Anderson, Olds, and Watershed (AOW), CPAs has been engaged to design an audit program for Apollo Shoe, Inc. AOW, as the auditor on record of a publically traded company, will comply to the Sarbanes-Oxely (SOX) Section 404 which requires auditors of public companies to assess and report on the effectiveness of Apollo Shoe’s internal controls over financial reporting, which is in addition to the audit report of the financial statements (Arens, 2006).
This engagement letter will also address significant regulations and guidelines related to internal control audits, risks that have been identified within Apollo Shoes internal controls, a description of the relationship between internal controls and the audit process, and finally a brief synopsis of AOW’s responsibility in detecting and reporting fraud. Significant Regulations and Guidelines Related to Audits of Internal Controls Start here Internal Control Risks Identified within Apollo Shoe, Inc. Internal controls are essential for any organization.
All companies have information housed within that needs to be safeguarded and protected. Sarbanes-Oxley (SOX) helps in this area by providing internal control shields. These shields help prevent theft, fraud and waste. SOX also assures that all financial reporting is completed according the Generally Accepted Accounting Principles, (GAAP). It helps restore public confidence and trust in the financial statements provided by companies. The most essential area that needs to be assessed is management and personnel. Apollo Shoes places a high level of trust with their employees.
This can lead to a multitude of organizational problems such as fraud and theft. Poor internal controls in this area can cause excessive costs and poor management decisions. Effective internal controls will put more trust and responsibility in the control and less in the employees. This will set up a framework for employees to fall back on when questions and temptations arise. Other areas that will need to be assessed will be how information is process, and how the financial statements are prepared and reported.
The procedures manuals will also need to be evaluated to ensure that time and money is not wasted in unnecessary processes and procedures. Relationship between Internal Controls and the Audit Process Internal control is a system of policies and procedures that Apollo Shoe’s management design to provide them reasonable assurance that the goals and the objectives of the company are being achieved. There are three broad objectives in designing an effective internal control system: reliability of financial reporting, efficiency and effectiveness of operations, and compliance with laws and regulations (Arens, 2006).
Apollo’s management designed an internal control system to achieve all of these objectives, but as an auditor, AOWs main focus is on the audit of the financial statements and on the controls related to the reliability of financial reporting. If deficiencies are found in an internal control system, the result is material misstatements in financial statements. An auditor is responsibility, according to SOX Section 404, include understanding a company’s internal controls system and to issue an audit report on management’s assessment of its internal control which include the effectiveness of operations.
Internal controls relating to operations of a company and how well the company is complying with laws and regulations can also affect financial statements materiality. Auditor’s responsibility in Detecting and Reporting Fraud The financial statements of Apollo Shoes are the responsibility of the management. In assessing the risk for fraud it is our responsibility to exercise professional skepticism. As the auditor for Apollo Shoes I must enter the engagement with a questioning mind and evaluate all audit evidence necessary if events point to a possible material misstatement that could involve fraud.
The audit team assigned to Apollo Shoes will brainstorm and come up with areas that could have the potential for fraud and come up with a plan to address those areas. SAS 99 requires the auditor to ask management about the possibility of fraud within the company. The auditor could also inquire of employees within the company to see what their thoughts are on fraud within the company. SAS 99 also requires the auditor to identify possible risk factors that could perpetrate fraud. As the auditor, I will be required to perform analytical procedures. These analytical procedures help aid in the detection of fraud.