Question

In: Accounting

Smith, a certified public accounting firm, was engaged to audit the financial statements of the Sky-is-the-Limit...

Smith, a certified public accounting firm, was engaged to audit the financial statements of the Sky-is-the-Limit company. The company has its own IT installation. While obtaining an understanding of internal control, Smith found that Sky-is-the-Limit lacked proper segregation of the programming and operating functions. Smith analyzed the internal control surrounding the system to ensure that the corporate governance was being maintained, and he concluded that the existing compensating general control activities provided reasonable assurance that the objectives of internal control were being met.

Prepare a letter addressed to the board of directors that discusses the following:

  • How is the separation of the programming and operating functions accomplished in a properly functioning IT environment?
  • Explain the 3 subdivisions of information systems management, and discuss how they apply to this situation.

Solutions

Expert Solution

TO: Board of Directors

FROM: Auditor

DATE: 21 st July 2020

SUBJECT: Risk Management

In a properly functioning IT environment, it means that auditing is done in a computing or automated environment. Here, the primary goal of internal control i.e., to separate programming and operating functions can be attained through restricting the system operators from not only accessing the computers but also making any output or input in the same computers. In other words, operators should not be allowed to input/output any information, file, document, and/or operating program details. They should also be restricted from changing the any of the operating programs.

At the time of production processing, the system programmers must be restricted from getting into the computer room as well as operating anything in that room. In line with this, scheduling must be done by the system operators before production processing takes place. Additionally, scheduling must be tested by the operators prior to production processing to ensure that no more programming is required. This means that once the computers begin operating, the work of the programmers ends there as the operators take over.

The three subdivisions of information systems management include corporate, team, and individual (Robertson, 2005). Corporate level of information systems management is all about how corporate information including procedures, policies, and controls as formulated by the executives is useful for the entire company. In regard to the scenario at hand, it is out of the lack of proper corporate information from Sky-is-the-Limit?s management that the company lacks segregation of operating and programming functions. Although the corporate governance is maintained and the available general control activities indicated that the objectives of internal control were met, there need to be policies, procedures, and control in Sky-is-the-Limit that create a gap between the programming department and the operating department.

As the name suggests, the team as a subdivision of information systems management deals with all the information that is shared within business units, divisions, departments, and teams. The information shared at team level may be fundamental to the day to day activities of a given department but of little importance. Example of such information includes meeting minutes, department-specific content, and project documentation. From the situation at hand, the team is key if Sky-is-the-Limit is to have segregation of programming and operating functions. Even though there is a need to maintain collaborating tools between the programming and operating units in Sky-is-the-Limit, separation of functions will be very critical. Following the creation of programming and operating departments, it will be easy to establish independence in each of the function (Robertson, 2005). The roles and responsibilities of each department must be clearly defined. Also, the information meant for either of the department should not be shared unless that information is deemed important to the other department.

Last but not least, individual is the lowest subdivision of information systems management. This subdivision comprises personal information needed by the staff in the entire company including spreadsheets, financial statements, financial reports, and files that relates to roles and responsibilities of certain jobs. At personal level, the system operators and the programmers must be knowing what they are specifically supposed to do before, during and after production processing. An operator should not perform the functions of a programmer. Similarly, a programmer should not perform the functions of an operator (Robertson, 2005).


