copyright 2012 Pearson Education. All Rights Reserved.

17 Financial Cycle: Application Control Objectives © Copyright 2012 Pearson Education. All Rights Reserved.

18 Reporting Control Objectives © Copyright 2012 Pearson Education. All Rights Reserved.

19 Managing the Risk of Fraud Five principles for establishing an environment to effectively manage fraud risk: Principle 1: Fraud Risk Governance. There should be a written policy to convey the expectation of the board of directors and top management regarding managing fraud risk. Principle 2: Fraud Risk Assessment. Fraud risk exposure should be assessed periodically to identify potential events the organization should mitigate. Principle 3: Fraud Prevention. Prevention techniques should be established to avoid fraud risk events and mitigate impact on the organization. Principle 4: Fraud Detection. Detection techniques should be established to uncover fraud events when preventive measures fail or unmitigated risks are realized. Principle 5: Fraud Investigation and Corrective Action. A reporting process should be in place to solicit input on potential fraud. Take corrective action including identify the cause, correct the resulting errors and modify the system to prevent future similar problems. © Copyright 2012 Pearson Education. All Rights Reserved.

20 How Do I Document Control HotSpots? 1.Build a DFD. 2.Identify risks. 3.Document controls. 4.Document control HotSpots. © Copyright 2012 Pearson Education. All Rights Reserved.

21 Step 1: Build DFD © Copyright 2012 Pearson Education. All Rights Reserved.

22 Documenting Process Risks 1.Customer Identify- Customer is not authenticated prior to logging-in 2.Items Ordered- Incorrect or incomplete item number is entered Items ordered are out-of-stock or no longer available for purchase 3.Customer Credit- Orders are processed for customers who are not credit-worthy 4.Order Information- Sales order and sales order line totals don’t reconcile Customer returns item(s) for a refund © Copyright 2012 Pearson Education. All Rights Reserved.

23 Step 2: Document Controls © Copyright 2012 Pearson Education. All Rights Reserved.

24 Step 2: Document Controls © Copyright 2012 Pearson Education. All Rights Reserved.

25 Step 3: Document Control HotSpots © Copyright 2012 Pearson Education. All Rights Reserved.

Download ppt "© Copyright 2012 Pearson Education. All Rights Reserved. Chapter 10 Fraud & Internal Control ACCOUNTING INFORMATION SYSTEMS The Crossroads of Accounting."

Similar presentations

Bodnar/Hopwood AIS 7th Ed1 Chapter 5 u TRANSACTION PROCESSING AND INTERNAL CONTROL PROCESS.

Bodnar/Hopwood AIS 7th Ed1 Chapter 5 u TRANSACTION PROCESSING AND INTERNAL CONTROL PROCESS.
Sarbanes-Oxley Act of 2002 UAA – ACCT 316 – Fall 2003 Accounting Information Systems Dr. Fred Barbee.

Sarbanes-Oxley Act of 2002 UAA – ACCT 316 – Fall 2003 Accounting Information Systems Dr. Fred Barbee.
Chapter 10 Accounting Information Systems and Internal Controls

Chapter 10 Accounting Information Systems and Internal Controls
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Control and Accounting Information Systems

Control and Accounting Information Systems
Control and Accounting Information Systems

Control and Accounting Information Systems
Welcome! Internal Auditing CHAPTER 1. Definition Internal auditing is an independent, objective, assurance and consulting activity designed to add value.

Welcome! Internal Auditing CHAPTER 1. Definition Internal auditing is an independent, objective, assurance and consulting activity designed to add value.
8 - 1 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder Audit Planning and Analytical Procedures Chapter 8.

8 - 1 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder Audit Planning and Analytical Procedures Chapter 8.
Auditing Computer-Based Information Systems

Auditing Computer-Based Information Systems
Sarbanes-Oxley Act. 2 What Is It? Act passed by Congress in response to the recent and continuing corporate scandals. Signed into law July 30, 2002. Established.

Sarbanes-Oxley Act. 2 What Is It? Act passed by Congress in response to the recent and continuing corporate scandals. Signed into law July 30, Established.
Audit Planning and Analytical Procedures Chapter 8.

Audit Planning and Analytical Procedures Chapter 8.
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
6-1 McGraw-Hill/Irwin ©2002 by The McGraw-Hill Companies, Inc. All rights reserved. Chapter 6 Internal Control Evaluation: Assessing Control Risk.

6-1 McGraw-Hill/Irwin ©2002 by The McGraw-Hill Companies, Inc. All rights reserved. Chapter 6 Internal Control Evaluation: Assessing Control Risk.
Auditing A Risk-Based Approach To Conducting A Quality Audit

Auditing A Risk-Based Approach To Conducting A Quality Audit
18- 1 © 2006 The McGraw-Hill Companies, Inc., All Rights Reserved. Chapter 18 Integrated Audits of Internal Control (For Public Companies Under Sarbanes-Oxley.

18- 1 © 2006 The McGraw-Hill Companies, Inc., All Rights Reserved. Chapter 18 Integrated Audits of Internal Control (For Public Companies Under Sarbanes-Oxley.
Chapter 4 IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESSES.

Chapter 4 IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESSES.
Auditing II Unit 1 : Audit Procedures Unit 2: Audit of Limited Companies Unit 3: Audit of Government Companies.

Auditing II Unit 1 : Audit Procedures Unit 2: Audit of Limited Companies Unit 3: Audit of Government Companies.
Learning Objectives LO1 Distinguish between management and auditor’s responsibilities regarding an auditee organization’s internal controls. LO2 Explain.

Learning Objectives LO1 Distinguish between management and auditor’s responsibilities regarding an auditee organization’s internal controls. LO2 Explain.
Information Systems Controls for System Reliability -Information Security-

Information Systems Controls for System Reliability -Information Security-
1 Rittenberg/Schwieger/Johnstone Auditing: A Business Risk Approach Sixth Edition Chapter 7 Performing an Integrated Audit Copyright © 2008 Thomson South-Western,

1 Rittenberg/Schwieger/Johnstone Auditing: A Business Risk Approach Sixth Edition Chapter 7 Performing an Integrated Audit Copyright © 2008 Thomson South-Western,

Similar presentations

Ads by Google