attached

Case 21: ZOU's Fencing Controls Handout 1 Page 1 ZOU Fencing Inc. (Case 13-9 handout) Account Scoping and Risk Assessment Account Balance and Disclosure: Revenue Class of Transaction: Recording Sales Identification of risk of misstatement ("what could go wrong") Relevant assertion Significant risk? Risk of material misstatement because of fraud? Control activity that addresses risk of misstatement Risk #1 All orders shipped are not recorded as revenue. Completeness. No. No. Control #1: Sales are automatically recorded and invoices are automatically generated upon the release of the order in the Warehouse K-Series System. Orders are not released until the goods have been confirmed for shipping in the system (which occurs when the goods are scanned as they are loaded in the shipping area). Does the control rely on information produced by the entity (or IPE)? If yes, list relevant information No. Is the control automated? Yes. Warehouse K System, which is subject to IT controls performed by management and tested within the IT controls workpaper. N/A Will we obtain audit evidence of the accuracy and completeness of information produced by the entity by testing controls or by performing procedures directly on the information? Relevant application system (if we are testing information produced by the entity through tests of controls or the control is automated) Tests of controls: evaluation of design Tests of controls: planned operating effectiveness testing On the basis of the following factors, we concluded that the control is appropriately designed to address the stated risk of material misstatement: 1. The control is the automation of the invoicing of goods shipped as the system will automatically record revenues when goods are shipped from the warehouse (revenue generating activity), thus resulting in no shipped goods going unrecorded in the system that appropriately addresses the related risk of material misstatement and assertion. 2. Automated control prevents errors from occurring as opposed to identifying them once they have occurred (preventive control). 3. Control operates at the transaction level and, as such, is sufficiently precise to mitigate the risk. 4. Control is performed on a continual basis and thus addresses the risk directly and for the period under audit. 5. There are no historical issues with operation of the control and the control has not been modified in the period under audit. Interim Procedures (test as of 9/30): 1. Contact the Director of Customer Service and obtain detailed explanation of how control operates. 2. View samples of the shipping request. 3. Verify that understanding through testing of general IT controls; i.e., program change controls that there have been no changes to the control since the previous year. Rollforward Procedures: 1. Make inquiries of the controller and the IT manger to determine if any events have occurred that might impact the design or operation of the control (e.g., changes, additional risks, operating deficiencies) after our interim testing date. If any significant changes are noted, retest control. Copyright 2011 Deloitte Development LLC All Rights Reserved. Case 21: ZOU's Fencing Controls Handout 1 Page 2 ZOU Fencing Inc. (Case 13-9 handout) Identification of risk of misstatement ("what could go wrong") Relevant assertion Significant risk? Risk of material misstatement because of fraud? Control activity that addresses risk of misstatement Does the control rely on information produced by the entity (or IPE)? If yes, list relevant information Risk #2 Revenue is recorded for orders not shipped or fictitious sales. Existence or occurrence. Yes Yes Control #2: The "Orders Shipped & Invoiced Report" is reviewed by the warehouse director on a daily basis for unusual items and reasonableness; evidenced by the warehouse director's initials on the report, which is maintained. Yes The "Orders Shipped & Invoiced Report," which details orders that were shipped and invoiced for a given day. The report is automatically generated by the Warehouse K system. Because the operating effectiveness of the control is dependent upon the accuracy and completeness of the IPE, we Will we obtain audit evidence of the accuracy will test the controls around accuracy and completness. As the IPE is a system generated report, refer to our and completeness of information produced by testing of the company's IT general contols. In addition, we will test the controls around report logic as well as the the entity by testing controls or by performing internal controls around the source data. procedures directly on the information? Is the control automated? Relevant application system (if we are testing information produced by the entity through tests of controls and/or the control is automated) Tests of controls: evaluation of design Tests of controls: planned operating effectiveness testing No. Warehouse K System, which is subject to IT controls and tested within the IT controls workpaper. On the basis of the following factors, we concluded that the control is appropriately designed to address the stated risk of material misstatement: 1. The warehouse director has been with the company for over 10 years and has been acting in this current role for the last five. The warehouse director is in charge of overseeing operations at all five warehouses and directly supervises the warehouse managers. The director is knowledgeable of the business and focuses reviews on activity that seems unusual given the customer and quantities purchased. The review is directed to the identification of unusual trends and thus appropriately addresses the related risk of material misstatement and assertion. 2. Control is performed on a daily basis. 3. Control identifies exceptions after they have occurred (i.e., its a detective control), yet given the frequency of performance, it would identify errors in a timely manner. 4. Although the control entails the review of daily revenue activity, it is done on a transaction by transaction basis, and as such it is sufficiently precise to mitigate the risk. 5. Control involves the judgment of the warehouse director since there is no specific threshold set. However, since all transactions are evaluated and ZOU Fencing has a cyclical business, the report results are predictable. In addition, the warehouse director has been employed by the company for 10 years. Interim Procedures (tested as of 9/30): 1. Discuss the performance of the control procedure with the warehouse director. 2. Select 15 days out of the year. 3. Obtain the "Orders Shipped & Invoiced Report" reviewed by the warehouse director. 4. Determine whether the reports were signed off by the warehouse director and dated on the day following the report date. Rollforward Procedures: 1. Make inquiries of management and the process owner of the control activity to determine if any events that might impact the design or operation of the control (e.g., changes, additional risks, operating deficiencies) have been identified after our interim testing date. Copyright 2011 Deloitte Development LLC All Rights Reserved. Case 21: ZOU's Fencing Controls Handout 1 Page 3 ZOU Fencing Inc. (Case 13-9 handout) Identification of risk of misstatement ("what could go wrong") Relevant assertion Significant risk? Risk of material misstatement because of fraud? Risk #3 Orders shipped are not recorded accurately to actual quantities shipped and prices per invoice do not reflect approved pricing. Valuation or allocation. No. No. Control activity that addresses risk of misstatement Control #3: On a monthly basis, the reporting package is reviewed and analyzed by the controller and presented and discussed at the operations review meeting. The Controller focuses on differences or amounts greater than $4 million or fluctuations greater than 15 percent from prior year actual or current budget. The controller documents the results of any follow up. Does the control rely on information produced by the entity? If yes, list relevant information Yes. 1. Monthly reporting package. 2. Budget. Monthly reporting package: The monthly reporting package, which includes revenue information, is generated by the assistant controller from the PeopleSoft general ledger using data query tools by selecting certain data fields and defining calculations using the data. We tested the general IT controls (in particular program change controls) for completeness and accuracy. Budget: The CFO and CEO develop a budget annually in accordance with a set of defined budgeting procedures that require that the budget be \"zero set\" (i.e., determined on the basis of reasonable expectations of future events, rather than a percentage increase over previously budgeted amounts). The application system used for this process is Budgetpro. The CFO and CEO review the budget to confirm that the budgeted amounts have been determined in accordance with the established procedures and are based on reasonable expectations of future events. Upon finalization and approval of the budgets and forecasts within the Budgetpro system, the information is uploaded to Will we obtain audit evidence of the accuracy PeopleSoft. The financial analysis team then performs a tie-out and reconciliation of the Budgetpro information and completeness of information produced by versus the reports created in PeopleSoft to assure accuracy of the upload. PeopleSoft budget information is the entity by testing controls or by performing important since management compares the P&L, BS, and other activity budgets to the actual monthly actual procedures directly on the information? performance as indicators of unusual activity. All budgets and forecasts are subject to several tiered reviews. The final budget is then presented in a slide deck to the CEO and CFO for final approval. According to the budgeting procedures, the budget cannot be reset once approved by the CEO. We plan to test the budget process and controls directly as follows: 1. Obtain a copy of the original budget and gain an understanding of how it was prepared and how it is modified during the year for known changes. Final procedures: 1. Verity that Budgetpro information is tied out and reconciled to Peoplesoft. 2. Verify through review of board minutes that annual budget is approved by President-Americas and CEO and CFO. Is the control automated? Relevant application system (if we are testing information produced by the entity through tests of controls or the control is automated) Tests of controls: evaluation of design Tests of controls: planned operating effectiveness testing No. No. On the basis of the following factors, we concluded that the control is appropriately designed to address the stated risk of material misstatement: 1. Control appropriately addresses the related risk of material misstatement and assertion since any unexpected variances would be detected by the controller's analysis of budget to actual. 2. The control is detective and therefore identifies exceptions after they have occurred, yet given that the control is performed on a monthly basis, it would detect errors in time to prevent material misstatement of the financial statements. 3. The control is sufficiently precise to detect a material misstatement in the revenue account (which is based on $5 million materiality threshold). 4. Management has defined quantitative thresholds for investigating variances. 5. The company's financial results have historically been consistent with budget. There are no significant changes planned in the current year to the company's business nor are there any external factors related to the industry, regulatory environment, or economy that would be expected to impact the company's current year financial results. Interim Procedures: Inquiry: 1. Inquire of the controller and assistant controller of the following: a. Explanation of the steps involved in performing the control. b. Reports and other information used, including how such information is used and from where it is obtained. c. Procedures performed when an exception or misstatement is identified. d. Procedures performed when the individual is absent. e. Procedures performed with respect to unusual transactions. f. Changes to controls during the period, including changes in personnel who perform them. Inspection: 2. Obtain the meeting minutes for two months and determine if the monthly package was appropriately discussed. Rollforward Procedures: 1. Select a month from Q4 and perform the above procedures consistent with interim. Copyright 2011 Deloitte Development LLC All Rights Reserved. Case 13-9 ZOU's Fencing Controls ZOU Fencing Inc. (ZOU Fencing or the Company) is a public company in the United States that files quarterly and annual reports with the SEC. ZOU Fencing has five manufacturing facilities located in Missouri and produces and provides chain-link fencing to customers throughout the Midwest (Wisconsin, Indiana, Michigan, Ohio, Illinois, and Iowa) via rail car. ZOU Fencing sells chain-link fencing to customers under free on board (FOB) shipping point terms. Therefore, revenue is recorded when goods are shipped from the respective warehouse. ZOU Fencing currently uses a sophisticated warehouse management system (the Warehouse K-Series System), which allows the Company to (1) record sales upon shipment of goods out of the warehouse, (2) automatically price fence sales on the basis of standard pricing tables, and (3) generate multiple reports for the evaluation of ZOU Fencing's operations. Engagement Team Note: Materiality was determined to be $5 million. At year-end, the engagement team evaluated the internal controls related to revenue. This evaluation was done through inquiries of appropriate personnel and consideration of the results of other audit procedures including: (1) updating the risk assessment procedures (including the understanding of internal control) and substantive procedures, (2) considering the result of the entity's monitoring of controls (or our testing of the entity's monitoring of controls), and (3) obtaining an update on the status of the entity's remediation of any significant deficiency or material weakness identified as of the interim date. As a result, the engagement team arrived at the conclusion that there have been no significant changes to controls in the period after their interim testing. Furthermore, the engagement team has determined that they will not be using the work of others for testing the operating effectiveness of controls related to revenue. The engagement team identified three risks of material misstatement relating to the recording of sales. For each risk identified, the team documented in the excerpted worksheet (see Handout 1) the control activity that addresses the risk of misstatement, the evaluation of the design of that control activity, and the planned testing of operating effectiveness. Required: 1. What are the key considerations when evaluating the design and testing of the operating effectiveness of internal controls in conjunction with a financial statement audit? Include considerations in determining what additional audit evidence to obtain about controls that were operating during the rollforward period. 