Wiley Practitioner's Guide to GAAS 2020. Joanne M. Flood
Чтение книги онлайн.
Читать онлайн книгу Wiley Practitioner's Guide to GAAS 2020 - Joanne M. Flood страница 34
Professional Skepticism
As defined in AU-C Section 200, professional skepticism is an attitude that includes a questioning mind and critical assessment of audit evidence. The auditor should conduct the entire engagement with an attitude of professional skepticism, recognizing that fraud could be present, regardless of past experience with the entity or beliefs about management’s integrity. (AU-C 240.08 and .12) The auditor should not let his or her beliefs about management’s integrity allow the auditor to be satisfied with any audit evidence that is less than persuasive. Finally, the auditor should continuously question whether information and evidence obtained suggest that material misstatement caused by fraud has occurred.
Engagement Team Discussion about Fraud (Brainstorming)
When planning the audit, members of the audit team must discuss where and how the financial statements may be susceptible to material misstatement caused by fraud. This discussion should include the following:
Exchange ideas and brainstorm about where the financial statements are susceptible to fraud, how assets could be stolen, and how management might engage in fraudulent financial reporting.
Emphasize the need to maintain the proper mind-set throughout the audit regarding the potential for fraud. As previously discussed, the auditor should continually exercise professional skepticism and have a questioning mind when performing the audit and evaluating audit evidence. Engagement team members should thoroughly probe issues, acquire additional evidence when necessary, and consult with other team members and firm experts as needed.
Consider known external and internal factors affecting the entity that might create incentives and opportunities to commit fraud, and indicate an environment that enables rationalizations for committing fraud.
Consider indications of earnings management.
Consider the risk that management might override controls.
Consider how to respond to the susceptibility of the financial statements to material misstatement caused by fraud.
For the purposes of this discussion, set aside any of the audit team’s prior beliefs about management’s honesty and integrity.
The discussion would normally include key audit team members. Other factors that should be considered when planning the discussion include:
Whether to have multiple discussions if the audit involves more than one location
Whether to include specialists assigned to the audit
Audit team members should continue to communicate throughout the audit about the risks of material misstatement due to fraud. (AU-C 240.15)
Obtaining Information Needed to Identify Fraud Risks
In addition to performing procedures required under Section 315, Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatements, the auditor should obtain information needed to identify the risks of material misstatement due to fraud by:
Asking management and others within the entity about their views on the risk of fraud and how such risks are addressed.
Considering unusual or unexpected relationships identified by analytical procedures performed while planning the audit.
Considering whether any fraud risk factors exist.
Considering other information that may be helpful in identifying fraud risk.
Inquiries of Management
The auditor should make the following inquiries of management:
Does management or others within the entity know about actual or suspected fraud?
Have there been any allegations of actual or suspected fraud from employees, former employees, analysts, regulators, short sellers, and others?
Does management understand the entity’s fraud risk, including any identified risk factors or account balances or classes of transactions for which a fraud risk is likely to exist? How does management identify, respond to, and monitor those risks?
What programs and controls does the entity have to help prevent, deter, and detect fraud? How does management monitor such programs?
When there are multiple locations, how are operating locations or business segments monitored? Is fraud more likely to exist at any one of the locations or business segments?
Does management communicate its views on business practices and ethical behavior to employees, and, if so, how?
Has management communicated to those charged with governance how the entity’s internal control prevents, deters, and detects fraud?
(AU-C 240.17–.19)
When evaluating management’s responses to these inquiries, auditors should remember that management is often in the best position to commit fraud. Therefore, the auditor should determine when it is necessary to corroborate those responses with other information. When responses are inconsistent, the auditor should obtain additional audit evidence.
Inquiries of Internal Auditors
The auditor should make the following inquiries of appropriate individuals within the internal audit function:
What are their views on the risk of fraud?
Have they performed procedures to identify or detect fraud during the year?
Has management satisfactorily responded to any finding from procedures performed to identify or detect fraud?
Are they aware of any actual, suspected, or alleged fraud?
(AU-C 240.19)
Inquiries of Others within the Organization
The auditor should also ask others within the entity whether they are aware of actual or suspected fraud, using professional judgment to determine to whom these inquiries are made and how extensive the inquiries should be. The following are examples of people who may provide helpful information and, therefore, to whom the auditor may wish to consider directing inquiries:
1 Anyone at varying levels of authority with whom the auditor deals during the audit, such as when the auditor is obtaining an understanding of the entity’s internal controls, observing inventory, performing cutoff procedures, or getting explanations for fluctuations noted during analytical procedures
2 Operating