Unit Convenor: Dr Mauricio Marrone
Jason Scott has been hired as an internal auditor for Northwest
•Industries, a diversified forest products company.
He is assigned to audit Springer’s Lumber & Supply, Northwest’s
•building materials outlet in Montana.
His supervisor, Maria Pilier, has asked him to trace a
•sample of purchase transactions to verify that proper control procedures were followed. Jason becomes frustrated with this task.
•Why is Jason frustrated?
•The purchasing system is poorly documented.
He keeps finding transactions that have not been processed
•as Ed Yates, the accounts payable manager, said they should be. Jason’s frustrations, continued
•Some vendor invoices have been paid without supporting documents.
Purchase requisitions are missing for several items that had been
•authorized by Bill Springer, purchasing v.p. •Prices charged for some items seem unusually high.
Management authority is concentrated in the company president, Joe
•Springer, and his sons Bill, the purchasing v.p., and Ted, the controller. • Maria feels that Ted may have engaged in “creative accounting.”
•Jason ponders the following issues:
Should he describe the unusual transactions in his
Is a violation of proper control procedures acceptable if
•it has been authorized by management?
Regarding Jason’s assignment, does he have a
•professional or ethical responsibility to get involved?
Who Commits Fraud?
Sometimes the best personnel;
Per the ACFE study:
Majority of perpetrators were
long-serving, middle-aged, male executives and managers
Positive correlation exists between size of loss and
authority level, tenure, education level, age, and male gender perpetrator’s Source: 2006 ACFE Report to Nation on Occupational Fraud & Abuse - study of 1134 fraud cases
How is Fraud Detected?
Source: 2014 ACFE Report to Nation on Occupational Fraud & Abuse
Source: 2008 ACFE Report to Nation on Occupational Fraud & Abuse - study of 959 fraud cases
You are the CEO
Wendy, the floor manager of Louis Vuitton: How can we stop
•people from stealing money from the till?
Nicole, inventory manager of LV: how can you make sure that
•the inventory in the AIS matches that on the floor?
Fred, payroll manager of LV: how can you tell that you are
•paying the employees that are at work?
Ed, Claudia and Pingtzir: Concerned about the AIS - accurate
•inputs and safeguard outputs of the system?
Control Activities, Business Processes
Financial statements make a series of assertions about the events
❑that have taken place and the balances that are presented Applying internal controls involves an evaluation of these assertions
❑coupled with a risk assessment
❑Once risk has been identified it needs to be evaluated
Classification of internal controls
•by Australian Auditing Standards
•Preventive / Detective / Corrective (how they deal with risks)
•General / Application (IT Controls)
•Automated / Manual
Types of Control Activities
❑Australian Auditing Standard ASA 315 classifies controls into five types:
3.Information processing controls
5.Segregation of duties
Authorisation is the empowerment management gives employees
•to perform activities and make decisions.
Digital signature or fingerprint is a means of signing a document
•with a piece of data that cannot be forged.
Specific authorisation is the granting of authorisation…