2. For each of the three revenue risks identified by the engagement team, address the following: Copyright 2011 Deloitte Development LLC All Rights Reserved. Case 13-9: ZOU's Fencing Controls Page 2 a. Was the engagement team's assessment of the evaluation of the design of the controls appropriate (i.e., does the control identified by the team address the specific \"what could go wrong\" for each risk)? b. Was the team's interim and rollforward planned procedures to test the operating effectiveness of controls appropriate? Copyright 2011 Deloitte Development LLC All Rights Reserved. You may use your textbook, lecture materials and any official accounting pronouncement you find appropriate. The auditing standards listed below may be helpful in answering your questions. PCAOB Auditing Standard No. 5, An Audit of Internal Control Over Financial Reporting That Is Integrated With an Audit of Financial Statements (PCAOB Auditing Standard 5) PCAOB Auditing Standard No. 12, Identifying and Assessing Risks of Material Misstatement (PCAOB Auditing Standard 12) PCAOB Auditing Standard No. 13, The Auditor's Responses to the Risks of Material Misstatement (PCAOB Auditing Standard 13) PCAOB Staff Views, An Audit of Internal Control Over Financial Reporting That Is Integrated With an Audit of Financial Statements: Guidance for Auditors of Smaller Public Companies (PCAOB Staff Views white paper) PCAOB Staff Practice Alert No. 11, Considerations for Audits of Internal Control Over Financial Reporting (PCAOB Staff Practice Alert) Question1 40points Using the Case Materials provided and any available accounting, auditing, systems etc standard as a means to back up your response, please answer the following: What are the key considerations when evaluating the design and testing of the operating effectiveness of internal controls in conjunction with a financial statement audit? Include considerations in determining what aditional audit evidence to obtain about controls that were operating during the roll forward period. Question 2 (10 points) Revenue Risk 1a. Was the engagement team's assessment of the evaluation of the design of the controls appropriate? Question 3 (10 points) Revenue Risk 1 Was the team's interim and rollforward planned procedures to test the operating effectiveness of controls appropriate? Question 4 (10 points) Revenue Risk 2 Was the engagement team's assessment of the evaluation of the design of the controls appropriate? Question 5 (10 points) Revenue Risk 2 Was the team's interim and rollforward planned procedures to test the operating effectiveness of controls appropriate? Question 6 (10 points) Revenue Risk 3 Was the engagement team's assessment of the evaluation of the design of the controls appropriate? Question 7 (10 points) Revenue Risk 3 Was the team's interim and rollforward planned procedures to test the operating effectiveness of controls appropriate? please give me your advise thank you Question1 40points Using the Case Materials provided and any available accounting, auditing, systems etc standard as a means to back up your response, please answer the following: What are the key considerations when evaluating the design and testing of the operating effectiveness of internal controls in conjunction with a financial statement audit? Include considerations in determining what additional audit evidence to obtain about controls that were operating during the roll forward period. Answer: Internal control evaluation is meant to review and assess the structure of accountability within the organization. An effective internal control gives assurance regarding the integrity of financial reporting. Fraud can easily be detected through internal controls. Such internal control can help accuracy in financial reporting. The key considerations when evaluating the design and testing of the operating effectiveness of internal control in conjunction with a financial statement audit are 1) the assessment of the existing financial structure. The assessment of existing structure can indicate that the system of internal control is robust enough to avoid the risk of material area error in financial reports. The assessment is also to look at whether the accounting method it is going to use is on the basis of cash or accrual. 2) Segregation of Duties. The auditors must make sure that there is segregation of duties between those handling cash and deposits, approval over spending and disbursement. This is imperative for accountability purposes. The auditors also need to look at the internal policy that identifies someone who signs checks and the number of signatures required in excess of a certain amount. Payment must be approved by a designated person before payment is issued. Monthly statements have to be reconciled to canceled checks. When preparing a payroll, it has to follow appropriate state and federal regulations and the company's policy. 3) A disclosure of any weaknesses in the internal controls must be attached to the financial report at the end of every fiscal year. Management is not allowed to conclude the internal controls of the company if weakness has been detected. 4) Taxes such as Social Security and Medicare paid on each employee must be monitored to make sure they are paid when due. 5) Monitor cash in hand and conduct cash flow analysis frequently. The roll forward period, in accounting, is when people use prior data on assets and liabilities to establish a baseline for a new accounting period. Accountants can use the roll forward to track data through multiple accounting cycles. There are several approaches to carrying over data from a previous accounting period, including just transferring the latest balances or setting an arbitrary date for the data transfer. Accountants must be consistent about the method they use to make sure their records are accurate. In general, roll-forward refers to the period between the interim test date and the fiscal year end. Tests of controls are conducted during the rollforward period. Therefore, the key considerations in determining what additional audit evidence to obtain about controls that were operating during the roll forward period are 1) risk assessment of the roll forward period 2) the length of the roll forward period. The higher the risk or the longer the period, the more evidence we need. Appropriate auditing procedure can be 1) Updating lead schedule and comparing the year-end balance with the corresponding balance at interim. 