You have been hired to evaluate internal controls for your client


Question Description:

35

You have been hired to evaluate internal controls for your client organization. The CFO for your client wants a report outlining the evaluation to share with the Board of Directors. Evaluate the criteria to identify and report identified control deficiencies Analyze the reporting requirements for both public and private organizations. Paper provides sufficient background on the topic and previews major points. At least three sources are used Write a 1,400- to 2,450-word report showing your plan to evaluate internal controls. Evaluate the criteria to identify and report identified control deficiencies. Analyze the reporting requirements for both public and private organizations. Ch 10 Identified Internal Control Deficiencies.pdf 3/20/2016 Bookshelf: Internal Control Audit and Compliance: Documentation and Testing Under the New COSO Framework PRINTED BY: dskyla@email.phoenix.edu. Printing is for personal, private use only. No part of this book may be reproduced or transmitted without publisher’s prior permission. Violators will be prosecuted. Chapter 10 Assessing the Severity of Identified Controls Deficiencies It’s Inevitable In the process of assessing and testing controls, you are likely to encounter deficiencies in the design or operating effectiveness of the controls. For example, an important control objective might not be addressed or might be only partially addressed by the control that is in place. If you do not have a control over the selection of vendors for fulfilling various service needs, you might run the risk that business could be diverted to a vendor who will share some overbillings with the accountant or business manager directing the business to it. In addition, even if the control is designed properly, unless it operates effectively, it is deficient. For example, you might find through the auditor’s procedures or through customer returns and complaints that your controls failed and led (or could have led) to substantive errors on the financial statements, even though your tests showed that the controls seemed adequate and to be working. This happens in all sorts of entities, including governments and nonprofits. https://phoenix.vitalsource.com/#/books/9781118996300/cfi/6/56!/4/2/16/2@0:0 1/66 3/20/2016 Bookshelf: Internal Control Audit and Compliance: Documentation and Testing Under the New COSO Framework Finding control deficiencies is not a rare event. Most businesses have some if the assessment is done competently and fairly. Little public data about deficiencies and their rates of occurrence is available. The reported material weaknesses of public companies are only the tip of the iceberg when it comes to the total deficiencies found. Since deficiencies of less severity than a material weakness or deficiencies remediated prior to the year­end are not reported, we see only a fraction of the deficiencies discovered in the period. One study examined all the deficiencies identified by entities and auditors for a two­ year period involving 76 engagements and 44 entities.1 The study revealed that 3,990 deficiencies were identified. The study involved accelerated filer public companies with revenues of less than $1 billion and not in a specialized industry. One might think that public companies of this nature would be pretty well controlled, but there were a wide range of findings in these companies. One engagement identified over 200 deficiencies in a single­ year period. One can just imagine the deficiency conditions of smaller, nonpublic entities. An odd aspect of controls assessment is that finding errors in the financial statements generally implies a control failure of some sort, but not finding a substantive error in the financial data does not imply the controls are working (or even exist). This oddity is caused by the fact that even in the absence of any real controls, the processes may be performed by individuals who are honest, competent, and diligent. Thus, eve

Answer

35