hello, am working on a paper and need help making some adjustments. For the audit sample, this was the feedback from the professor: Your risk analysis was OK, but weak at best - Although you did mention briefly the PCAOB and SOX, you really did not discuss how they both changed the auditing profession. Additionally, your audit plan really was not a plan at all but merely a couple of sentences. You did not tell the reader what and how you were going to accomplish

ACC 700 Milestone Two Guidelines and Rubric The second milestone is a rough draft of the second artifact for your professional portfolio, a sample audit. The sample audit will consist of three main parts: the business risk analysis, the sample audit program, and the report of recommendations. This will be graded using the rubric at the end of this document and is an opportunity for you to organize your thoughts and receive feedback from your instructor for the final submission. Note that the submission guidelines for this milestone are less demanding than those for the final submission. Once you have submitted this milestone and received feedback from your instructor, it is up to you to incorporate this feedback and complete the artifact by meeting the submission requirements found in the Final Project Guidelines and Rubric document. Newham Company Information Newham Company is a publicly traded company operating in the \"personal product\" industry. Newham manufactures cosmetic and body-care products. These products are sold to large department chain stores, such as Target and Walmart, to be sold and distributed to the final consumer. Competitors include Revlon, Inc. (REV - NYSE) and Avon Products, Inc. (AVP - NYSE). Newham Company has experienced steady growth over the past several years. Recently, there has been a change in executive management, including the CEO and CFO. The change was sparked by questionable bonus payments that were paid to the executive management team based on the company's performance. In addition, a recent lawsuit has been filed based on claims that a new product was not properly advertised, leading many customers to experience allergic reactions. Sales and Accounts Receivable A sample of weekly sales invoices shall be analyzed from the sales report by product category. All sales are on account. Sales are classified into four product categories: cosmetics, skin care, fragrance, and personal care. Charges to customer accounts should be dated with the date of shipment. Sales invoices are prepared in batches on a daily basis using numbered sales invoices. Sales invoice numbers are automatically generated by the company's computer system. The accounts receivable clerk does not have appropriate computer rights to override the computer-generated invoice number. Upon preparing sales invoices, the accounts receivable clerk verifies that the first invoice number of the batch is consistent with the last invoice number of the previous batch. Inconsistencies or skipped sales invoice numbers are investigated and resolved before new sales invoices are prepared. The items shipped are compared to the items billed for proper quantity, price, and other sales order terms. The accounting department supervisor compares and reconciles a copy of the daily sales invoice batch report to the daily accounts posting report indicating the individual accounts. The daily account posting report is prepared and sent by the accounts receivable department. Discrepancies are investigated and resolved to help assure that the customer subsidiary accounts are posted for the same total amount posted to the control account. At the end of each month, the total of the trial balance of customer account balances (prepared by the accounts receivable department) are reconciled to the general ledger control account by the accounting department supervisor. Sales invoice batches are dated with the date of shipment, and totals of each batches are accumulated each month and recorded in the accounts receivable control and sales revenue accounts. The accounting department supervisor approves all monthly summary entries before posting to the general ledger. The controller approves all cash refunds and allowance credit memos for sales returns, after initiation by customer service. Cash Management The monthly bank statements are mailed to the controller's office. Duplicate deposit slips are retained and used when bank deposits are made, the cash receipts journal listing, and the cash disbursements listing to reconcile the general bank accounts. The payroll bank account is also reconciled, utilizing the payroll register retained by the controller's office. The assistant controller oversees all cash management and activity, including the performance of the bank account reconciliation for each bank account held by the company. The assistant controller compares the cash receipts journal and daily deposit records with the bank deposits and duplicate deposit slips during the bank account reconciliation. Internal auditors will randomly review the bank account reconciliations. Cash Receipts and Accounts Receivable Processing All cash receipts from customers related to sales are credited to accounts receivable individual and control accounts. Cash receipts are received by mail and opened by the office secretary. The office secretary prepares the cash receipt listing and daily deposit. A copy of the cash receipt listing and duplicate deposit slip is sent to the controller's office. Another copy of the cash receipt listing and the remittance advice are sent to the accounts receivable clerk for posting. The accounts receivable department posts credits to individual customer accounts, dating the entries with the date of the remittance advice and cash receipt listing received. Statements of accounts receivable balances are mailed to customers each month by the accounts receivable accounting department. Customers' reports of disputes or differences shall be handled by customer service. Cash Disbursements All disbursements are made by check, signed by the controller. Artifact Two: Sample Audit Program Your second portfolio artifact will be the professional audit program based on PCAOB audit standards that you create for Newham, an influential client at S.N.H.U, LLC. Make sure to incorporate the feedback you receive from your instructor while developing this audit program. The following sections should be included: Business Risk Analysis: Identifying risk in an organization and the environment in which it operates is the first step in approaching a potential audit and designing an effective audit program. To analyze business risk, you must: o o o o Gain an understanding of Newham Investigate the industry in which Newham operates Analyze and assess the risk, including fraud, involved in the company and industry Identify the relevant PCAOB audit standards and address their relevance to the Newham audit risk assessment Sample Audit Program: An audit program involves compiling a list (program) of procedures for the auditors to perform in order to obtain evidence and reasonable assurance that internal controls are operating properly and thus producing accurate financial statements. To compile a sample audit program, you have been provided with tests of control in revenue and inventory. You must identify the relevant PCAOB audit standards and address their relevance to the Newham audit program. Include other elements as applicable to Newham. Report of Recommendations: Based on an auditor's experiences and knowledge of accounting, finance, and common errors or pitfalls, it is common for an auditor to provide recommendations. The sample audit program addressed here is merely a small sample, not a comprehensive program. Thus, recommendations for further risk analysis, sample methods, and other concerns should be offered. In your report of recommendations to the head of the new audit team, include the following sections: o o o o Explanation of findings in the risk analysis Sarbanes-Oxley concerns or requirements Recommendations on appropriate sampling methods Recommendations for preparation and success in the external audit Guidelines for Submission: Your paper must be submitted as a two- to three-page Microsoft Word document with double spacing, 12-point Times New Roman font, one-inch margins, and at least three sources cited in APA format. Round all answers up to the nearest dollar value in any calculations. Note that this milestone is a rough draft and the submission guidelines are different for the final project. The final paper will be four to five pages in length with at least seven sources. Refer to the submission guidelines in the Final Project Guidelines and Rubric document. Instructor Feedback: This activity uses an integrated rubric in Blackboard. Students can view instructor feedback in the Grade Center. For more information, review these instructions. Critical Elements Business Risk Analysis Sample Audit Program Report of Recommendations Articulation of Response Proficient (100%) Identifies risk in the organization and the environment in which it operates; clearly shows an understanding of Newham and the industry; assesses risk and identifies any relevant PCAOB audit standards Identifies the relevant PCAOB audit standards and addresses their relevance to the Newham audit program Provides recommendations as to explanation of findings, Sarbanes-Oxley concerns, appropriate sampling methods, and the external audit Submission has no major errors related to citations, grammar, spelling, syntax, or organization Not Proficient (0%) Does not identify risk in the organization or the environment in which it operates; does not show an understanding of Newham or the industry; does not assess risk or identify any relevant PCAOB audit standards Does not identify the relevant PCAOB audit standards or address their relevance to the Newham audit program Does not provide recommendations as to explanation of findings, Sarbanes-Oxley concerns, appropriate sampling methods, and the external audit Submission has critical errors related to citations, grammar, spelling, syntax, or organization that prevent understanding of ideas Earned Total Value 30 30 30 10 100% RUNNING HEAD: Sample Audit Program 1 Introduction This paper analyzes business risks facing Newham Company which is a publicly traded company operating in the personal product industry. Business risks in Newham could result from frauds such as embezzlement and misappropriation of the company's funds. It could also result from non-compliance to the policies in the industry, management risk and safety risks. The paper also presents an audit program for the company and recommendations on audit procedures that can help in risk identification and assessment. Business Risk Analysis There is the risk of fraud; this is risk that the staff may deliberately manipulate the financial accounts such as cash for unlawful gain. Exposure to the fraud risks can include misappropriation of the company's assets, corruption and fraudulent financial statements. The employees may collude to carry out frauds in the Newham Company which can be detrimental to the financial position (Arens, 2012). Management risks include the risks that the management may not be acting in the best interest of the shareholders but rather they may be acting in their own interest. Change in the management in Newham Company was sparked by the questionable bonus payments that were paid to the executive team. This shows that the executive members in this organization may be using their power to award themselves excess bonuses at the expense of the shareholders. Safety risk includes risks where Newham Company may be posing health hazards to the customers. There has been a law suit that has been filed due to a product that was in appropriately advertised and consequently caused allergic reactions on many customers. Risk of misrepresentation is whereby financial statements may be understated or overstated of the financial figures (Arens, 2012). Compliance risks entail a situation where Newham may not be following the stipulated regulations. For example, the company may not be following the policies rules and laws of advertising. This may have led to false advertising that made the company customers experience allergic reactions. Sample Audit Program 2 Sample Audit Program The objective of the audit is to appropriately identify and assess any risk of material misstatement. The audit is also to help provide a basis in designing and in the implementation of response to the risk of material misstatement. The audit in this case will help in assessing the risk of material statements (PCAOB). Competence is required in the audit for risk assessing. The procedures to be performed have to be sufficient so as to provide a reasonable basis for identifying any material misstatements. The auditor has to obtain an understanding of the company and its environment (Allen, 2011). The risk assessment procedures have to apply for both the audit and for the internal in the audit of the financial statements. For the significant risks, substantive have to be performed Due professional care has to be exercised and it is important to exercise professional skepticism. Professional skepticism is an attitude that helps to question the mind and in case can help in the critical assessment of the appropriateness of and sufficiency of the of audit evidence. Fraud risk needs professional skepticism to gather and evaluate evidence (Allen, 2011). Further, the objective of the audit is to perform risk analysis and asses any risks in the company that may have caused material statement in the financial statement. Also, the audit seeks to examine the compliance risks and safety risks in the company. Procedures Establishing the materiality levels to establish errors. Checking whether the sales invoices have been entered well in accounts receivable ledger to establish any errors and frauds Sample Audit Program 3 Report of Recommendations Newham Company approach to Sarbanes-Oxley risk assessment has to encompass assessment of the completeness and accuracy of transactions as they are entered into. Also risks associated with the segregation of duties, confidentiality and integrity of financial data have to be looked into (Sarbanes-Oxley). For better risk analysis, external audit can include sampling methods that can be utilized to help in the identification of risks. Sampling method entails the application of compliance and substantive procedures for further risk identification. Sampling can also help in identifying and evaluating evidence of any misappropriation and any non-compliance (Romano, 2004). Sampling can be used in compliance tests to evaluate the controls in determining whether they are in place and whether they are working. For example, the tests can be performed on the information system to evaluate the outcome of the control. A test can also be performed on the invoices to ensure that they are appropriately prenumbered and all are accounted for. Sample Audit Program 4 References Allen. (2011). Auditor risk assessment: Insights from the academic literature. Accounting Horizons, 20(2), 157-177. Arens. (2012). Auditing and assurance services. an integrated approach. Boston: Prentice Hall. Romano. (2004). The Sarbanes-Oxley Act and the making of quack corporate governance. Running head: Sample Audit Program 1 Sample Audit Program Student Name Institution Sample Audit Program 2 Introduction Newham Company is publicly traded company operating in the personal product industry. The company produces cosmetic and body care products. Newham Company sells its products to large department chain stores such as Wal-Mart and Target that then sell to final consumers. The competitors of the company include Revlon Inc. and Avon products Inc. the company had a constant growth over the past years. However, there has been change in executive management, including the CEO and CFO. The change was sparked by questionable bonus payment that was paid to the executive management team based on the company performance. Consequently, a lawsuit was filed in the claim that new product was not properly advertised, leading to many customers to experience allergic reactions. Business risk analysis Business risks are inevitable part of the business. From the financial risks such as investments, new market competition, unwelcome threats in the business world. Therefore, the management need to equip the business with risk management strategies to be ready to meet risks and fight them with minimal disruptions of the business operations. The business risks for the Newham Company comes in many forms and it is important to consider different types of risks in order to properly assess the ones that greatly impact the business operations. Therefore, Newham Company need to create a list of the identified business risks helps the company to organise risks assessment. First in considering the business internal environment, the following risks will be looked at relating to the Newham Company: financial, marketing, operational, strategic and work force risks. Second, external business environments consider the changing economy, new market competition and natural disasters (Francis, 2011). However, some business risks are not easily noticeable and therefore, the identification process needs to be carried carefully. We are considering the business risks for each business function in Newham Company. Therefore, we are evaluating each business functions in regards to the effects that would occur if the function were interrupted, unavailable or significantly changed. Therefore we are going to consider: The types of events that may adversely impact the business function The upside and downside of failure scenarios for each business function. Also need to review the alternatives for each risk identified. Business risks considering in each department 1. Safety Potential for human loss of life or injury Potential for major incident or accident such as fire, explosion, spill or release Environment damage Office or facility security 2. Revenues Loss of customer base Recoverable monetary loss Lost opportunity in time to market Unrecoverable monetary loss Sample Audit Program 3 3. Costs Costs incurred due to problems that could have been prevented Costs due to lost discounts, increased warehousing space, vendor changes Legal defence costs 4. Legal Regulatory compliance failures Results or actions that could justify legal actions against the company(litigation) 5. Related exposure Loss of customer Loss of goodwill Loss of shareholders confidence Loss of reputation or public image or investor confidence 6. Security breaches System breaches causing lost data System breaches causing loss of capital Physical security breaches Audit program General items 1. Get relevant financial information Monthly financial reports Charts of accounts listing End year trial balance report CARL system quarterly report 2. Review relevant financial information for any unique or unusual items relating to the field. 3. Review previous internal auditors and obtain their findings: 4. Review the internal control questionnaire: What are the field perceived internal control strengths? Are there any weaknesses that require additional audit testing? 5. Get a copy of the field accounting policy manual if available in the company Cash 1. Get the information from the field treasurer about the procedures for receiving and disbursement of cash. Sources of cash Frequency of deposits Sample Audit Program 4 Who makes the deposits The level of cash received The nature of documentation of expenditures such as check requests, invoices, agreements. Authorization procedures 2. Examine whether the level of cash held in the field and in the office is appropriate 3. for petty cash funds Is the company maintaining an accurate petty cash voucher? The internal auditor needs to know whether Physical cash counts are conducted routinely by people who are not direct custodian of petty cash funds. Also are the physical cash reconciled with the petty cash voucher and are all variances explained. Finally, are the physical cash counts documented by those people who performed the counts and reconcile these counts against the petty cash voucher (Trotman & Wright, 2012). 4 for field checking accounts Determine the number of signatures required on each check Examine the process by which cash is received for mission operations Get bank statements for each bank account Determine the timing and frequency of the preparation of bank reconciliations and know who does the reconciliation Summarize listings of deposits from the bank statements and reconcile the amounts with reported home office transfers and the other sources of income reflected on the field financial reports. Get the test of accuracy and bank reconciliations Verify whether second party reviews bank reconciliations monthly. The examinations need to be documented with a date of examination and a signature of the second party. Expenditures 1. Through the review of the check registers for the prior periods, months, select a sample of checks and review the following: Cancelled checks for the agreement of endorsement, payee, amount Supporting invoices for agreement of description, amount, and date and account classification. Proper authorization in accordance with the agency policy 2. Evaluate the check register for the prior moths and concentrate on the unusual items such as large amounts, payments to staff, payment to field treasurer/director related persons, payments to banks, payments to individuals (Johnson, Iacob, Vlja, van Sinderen, Magnusson & Ladhe, 2013). 3. In case of any travel advances, be concerned with the reimbursement with the field treasurer and determine whether the documentation includes the person incurred expenses, purpose, date, place and reason for incurring the expenses. Sample Audit Program 5 Revenues In connection with the proper evaluation of deposits in the cash area, reconcile all the deposits to the receipts recorded on relevant financial reports. The internal auditor must independently confirm with the home offices and other funding sources the amount and date of fund transfers. Therefore, the report must reconcile with the revenue reported in the field. Finally, confirm the nature of the sources of receipts and any unusual recording procedures and the entries (Vasarhelyi, Alles, Kuenkaikaew & Littley, 2012). From that audit program, the following audit procedures will be followed regarding the trial balances: Confirm selected banks accounts and any other special arrangements: this will help on confirmation for the purpose of getting moderate to low level of assurance. In any internal auditing, the audit objectives are the risks that cash may not exist and cash transactions may not be recorded accurately. Review confirmation replies: therefore, for confirmations returned, agree with the account information and account balance to comparatively summary. Second, investigate the discrepancies reported and questions raised in review and evaluate whether the adjustments are necessary (Vona, 2012). Report of recommendation Basing on our audit and experiences, we have come up with the following recommendations basing on further risk analysis, sample methods and other major concerns. The company need to list and prioritise the business functions that require contingency planning. The activities provide a means to determine the order to develop the contingency plans for all the business functions. First, managers need to rate all failures scenarios for all the business functions and pre-emptive planning items. Second, the managers should make the items with a threat to the top priority and rank the remaining items by combining their risks totals (summing up all the risks values in each business function). Then perform a reality check on the prioritized lists. This need to be done for the risk of higher cost or loss of revenues since they may be more critical to business than litigation costs due to businesses poor liquidity (Alali & Yeh, 2012). The company need to manage the identified risks as being part of the operational management practices: there are many vicissitudes that takes place due to strategic, daily operations and the compliance projects. Therefore, the company should ensure that new risks are not incurred by reviewing change to determine if it increases or eliminate the risks. Thus, the manager need to revise the information recorded for the business function and adjust contingency planning accordingly (Sadgrove, 2015). Management of the company need to use continuous audit procedures that will assist in determining if controls are effective and the information produced for decision making are relevant and reliable. The continuous auditing ensures that errors and fraud are minimised. It also ensures that operational efficiency is increased and bottom line results are improved through a permutation of cost savings and reduction in overpayments. In this case, internal auditors are required to address end to end business process and internal controls that are present in the business activities (Budescu, Peecher & Solomon, 2012). Management of the company needs to install new technology in their system that will make it easier to access data. Technology will also give computing power and this makes real time analysis feasible. This will ensure that information to be audited is generated by reliable systems. This will result to an effective connection between the Sample Audit Program 6 auditors system and that of the audited company. To be able to overcome the business risks, the internal auditors must understand the business functions well before determining the appropriate analytical techniques and identifying the potential risk and key control points. We also recommend on security and maintenance of the work document files. The work documents need to be maintained for at least 6 years from the date of publication of the final report. Files need to be protected and ensure that only staff members with relevant authorities' will have access to the documents. Conclusion To conclude, following the procedures used in the auditing of the Newham Company, we randomly selected a sample of 216 transactions across the year within which 18 from each calendar month. The auditors found all the invoices in the sample and none was missing. Finally, all the invoices were properly posted to the general ledger sales and account receivables control accounts, and each was posted to the rights customers' individual account. Sample Audit Program 7 References Alali, F. A., & Yeh, C. L. (2012). Cloud computing: Overview and risk analysis. Journal of Information Systems, 26(2), 13-33. Budescu, D. V., Peecher, M. E., & Solomon, I. (2012). The joint influence of the extent and nature of audit evidence, materiality thresholds, and misstatement type on achieved audit risk. Auditing: A Journal of Practice & Theory, 31(2), 19-41. Francis, J. R. (2011). A framework for understanding and researching audit quality. Auditing: A journal of practice & theory, 30(2), 125-152. Johnson, P., Iacob, M. E., Vlja, M., van Sinderen, M., Magnusson, C., & Ladhe, T. (2013). Business model risk analysis: predicting the probability of business network profitability. In Enterprise Interoperability (pp. 118-130). Springer Berlin Heidelberg. Sadgrove, M. K. (2015). The complete guide to business risk management. Ashgate Publishing, Ltd.. Trotman, K. T., & Wright, W. F. (2012). Triangulation of audit evidence in fraud risk assessments. Accounting, Organizations and Society, 37(1), 41-53. Vasarhelyi, M. A., Alles, M., Kuenkaikaew, S., & Littley, J. (2012). The acceptance and adoption of continuous auditing by internal auditors: A micro analysis. International Journal of Accounting Information Systems, 13(3), 267-281. Vona, L. W. (2012). Fraud risk assessment: building a fraud audit program. John Wiley & Sons