2) Designing substantive analytical procedures and tests of details. 3) Performing cutoff procedures. Q2Was the engagement team's assessment of the evaluation of the design of the controls appropriate? Answer: No. Firstly, according to PCAOB Staff views \"Use of information technology (IT). A smaller, less complex company with less complex business processes and centralized accounting operations might have less complex information systems that make greater use of off-the-shelf packaged software without modification. In the areas in which off-the-shelf software is used, the auditor's testing of information technology controls might focus on the application controls built into the pre-packaged software that management relies on to achieve its control objectives and the testing of IT general controls might focus on those controls that are important to the effective operation of the selected application controls.\" Secondly, According to the case excerpt- \"ZOU Fencing currently uses a sophisticated warehouse management system (the Warehouse K-Series System), which allows the Company to (1) record sales upon shipment of goods out of the warehouse, (2) automatically price fence sales on the basis of standard pricing tables, and (3) generate multiple reports for the evaluation of ZOU Fencing's operations .\" Question 3 (10 points) Revenue Risk 1 Was the team's interim and rollforward planned procedures to test the operating effectiveness of controls appropriate? Question 4 (10 points) Revenue Risk 2 Was the engagement team's assessment of the evaluation of the design of the controls appropriate? Question 5 (10 points) Revenue Risk 2 Was the team's interim and rollforward planned procedures to test the operating effectiveness of controls appropriate? Question 6 (10 points) Revenue Risk 3 Was the engagement team's assessment of the evaluation of the design of the controls appropriate? Question 7 (10 points) Revenue Risk 3 Was the team's interim and rollforward planned procedures to test the operating effectiveness of controls appropriate? Question1 40points Using the Case Materials provided and any available accounting, auditing, systems etc standard as a means to back up your response, please answer the following: What are the key considerations when evaluating the design and testing of the operating effectiveness of internal controls in conjunction with a financial statement audit? Include considerations in determining what additional audit evidence to obtain about controls that were operating during the roll forward period. Answer: Internal control evaluation is meant to review and assess the structure of accountability within the organization. An effective internal control gives assurance regarding the integrity of financial reporting. Fraud can easily be detected through internal controls. Such internal control can help accuracy in financial reporting. The key considerations when evaluating the design and testing of the operating effectiveness of internal control in conjunction with a financial statement audit are 1) the assessment of the existing financial structure. The assessment of existing structure can indicate that the system of internal control is robust enough to avoid the risk of material area error in financial reports. The assessment is also to look at whether the accounting method it is going to use is on the basis of cash or accrual. 2) Segregation of Duties. The auditors must make sure that there is segregation of duties between those handling cash and deposits, approval over spending and disbursement. This is imperative for accountability purposes. The auditors also need to look at the internal policy that identifies someone who signs checks and the number of signatures required in excess of a certain amount. Payment must be approved by a designated person before payment is issued. Monthly statements have to be reconciled to canceled checks. When preparing a payroll, it has to follow appropriate state and federal regulations and the company's policy. 3) A disclosure of any weaknesses in the internal controls must be attached to the financial report at the end of every fiscal year. Management is not allowed to conclude the internal controls of the company if weakness has been detected. 