Auditing-Seminar 2 Discussion Questions

Auditing-Seminar 2

Discussion Questions

Chapter 3

3-44– Refer to Exhibit 3.1. Identify and describe the components of the internal control.

1. Control Environment is the set of standards, processes, and structures that provides the basis for carrying out internal control across the organization. It includes the tone at the top regarding the importance of internal control and the expected standards of conduct. The control environment has a pervasive impact on the overall system of internal control.

2. Risk Assessment involves the process for identifying and assessing the risks that may affect an organization from achieving it objections.

3. Control Activities are the actions that have been established by policies and procedures. They help ensure that management’s directives regarding internal control are carried out.

4. Information and Communication recognizes that information is necessary for an organization to carry out it internal control responsibilities. Information can come from internal and external sources. Communication is the process of providing, sharing, and obtaining necessary information. Information and communication help all relevant parties understand internal control responsibilities and how internal controls are related to achieving objectives.

5. Monitoring is necessary to determine whether the controls, including all five components, are present and continuing to function effectively. (Chapter 3, p. 87).

3-48–What functions do an organization’s board of directors and the audit committee of the board of directors perform in promoting an effective internal control environment?

The control environment is seen as the foundation for all other components of internal control. It starts with the leadership of the organization, including the board of directors, the audit committee and management establishing the tone regarding the importance of internal control and expected standards of conduct by demonstrating a commitment to integrity and ethical values. Members of the board of directors are the elected representative of shareholders, and the audit committee of the board should oversee management, have responsibility for the overall reliability of financial reporting, and oversee the external auditor. Also, the board of directors, primarily through the audit committee, is expected to exercise the objective oversight for the development and performance of internal control. (Chapter 3, p. 88 – 91).

3-56–What are general computer controls? General computer controls are pervasive control activities that affect multiple types of information technology systems, from mainframe computers. to desktop computers, to laptop computers, and mobile devices. Also, the computers control activities-either manual or automated-over technology infrastructure, security management, and technology acquisition, development, and maintenance. What is the relationship between general computer controls and application controls? For automated application controls to work properly, an organization needs to have effective general computer controls (sometimes referred to as information technology general control). Why is management concerned about the effectiveness of these controls? Management needs to determine the extent to which automated control activities and general computer controls are part of the mix of control activities that work effectively. In order to maintain information technology general control, management depends on information technology to facilitate reliable financial reporting. (Chapter 3, p. 97).

Chapter 4

4-28–What are some potential causes of action against an auditor under a breach of contract lawsuit? Breach of contract may occur when there is nonperformance of a contractual duty. Causes for action against the auditor for breach of contract may include, but are not limited to, the following: violating client confidentiality, failing to provide the audit report on time, failing to discover a material error or employee fraud, and withdrawing form an audit engagement without justification. (Chapter 4, p. 136).

4-32–Three tests have been used by various courts in common law to determine which third-party users can successfully bring a suit against the auditor for negligence. Identify each of these tests and describe the parties that are defined in each of these test.

The auditors’ liability depends on the jurisdiction of the case, along with t whether the auditor could foresee that different types of users would be relying upon the audit report and audited financial statements. Identified user test-auditor liability for ordinary negligence to identifiable users (third-party beneficiary), whom the auditor knows will use the audited financial statements for a particular purpose, even though the identified user is not name in the engagement letter. Example: The auditor knows that the First National Bank wants audited financial statements as part of the clients’ application for a loan. Foreseen user test-auditor liability for negligence to identified uses and to any individually unknown third party. The client mush have informed the auditor that a third party or class of third party intends to use the financial statement for a particular transaction, Example: the auditor knows that the client wants audited financial statements to obtain a loan from one of several banks. Foreseeable user test-extended auditor liability, the auditors are indeed acting as if a number of potential users rely on their audit opinion. The user is a member of a group who could foreseeably use the financial statements. Example: h auditor knows that current and prospective creditors and stockholders are likely to use the audited statements. (Chapter 4, p. 138-139).

4-43

a. The Securities Act 1933 applies to the preceding public offering of securities. True-companies are required to file registration statements with the SEC before they may issue new securities to the public

b. The audit firm has potential liability to any person who acquired the stock described in connection with the public offering. True-it is important to know that the intent of the SEC is to assure full and fair disclosure of public financial statements.

c. An investor who bought shares in Monicker would make a reasonable case if he or she alleged that the failure to explain the nature of the loans in question constituted a false statement or misleading omission in the financial statements. True-the plaintiff alleges that in making a decision on purchasing securities, it was misled by misstatements in financial statements.

d. The auditors could avoid liability if they could show that they were not fraudulent in the conduct of the audit.-False-the Securities Act 1933 was enacted as a standard of negligence.

e. The auditors could avoid or reduce the damages asserted against them if they could establish that the drop in price was due in whole or in part to other causes.-True-they could prove that they were not negligent.

f. The SEC would establish contributory negligence as a partial defense for the auditor because the SEC approved the registration statement.-False-is not a contributing factor in regards to the SEC – contributory negligence
n. a doctrine of common law that if a person was injured in part due to his/her own negligence (his/her negligence “contributed” to the accident), the injured party would not be entitled to collect any damages (money) from another party who supposedly caused the accident.

http://dictionary.law.com/Default.aspx?selected=341#ixzz3nVfy7QUMhttp://dictionary.law.com/Default.aspx?selected=341#ixzz3nVfy7QUM

Johnstone, K., Gramling, A., & Rittenberg, L. E. (2015). Auditing: A Risk Based-Approach to Conducting a Quality Audit. Boston, MA: Cengage