Question

Literature review about internal auditor use of fraud risk factors ( 10 pages minimum ) no hand writing ( writing in Microsoft word) font: 16, Times new roman

Answer 1

Fraud Characteristics

Financial statement misstatements arise from either fraud or error. The difference between fraud and error is that the underlying action in the former is intentional. The auditor can suspect or identify but does not make legal determinations of whether the fraud has actually occurred. Following are the

Auditor’s responsibilities here:

1. Obtain reasonable assurance that the financial statements are free from material misstatements
2. Maintain professional skepticism throughout the audit
3. Should know that Risk of non-detection of management fraud is greater than of employee fraud
4. Must be aware of the risk of non-detection of fraudulent material misstatement is higher than the misstatement due to error.

Requirements of Auditor: Collection & Evaluation of Audit Evidence

1. Professional Skepticism –The auditor should maintain professional skepticism while performing an audit, and identify any possible material misstatement due to fraud that could exist despite the auditor’s past experience of Management’s honesty and integrity.
2. The auditor can accept the records and documents as genuine unless there is a reason to believe the contrary and investigate if required.
3. Investigate the inconsistent responses from the management related to the inquiries.
4. Discussion among the engagement team members and the engagement partner on those matters which are to be communicated to other team members not involved in the discussion.

Risk Assessment Procedures

Following are the Risk assessment procedures to be followed:

1. To obtain information which is used for risk identification, auditors shall enquire the management on:
   • Assessment of risk to financials due to fraud, risk or error - nature, extent and timing of such assessment
   • Process of identifying & responding to risks of fraud
   • Communication to employees regarding their views on business practices
   • Communication to those charged with governance for identifying and responding to risks of fraud
2. Auditor to inquire the management, internal audit team and those charged with governance whether any instance of actual or alleged fraud has occurred in the past and obtain their respective views on the risk of fraud.
3. Consider whether any other information obtained indicates the risk of fraud.
4. Evaluate any fraud risk factors are present from the information obtained from the assessment.
5. Identify Unusual or unexpected relationship while performing analytical procedure and evaluate them to assess the risk of material misstatement due to fraud
6. Presume that there will be risks in revenue recognition based on that evaluate transactions

Auditor’s Responses

Response to the Assessed Risk of Material Misstatement Due to Fraud

1. Assign and supervise personnel taking significant engagement responsibilities
2. Evaluate accounting policies to be indicative of fraudulent financial reporting
3. Incorporate audit procedures to be executed to include an element of unpredictability
4. Presume fraud risk in revenue recognition and management override of controls

Audit Procedure Responsive to Risk Related to Management Overrides of Control :

In order to mitigate the risk of management override of controls, auditor to design and perform the following Audit procedures:-

1. Test the appropriateness of journal entries in the general ledger
2. Review and evaluate accounting estimates
3. For significant transactions evaluate business rationale
4. Perform any other audit procedure as required

Evaluation of Audit Evidence

Auditor to follow these with respect to audit evidence

1. Analytical procedure performed indicates a previously unrecognised risk of material misstatement due to fraud
2. On identification of a misstatement, auditor to evaluate whether it is indicative of fraud
3. In case of fraudulent misstatement where auditor believes management is involved, then re-evaluate the response to the assessed risk
4. If unable to conclude if the financials are fraudulently misstated, then the auditor to evaluate the implications for the audit

If the fraudulent misstatement encounters the auditor from continuing the audit, then the auditor shall withdraw from the audit if appropriate and report to the person who made audit appointment.

Communication

1. On identification of fraud or suspicion of fraud existence, then auditor has to communicate to the appropriate level of management on timely basis
2. Communicate as appropriate to those charged with governance if the suspected fraud involves management, employee performing internal control or any others.
3. Determine if the information about the fraud has to be communicated to a party outside the entity. Here the auditor’s legal responsibility overrides the duty of confidentiality

Documentation

1. Significant decisions taken w.r.t susceptibility of material misstatement in financial due to fraud
2. Identified and assessed risk of material misstatement due to fraud at the financial statements level and at the assertion level
3. Overall responses to the addressed risk mentioned above
4. Audit procedures conclusion including those designed for management override of controls
5. To document communications made about the fraud to the management and others