4) Taxes such as Social Security and Medicare paid on each employee must be monitored to make sure they are paid when due. 5) Monitor cash in hand and conduct cash flow analysis frequently. The roll forward period, in accounting, is when people use prior data on assets and liabilities to establish a baseline for a new accounting period. Accountants can use the roll forward to track data through multiple accounting cycles. There are several approaches to carrying over data from a previous accounting period, including just transferring the latest balances or setting an arbitrary date for the data transfer. Accountants must be consistent about the method they use to make sure their records are accurate. In general, roll-forward refers to the period between the interim test date and the fiscal year end. Tests of controls are conducted during the rollforward period. Therefore, the key considerations in determining what additional audit evidence to obtain about controls that were operating during the roll forward period are 1) risk assessment of the roll forward period 2) the length of the roll forward period. The higher the risk or the longer the period, the more evidence we need. Appropriate auditing procedure can be 1) Updating lead schedule and comparing the year-end balance with the corresponding balance at interim. 2) Designing substantive analytical procedures and tests of details. 3) Performing cutoff procedures. Question 2 (10 points) Revenue Risk 1a. Was the engagement team's assessment of the evaluation of the design of the controls appropriate? Answer: Yes. The engagement team shall identify and assess the risks of material misstatement at the financial statement level and the assertion level for classes of transactions, account balances, and disclosures to provide a basis for designing and performing further audit procedures. The engagement team's identification of risk of misstatement is that 1) all orders shipped are not recorded as revenue ( completeness) 2)Revenue is recorded for orders not shipped or fictitious sales( Existence or occurrence) 3) Orders shipped are not recorded accurately to actual quantities shipped and prices per invoice do not reflect approved pricing(Valuation or allocation). Hence, the engagement team's assessment of the evaluation of the design of the controls was appropriate. But in respect of some risks, the auditor may judge that it is not possible or practicable to obtain sufficient appropriate audit evidence only from substantive procedures. Such risks may relate to the inaccurate or incomplete recording of routine and significant classes of transactions or account balances, the characteristics of which often permit highly automated processing with little or no manual intervention. In such cases, the entity's controls over such risks are relevant to the audit and the auditor shall obtain an understanding of them. (Ref: Para. A127-A129). In addition, in my opinion, according to PCAOB Staff views \"Use of information technology (IT). A smaller, less complex company with less complex business processes and centralized accounting operations might have less complex information systems that make greater use of off-the-shelf packaged software without modification. In the areas in which off-the-shelf software is used, the auditor's testing of information technology controls might focus on the application controls built into the prepackaged software that management relies on to achieve its control objectives and the testing of IT general controls might focus on those controls that are important to the effective operation of the selected application controls.\" and ZOU fencing case - \"ZOU Fencing currently uses a sophisticated warehouse management system (the Warehouse K-Series System), which allows the Company to (1) record sales upon shipment of goods out of the warehouse, (2) automatically price fence sales on the basis of standard pricing tables, and (3) generate multiple reports for the evaluation of ZOU Fencing's operations.\Question1 40points Using the Case Materials provided and any available accounting, auditing, systems etc standard as a means to back up your response, please answer the following: What are the key considerations when evaluating the design and testing of the operating effectiveness of internal controls in conjunction with a financial statement audit? Include considerations in determining what additional audit evidence to obtain about controls that were operating during the roll forward period. Answer: Internal control evaluation is meant to review and assess the structure of accountability within the organization. An effective internal control gives assurance regarding the integrity of financial reporting. Fraud can easily be detected through internal controls. Such internal control can help accuracy in financial reporting. The key considerations when evaluating the design and testing of the operating effectiveness of internal control in conjunction with a financial statement audit are 1) the assessment of the existing financial structure. The assessment of existing structure can indicate that the system of internal control is robust enough to avoid the risk of material area error in financial reports. The assessment is also to look at whether the accounting method it is going to use is on the basis of cash or accrual. 2) Segregation of Duties. The auditors must make sure that there is segregation of duties between those handling cash and deposits, approval over spending and disbursement. This is imperative for accountability purposes. The auditors also need to look at the internal policy that identifies someone who signs checks and the number of signatures required in excess of a certain amount. Payment must be approved by a designated person before payment is issued. Monthly statements have to be reconciled to canceled checks. When preparing a payroll, it has to follow appropriate state and federal regulations and the company's policy. 3) A disclosure of any weaknesses in the internal controls must be attached to the financial report at the end of every fiscal year. Management is not allowed to conclude the internal controls of the company if weakness has been detected. 4) Taxes such as Social Security and Medicare paid on each employee must be monitored to make sure they are paid when due. 5) Monitor cash in hand and conduct cash flow analysis frequently. The roll forward period, in accounting, is when people use prior data on assets and liabilities to establish a baseline for a new accounting period. Accountants can use the roll forward to track data through multiple accounting cycles. There are several approaches to carrying over data from a previous accounting period, including just transferring the latest balances or setting an arbitrary date for the data transfer. Accountants must be consistent about the method they use to make sure their records are accurate. In general, roll-forward refers to the period between the interim test date and the fiscal year end. Tests of controls are conducted during the rollforward period. Therefore, the key considerations in determining what additional audit evidence to obtain about controls that were operating during the roll forward period are 1) risk assessment of the roll forward period 2) the length of the roll forward period. The higher the risk or the longer the period, the more evidence we need. Appropriate auditing procedure can be 1) Updating lead schedule and comparing the year-end balance with the corresponding balance at interim. 2) Designing substantive analytical procedures and tests of details. 3) Performing cutoff procedures. Question 2 (10 points) Revenue Risk 1a. Was the engagement team's assessment of the evaluation of the design of the controls appropriate? Answer: Yes. The engagement team shall identify and assess the risks of material misstatement at the financial statement level and the assertion level for classes of transactions, account balances, and disclosures to provide a basis for designing and performing further audit procedures. The engagement team's identification of risk of misstatement is that 1) all orders shipped are not recorded as revenue ( completeness) 2)Revenue is recorded for orders not shipped or fictitious sales( Existence or occurrence) 3) Orders shipped are not recorded accurately to actual quantities shipped and prices per invoice do not reflect approved pricing(Valuation or allocation). Hence, the engagement team's assessment of the evaluation of the design of the controls was appropriate. But in respect of some risks, the auditor may judge that it is not possible or practicable to obtain sufficient appropriate audit evidence only from substantive procedures. Such risks may relate to the inaccurate or incomplete recording of routine and significant classes of transactions or account balances, the characteristics of which often permit highly automated processing with little or no manual intervention. In such cases, the entity's controls over such risks are relevant to the audit and the auditor shall obtain an understanding of them. (Ref: Para. A127-A129). In addition, in my opinion, according to PCAOB Staff views \"Use of information technology (IT). A smaller, less complex company with less complex business processes and centralized accounting operations might have less complex information systems that make greater use of off-the-shelf packaged software without modification. In the areas in which off-the-shelf software is used, the auditor's testing of information technology controls might focus on the application controls built into the prepackaged software that management relies on to achieve its control objectives and the testing of IT general controls might focus on those controls that are important to the effective operation of the selected application controls.\" and ZOU fencing case - \"ZOU Fencing currently uses a sophisticated warehouse management system (the Warehouse K-Series System), which allows the Company to (1) record sales upon shipment of goods out of the warehouse, (2) automatically price fence sales on the basis of standard pricing tables, and (3) generate multiple reports for the evaluation of ZOU Fencing's operations.\Question1 40points Using the Case Materials provided and any available accounting, auditing, systems etc standard as a means to back up your response, please answer the following: What are the key considerations when evaluating the design and testing of the operating effectiveness of internal controls in conjunction with a financial statement audit? Include considerations in determining what additional audit evidence to obtain about controls that were operating during the roll forward period. Answer: Internal control evaluation is meant to review and assess the structure of accountability within the organization. An effective internal control gives assurance regarding the integrity of financial reporting. Fraud can easily be detected through internal controls. Such internal control can help accuracy in financial reporting. The key considerations when evaluating the design and testing of the operating effectiveness of internal control in conjunction with a financial statement audit are 1) the assessment of the existing financial structure. The assessment of existing structure can indicate that the system of internal control is robust enough to avoid the risk of material area error in financial reports. The assessment is also to look at whether the accounting method it is going to use is on the basis of cash or accrual. 