Question

1- Auditors are required to actively conduct a financial statement audit with the mindset that fraud may exist. What is the general process that an auditor goes through to assess the risk of fraud and test accordingly?

2- A client seeking to recover damages from an auditor for breach of contract in an action based on negligence must show that the auditor had a duty not to be negligent. Identify at least three defenses an auditor can use against a breach of contract lawsuit.

3- Identify and briefly describe the two principles that should govern the monitoring function.

Answer 1

1.

Understand the nature of fraud, the motivations to commit fraud, and the manner in which fraud may be perpetrated,

Exercise "professional skepticism" throughout the entire fraud risk assessment process.

"Brainstorm" and share knowledge with other audit team members.

Obtain information useful in identifying and assessing fraud risk.

Identify the specific fraud risks, including potential magnitude, and areas likely to be affected by a fraud.

company's controls and potential effectiveness in mitigating the risk of fraud.

Evaluate the quality of the Respond, i.e. adjust audit procedures to assure that the audit adequately addresses the risk of fraud and provides evidence specifically related to the possibility of fraud.

Evaluate findings. If evidence signals that a fraud might exist, determine whether or not forensic or specialist auditors are needed to complete the investigation.

Communicate the possibility that fraud exists to management, or to the audit committee or the full board if the fraud is material and/or involves members of management,

Document the audit approach starting with the step I through the completion of all of the steps identified above.

2.

The auditor can use the following as defense against a breach of contract suit:

The auditor used due professional care.

The client was contributorily negligent.

The client's losses were not caused by the breach.

Defenses under tort law are:

The auditor used due professional care.

The financial statements were not materially false or misleading.

The audit did not cause the client's loss.

The client was contributorily negligent.

Courts are often reluctant to allow the defense of contributory negligence because the auditor has special skills that most clients do not have.

3.

The Information and Communication component and the Monitoring Activities component are the last two components of the Framework. The Information and Communication component has three (3) while the Monitoring Activities has two (2) principles.

1. The organization obtains or generates and uses relevant, quality information to support the functioning of internal control.
2. The organization internally communicates information, including objectives and responsibilities for internal control, necessary to support the functioning of internal control.
3. The organization communicates with external parties regarding matters affecting the functioning of internal control.
4. The organization selects, develops, and performs ongoing and or separate evaluations to ascertain whether the components of internal control are present and functioning.
5. The organization evaluates and communicates internal control deficiencies in a timely manner to those parties responsible for taking corrective action, including senior management and the board of directors, as appropriate.