Accounting information systems controls and process 2nd tunnwe weickgenannt chapter 03

An introduction to the need for a code of ethics and good internal controls 2.. The accounting related fraud that can occur when ethics codes and internal controls are weak or not corre

Trang 1

Chapter

3-1

Prepared by Coby Harmon University of California, Santa Barbara

Westmont College

Trang 3

Chapter

3-3

1 An introduction to the need for a code of ethics and good internal controls

2 The accounting related fraud that can occur when ethics codes and

internal controls are weak or not correctly applied

3 The nature of management fraud

4 The nature of employee fraud

5 The nature of customer fraud

6 The nature of vendor fraud

7 The nature of computer fraud

8 The policies that assist in the avoidance of fraud and errors

9 The maintenance of a code of ethics

10 The maintenance of accounting internal controls

11 The maintenance of information technology controls

Study Objectives

Trang 4

Chapter

3-4

During the early 2000s, several companies were named in regards to fraudulent financial reporting.

SO 1 An introduction to the need for a code of

ethics and good internal controls

Need for Code of Ethics and Internal Controls

WorldCom

(Audit firm)

Trang 5

► Provide accurate reports.

► Maintain internal controls

► Enforce a code of ethics

Trang 6

Chapter

3-6

c preventive control

The careful and responsible oversight and use of the

assets entrusted to management is called

b stewardship

d security

a control environment

Need for Code of Ethics and Internal Controls Question

Trang 7

Chapter

3-7

Fraud - theft, concealment, and conversion to personal gain

of another’s money, physical assets, or information

► Misappropriation of Assets - defalcation or internal theft.

► Misstatement of Financial Records - earnings

management or fraudulent financial reporting.

SO 2 The accounting related fraud that can occur when ethics codes and

internal controls are weak or not correctly applied

Accounting Related Fraud

Trang 8

Chapter

3-8

Fraud , three conditions must exist.

Exhibit 3-1

The Fraud Triangle

Trang 9

Chapter

3-9

Categories of Accounting-Related Fraud

Exhibit 3-2

Trang 10

Question

Trang 11

Chapter

3-11

Management Fraud is usually in the form of fraudulent

financial reporting

Managers misstate financial statements in order to:

1 Increased stock price.

2 Improved financial statements.

3 Enhanced chances of promotion, or avoidance of firing or

demotion.

4 Increased incentive-based compensation

5 Delayed cash flow problems or bankruptcy.

SO 3 The nature of management fraud

The Nature of Management Fraud

Trang 12

Chapter

3-12

Management Fraud may involve:

 Overstating revenues and assets.

 Understating expenses and liabilities

 Misapplying accounting principles.

Two Examples: Enron’s top management had been hiding debt and losses by using

special purpose entities (SPEs).

Managers at Xerox approved and encouraged accounting practices that violated GAAP and accelerated revenue recognition.

Trang 13

Chapter

3-13

c enhanced promotion opportunities

There are many possible indirect benefits to management

when management fraud occurs Which of the following is

not an indirect benefit of management fraud?

b delayed cash flow problems

d increased incentive-based compensation

a delayed exercise of stock options

Question

Trang 14

Chapter

3-14

Employee Fraud usually means that an employee steals

cash or assets for personal gain

Kinds of Employee Fraud:

1 Inventory theft

2 Cash receipts theft

3 Accounts payable fraud

4 Payroll fraud

5 Expense account fraud.

SO 4 The nature of employee fraud

The Nature of Employee Fraud

Kickback

Skimming Collusion Larceny

Trang 15

Question

Trang 16

Chapter

3-16

c recording the transactions in subsidiary records

The most difficult type of misstatement to discover is fraud

that is concealed by

b nonrecorded transactions

d related parties

a over-recording the transactions

Question

Trang 17

Chapter

3-17

Customer Fraud occurs when a customer improperly

obtains cash or property from a company, or avoids a liability through deception

Kinds of Customer Fraud:

1 Credit card fraud.

2 Check fraud.

3 Refund fraud.

SO 5 The nature of customer fraud

The Nature of Customer Fraud

Trang 18

Chapter

3-18

Vendor Fraud occurs when vendors obtain payments to

which they are not entitled

Vendors may:

1 Submit duplicate or incorrect invoices.

2 Send shipments in which the quantities are short.

3 Send lower-quality goods than ordered.

SO 6 The nature of vendor fraud

The Nature of Vendor Fraud

Trang 19

Chapter

3-19

c collusion

The review of amounts charged to the company from a

seller that it purchased from is called a

b seller review

d customer review

a vendor audit

Question

Trang 20

SO 7 The nature of computer fraud

The Nature of Computer Fraud

Trang 21

Chapter

3-21 SO 7 The nature of computer fraud

Internal Sources of Computer Fraud

1 Input manipulation

2 Program manipulation

a Salami technique

b Trojan horse programs

c Trap door alterations

3 Output manipulation

Trang 22

Chapter

3-22 SO 7 The nature of computer fraud

External Sources of Computer Fraud

In most cases conducted by someone outside the

company who has gained unauthorized access to the

Trang 23

Chapter

3-23

c program manipulation

Which of the following is generally an external computer

fraud, rather than an internal computer fraud?

b input manipulation

d output manipulation

a spoofing

Question

Trang 24

Chapter

3-24 SO 8 The policies that assist in the avoidance of fraud and errors

Policies to Assist in the Avoidance of Fraud and Errors

Actions to assist in prevention or detection of fraud and

errors:

1 Maintain and enforce a code of ethics.

2 Maintain a system of accounting internal controls.

3 Maintain a system of information technology controls.

Trang 25

Chapter

3-25 SO 9 The maintenance of a code of ethics

Maintenance of a Code of Ethics

Sarbanes–Oxley Act of 2002

► Requirement - public companies adopt and disclose

a code of ethics

Concepts usually found in code of ethics:

► Obeying applicable laws and regulations.

► Conduct that is honest, fair, and trustworthy.

► Avoiding all conflicts of interest.

► Creating and maintaining a safe work environment.

► Protecting the environment.

Trang 26

Chapter

3-26 SO 10 The maintenance of accounting internal controls

Maintenance of Accounting Internal Controls

Objectives of an internal control system are:

1 Safeguard assets (from fraud or errors).

2 Maintain accuracy and integrity of accounting data.

3 Promote operational efficiency.

4 Ensure compliance with management directives.

Trang 27

SO 10 The maintenance of accounting internal controls

COSO Report - five components of internal control:

Trang 28

Chapter

Control Environment

Integrity and ethics The company has a code of The company does not have

ethics, and it is rigidly a code of ethics, or if they enforced have one, it is not enforced.

Factor Example of a Less Risky Control Environment Example of a More Risky Control Environment

Philosophy and operating Management is very Management is very

style conservative in its approach aggressive and risk taking

to things such as mergers in its approach to things

such as mergers.

Exhibit 3-5

Factors of the Control Environment

Trang 29

Chapter

3-29

Factor Example of a Less Risky Control Environment Example of a More Risky Control Environment

Assignment of authority Lines of authority are well Managers have overlapping

and responsibility established, and managers’ duties, and oftentimes

jobs and duties are clear to managers are not quite sure

them whether or not they have certain responsibilities and authority.

Development of Management carefully trains Management does not spend

competent people and cultivates employees to any money or time on the

be able to take on more training of employees.

responsibility.

Attention and direction by Members of the board Members of the board do

the board of directors examine reports and hold not prepare for the

top management meetings they attend and accountable for the are merely “big-name”

accuracy of the reports figureheads.

Exhibit 3-5

Factors of the Control Environment

Trang 30

Chapter

Risk Assessment

Management must develop a way to:

1 Specify the relevant objectives of the risk assessment

process.

2 Identify the sources of risks and determine the impact of

such risks in terms of finances and reputation.

3 Identify and analyze significant changes in the business.

4 Develop and execute an action plan to reduce the impact

and probability of these risks.

Trang 31

3 Adequate records and documents

4 Security of assets and documents

5 Independent checks and reconciliation

Trang 32

Trang 33

Trang 34

Chapter

Control Activities

Categories:

3 Adequate Records and Documents

a Supporting documentation for all significant transactions

b Schedules and analyses of financial information

c Accounting cycle reports

d Audit Trail

Trang 35

Chapter

Control Activities

Categories:

4 Security of Assets and Documents

a Protecting physical assets

b Protecting information

c Cost-benefit comparison

Trang 36

iii Recalculation of amounts

iv Analysis of reports

Trang 37

Chapter

3-37

c security of assets

Which control activity is intended to serve as a method to

confirm the accuracy or completeness of data in the

Trang 38

Chapter

3-38

c custody, execution, and reporting

Proper segregation of duties calls for separation of the

functions of

b authorization, recording, and custody

d authorization, payment, and recording

a authorization, execution, and payment

SO 10 The maintenance of accounting internal controls

Question

Trang 39

Chapter

Information and Communication

An effective accounting system must:

1 Identify all relevant financial events transactions.

2 Capture the important data of these transactions.

3 Record and process the data through appropriate

classification, summarization, and aggregation.

4 Communicate this summarized and aggregated information

as needed for internal and external purposes.

Trang 40

Chapter

1 Any system of control must be constantly monitored to

assure that it continues to be effective.

Monitoring

Trang 41

Chapter

Reasonable Assurance of Internal Controls

Controls achieve a sensible balance of reducing risk when

compared with the cost of the control

Not possible to provide absolute assurance, because:

► Flawed judgments are applied in decision making.

► Human error exists in every organization.

► Controls can be circumvented or ignored.

► Controls may not be cost beneficial.

Trang 42

Chapter

3-42 SO 11 The maintenance of information technology controls

Maintenance of Information Technology

Controls

Maintenance of Information Technology

Controls

For any business process, there should be both

► accounting internal controls as in COSO, and

► IT controls as in the Trust Principles

Risk and controls in IT are divided into five categories:

Trang 43

Chapter

3-43

c processing integrity

AICPA Trust Principles identify five categories of risks and

controls Which category is best described by the

statement, “Information process could be

inaccurate, incomplete, or not properly authorized”?

Trang 44

Chapter

3-44

Reproduction or translation of this work beyond that permitted in Section 117 of the 1976 United States Copyright Act without the express written permission of the copyright owner is unlawful

Request for further information should be addressed to the

Permissions Department, John Wiley & Sons, Inc The purchaser may make back-up copies for his/her own use only and not for distribution or resale The Publisher assumes no responsibility for errors, omissions, or damages, caused by the use of these

programs or from the use of the information contained herein.

Copyright

Định dạng
Số trang	44
Dung lượng	1,52 MB