2) Segregation of Duties. The auditors must make sure that there is segregation of duties between those handling cash and deposits, approval over spending and disbursement. This is imperative for accountability purposes. The auditors also need to look at the internal policy that identifies someone who signs checks and the number of signatures required in excess of a certain amount. Payment must be approved by a designated person before payment is issued. Monthly statements have to be reconciled to canceled checks. When preparing a payroll, it has to follow appropriate state and federal regulations and the company's policy. 3) A disclosure of any weaknesses in the internal controls must be attached to the financial report at the end of every fiscal year. Management is not allowed to conclude the internal controls of the company if weakness has been detected. 4) Taxes such as Social Security and Medicare paid on each employee must be monitored to make sure they are paid when due. 5) Monitor cash in hand and conduct cash flow analysis frequently. The roll forward period, in accounting, is when people use prior data on assets and liabilities to establish a baseline for a new accounting period. Accountants can use the roll forward to track data through multiple accounting cycles. There are several approaches to carrying over data from a previous accounting period, including just transferring the latest balances or setting an arbitrary date for the data transfer. Accountants must be consistent about the method they use to make sure their records are accurate. In general, roll-forward refers to the period between the interim test date and the fiscal year end. Tests of controls are conducted during the roll-forward period. Therefore, the key considerations in determining what additional audit evidence to obtain about controls that were operating during the roll forward period are 1) risk assessment of the roll forward period 2) the length of the roll forward period. The higher the risk or the longer the period, the more evidence we need. Appropriate auditing procedure can be 1) Updating lead schedule and comparing the year-end balance with the corresponding balance at interim. 2) Designing substantive analytical procedures and tests of details. 3) Performing cutoff procedures. Question 2 (10 points) Revenue Risk 1a. Was the engagement team's assessment of the evaluation of the design of the controls appropriate? Answer: Yes. The engagement team shall identify and assess the risks of material misstatement at the financial statement level and the assertion level for classes of transactions, account balances, and disclosures to provide a basis for designing and performing further audit procedures. The engagement team's identification of risk of misstatement is that 1) all orders shipped are not recorded as revenue ( completeness) 2)Revenue is recorded for orders not shipped or fictitious sales( Existence or occurrence) 3) Orders shipped are not recorded accurately to actual quantities shipped and prices per invoice do not reflect approved pricing(Valuation or allocation). Hence, the engagement team's assessment of the evaluation of the design of the controls was appropriate. But in respect of some risks, the auditor may judge that it is not possible or practicable to obtain sufficient appropriate audit evidence only from substantive procedures. Such risks may relate to the inaccurate or incomplete recording of routine and significant classes of transactions or account balances, the characteristics of which often permit highly automated processing with little or no manual intervention. In such cases, the entity's controls over such risks are relevant to the audit and the auditor shall obtain an understanding of them. (Ref: Para. A127-A129). In addition, in my opinion, according to PCAOB Staff views \"Use of information technology (IT). A smaller, less complex company with less complex business processes and centralized accounting operations might have less complex information systems that make greater use of offthe-shelf packaged software without modification. In the areas in which off-the-shelf software is used, the auditor's testing of information technology controls might focus on the application controls built into the pre-packaged software that management relies on to achieve its control objectives and the testing of IT general controls might focus on those controls that are important to the effective operation of the selected application controls.\" and ZOU fencing case - \"ZOU Fencing currently uses a sophisticated warehouse management system (the Warehouse K-Series System), which allows the Company to (1) record sales upon shipment of goods out of the warehouse, (2) automatically price fence sales on the basis of standard pricing tables, and (3) generate multiple reports for the evaluation of ZOU Fencing's operations.\