Question

1 Approved Answer

Posted on Jul 22, 2024

CASE 2 Consider the following facts. During its assessment of the accounts payable depart- ment, the internal audit function identified the following observations: Inadequate segregation

CASE 2 Consider the following facts. During its assessment of the accounts payable depart- ment, the internal audit function identified the following observations: Inadequate segregation of duties over certain informa- tion system access controls. Potential loss exposure of $45 million. Several instances of transactions that were not prop- erly recorded in subsidiary ledgers. Transactions were not material, either individually or in the aggregate. Potential loss exposure of $60 million. A lack of timely reconciliations of the account balances affected by the improperly recorded transactions. Potential loss exposure of $25 million. Based on the context in which the observations occur, management and the internal audit function agree on the potential loss exposure represented by these observations individually. The organization has a risk management function that, together with the independent outside auditor, has deter- mined that an amount less than $20 million is insignif- icant in impact and that an amount greater than $80 million is material in impact. Based only on these facts, determine the COSO objec- tive category affected by each observation, classify each observation in terms of its design adequacy and operat- ing effectiveness, determine the impact and likelihood for each observation, and assess whether each observa- tion is insignificant, significant, or material. After that has been done, outline the next steps an internal audit function should take and the ramifications of the overall conclusion, including how and to whom communication should be made. CASE 2 Consider the following facts. During its assessment of the accounts payable depart- ment, the internal audit function identified the following observations: Inadequate segregation of duties over certain informa- tion system access controls. Potential loss exposure of $45 million. Several instances of transactions that were not prop- erly recorded in subsidiary ledgers. Transactions were not material, either individually or in the aggregate. Potential loss exposure of $60 million. A lack of timely reconciliations of the account balances affected by the improperly recorded transactions. Potential loss exposure of $25 million. Based on the context in which the observations occur, management and the internal audit function agree on the potential loss exposure represented by these observations individually. The organization has a risk management function that, together with the independent outside auditor, has deter- mined that an amount less than $20 million is insignif- icant in impact and that an amount greater than $80 million is material in impact. Based only on these facts, determine the COSO objec- tive category affected by each observation, classify each observation in terms of its design adequacy and operat- ing effectiveness, determine the impact and likelihood for each observation, and assess whether each observa- tion is insignificant, significant, or material. After that has been done, outline the next steps an internal audit function should take and the ramifications of the overall conclusion, including how and to whom communication should be made