Related Solutions

An independent accounting firm has been engaged to audit the 2014 financial statements of a corporation...
An independent accounting firm has been engaged to audit the 2014 financial statements of a corporation which has never undergone an audit. During the audit, it is concluded that the 2014 ending inventory presented by management is in error. The inventory cannot be counted because much of it has been sold as of the time of the audit. Therefore, a "test of reasonableness" of the inventory is performed by using the following data from the 2014 income statement prepared by...
You are engaged as an audit senior in the public accounting firm of Millie and Partners....
You are engaged as an audit senior in the public accounting firm of Millie and Partners. As part of the planning process for the audit of Maxie Ltd for the financial year ended 30 June 2018, you requested the minutes of the Board of Directors meetings for the financial year and noted the following: Date of Meeting Extract from Board of Directors Meetings for the year 2017-18 1/9/2017 The board agreed that in order to attract new customers and therefore...
Smith Corp. orally engaged TRA CPAs, to audit its financial statements. The management of Smith Corp....
Smith Corp. orally engaged TRA CPAs, to audit its financial statements. The management of Smith Corp. informed TRA CPAs that it suspected that the accounts receivable was materially overstated. Although the financial statements audited by TRA CPAs did, in fact, include a materially overstated accounts receivable balance, TRA issued an unqualified opinion. Smith Corp then relied on the financial statements in deciding to obtain a loan from Town Bank to expand its operations and Town Bank relied on the financial...
ABC and Associates, Certified Public Accountants, audits the financial statements of XYZ, Inc. During the audit,...
ABC and Associates, Certified Public Accountants, audits the financial statements of XYZ, Inc. During the audit, ABC engaged Eric and Evan LLP, a London, England public accounting firm, as a component auditor to audit XYZ’s wholly owned English subsidiary. a. Should ABC make reference to the component auditor in its audit report? Explain. b. Assume that Eric and ABC issued a qualified report on the English subsidiary. Should ABC include the same qualification in its report on Jordan Toys?
You are engaged in the audit of the financial statements of Holman Corporation for the year...
You are engaged in the audit of the financial statements of Holman Corporation for the year ended December 31, 20X6. The accompanying analyses of the Property, Plant, and Equipment and related accumulated depreciation accounts have been prepared by the chief accountant of the client. You have traced the beginning balances to your prior year’s audit working papers. HOLMAN CORPORATION Analysis of Property, Plant, and Equipment and Related Accumulated Depreciation Accounts Year Ended December 31, 20X6 Final Assets Per Ledger Description...
You are engaged in the audit of the financial statements of Holman Corporation for the year...
You are engaged in the audit of the financial statements of Holman Corporation for the year ended December 31, 20X6. The accompanying analyses of the Property, Plant, and Equipment and related accumulated depreciation accounts have been prepared by the chief accountant of the client. You have traced the beginning balances to your prior year’s audit working papers. HOLMAN CORPORATION Analysis of Property, Plant, and Equipment and Related Accumulated Depreciation Accounts Year Ended December 31, 20X6 Final Assets Per Ledger   Description...
1.A company engaged a CPA to perform the annual audit of its financial statements. The audit...
1.A company engaged a CPA to perform the annual audit of its financial statements. The audit failed to reveal an embezzlement scheme by one of the employees. Which of the following statements best describes the CPA's potential liability for this failure? The CPA's adherence to generally accepted auditing standards (GAAS) may prevent liability. The CPA will not be liable if care and skill of an ordinary reasonable person was exercised. The CPA may be liable for punitive damages if due...
Bell, CPA, was engaged to audit the financial statements of Kent Company, a continuing audit client....
Bell, CPA, was engaged to audit the financial statements of Kent Company, a continuing audit client. Bell is about to audit Kent’s payroll transactions. Kent uses an in-house payroll department to compute payroll data and prepare and distribute payroll checks. During the planning process, Bell determined that the inherent risk of overstatement of payroll expense is high. In addition, Bell obtained an understanding of the internal control structure and assessed control risk at the maximum level for payroll-related assertions. Required:...
Harris Fell, CPA and member of the AICPA, was engaged to audit the financial statements of...
Harris Fell, CPA and member of the AICPA, was engaged to audit the financial statements of Wilson Corporation. Fell had half-completed the audit when he had a dispute with the management of Wilson Corporation and was discharged. Hal Compton, CPA, was promptly engaged to replace Fell. Wilson Corporation did not compensate Fell for his work to date; therefore, Fell refused to allow Wilson Corporation’s management to examine his working papers. Some of the working papers consisted of adjusting journal entries...
Harris Fell, CPA and member of the AICPA, was engaged to audit the financial statements of...
Harris Fell, CPA and member of the AICPA, was engaged to audit the financial statements of Wilson Corporation. Fell had half-completed the audit when he had a dispute with the management of Wilson Corporation and was discharged. Hal Compton, CPA, was promptly engaged to replace Fell. Wilson Corporation did not compensate Fell for his work to date; therefore, Fell refused to allow Wilson Corporation’s management to examine his working papers. Some of the working papers consisted of adjusting journal entries...
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT