In 1899, Cator and Guy Woodford established a new business, the Retail Credit Company, in downtown Atlanta.
Question:
In 1899, Cator and Guy Woodford established a new business, the Retail Credit Company, in downtown Atlanta. The two brothers realized that local grocery stores suffered large losses each year because they extended credit to customers who did not have the ability or intent to pay their bills. After convincing a large number of grocers to provide access to their customers' credit histories-without those consumers' prior knowledge or approval-the Woodfords developed a bound book documenting those histories in an alphabetic format. The brothers then sold access to the book for an annual fee to Atlanta groceries and other retail businesses.Over the next few decades, the Retail Credit Company's revenues and profits waxed and waned as the entrepreneurial Woodfords used their growing database of consumer credit information to launch other business ventures, principally in the insurance industry. By the 1930s, the company had refocused its operations almost exclusively on selling credit reports to retail and wholesale businesses.Persistent allegations of abusive business practices by Retail Credit Company and its major competitors convinced Congress to pass the Fair Credit Reporting Act of 1970. That federal statute requires credit agencies to establish mechanisms to protect the privacy and accuracy of consumers' credit data. Retail Credit Company was one of the first companies prosecuted for violating the Fair Credit Reporting Act. The charges filed against the company included using deceptive means to collect information from consumers, compensating employees based upon the volume of negative credit information they collected, and including false and fabricated information in consumers' credit files. In 1979, Retail Credit Company reincorporated as Equifax Inc.,1 reportedly, to distance itself from its prior indiscretions.By the early 1990s, Equifax reigned as the largest credit reporting agency in the United States. Despite the company's size and prominence, Equifax continued to be hounded by critics who claimed the company routinely violated consumers' privacy and other civil rights. Among the most common complaints facing Equifax was that it sold consumers’ personal information to direct marketing companies, which then bombarded those consumers with unwanted advertising paraphernalia via the mail and unsolicited telephone calls.
Questions
1. "Risk factors" disclosures included in a Form 10-K are generally outside the scope of the given company's annual independent audit. Despite that fact, does a public company's auditors have any responsibility to consider or review those disclosures? Explain.
2. The PCAOB auditing standards require auditors to apply a "top-down approach" during an audit of ICFR. Explain whether this top-down approach mandates that auditors test IT general controls.
3. Identify a recent material weakness in ICFR reported by a public company auditor. Explain the nature of the material weakness and whether it has any connection to the company's IT general controls. How is the material weakness relevant to the company's control environment?
4. Suppose during a financial statement or ICFR audit that the auditors identify cybersecurity risks not having direct financial statement or ICFR implications. What should the audit team do in such circumstances?
Step by Step Answer: