RISK-BASED AUDIT APPROACH ROADMAP

Phase 1-Risk Phase 2 - Risk Phase 3-Conclusion &

Assessment Response Reporting
Preliminary Planning Responding Determining
Completing the audit and
Engagement the to Assessed the Extent of
considering the post-audit
Activities Audit Risks Testing responsibilities

Determining Understanding Considering Considering

Completing the audit and
Materiality the Entity & Fraud, Error work of other
considering the post-audit
its environment NOCLAR auditor responsibilities

Understanding Identifying & Considering Considering

Performing and Reporting
Engagement Assessing Effect of certain
on Specialized Audit
Activities ROMM IT Specific items Engagements

Professional Judgment and Professional Skepticism

Audit Evidence and Documentation
 AUDITOR’S RESPONSE TO PSA 330
ASSESSED RISK
AUDITOR’S RESPONSIBILITY TO
CONSIDER FRAUD IN THE AUDIT OF F/S PSA 240
CONSIDERATIONS OF LAWS & PSA 250
REGULATIONS IN THE AUDIT OF F/S

Analytical Procedures PSA 520

RELATED PARTIES PSA 550
Use of Accounting Estimates PSA 540
COMMUNICATIONS WITH TCWG PSA260
PSA 500 AUDIT EVIDENCE
501 ADDT’L CONSIDERATIONS
505 EXTERNAL CONFIRMATION
PSA 530 AUDIT SAMPLING
PSA 610 USING THE WORK OF I As
620 AUDITOR’S EXPERTs WORK
AUDITING IN A COMPUTERIZED
ENVIROMENT
 To prove
To evaluate occurrence
the fairness & extent of
of F/S fraud

100%
Examination
Combination of
100%, specific, Investigative
test sampling report
Assurance
Report
Responsibility of Auditor
Obtain reasonable assurance that the
financial statements taken as a whole are
free from material misstatement, whether
caused by fraud or error.

Planning
Consider the
Phase
Effect on the
Testing Completion Auditor’s
Phase Phase Report
 Responsibility of Auditor p. 6
The auditor’s ability to detect a fraud depends on
factors such as:

(a) the skillfulness of the perpetrator,

(b) the frequency and extent of manipulation,
(c) the degree of collusion involved,
(d) the relative size of individual amounts
manipulated, and
(e) the seniority of those individuals involved.
PSA 240 Section 10

Objectives of the Auditor are:

(a)To identify and assess the risks of material

misstatement of the financial statements due to fraud;
(b)To obtain sufficient appropriate audit evidence about
the assessed risks of material misstatement due to
fraud, through designing and implementing
appropriate responses; and
(c) To respond appropriately to identified or suspected
fraud.
 PSA 240 Section 11
For purposes of the PSAs, the following terms have the
meanings attributed below:

1. Fraud – An intentional act by one or more individuals

among management, those charged with governance,
employees, or third parties, involving the use of deception
to obtain an unjust or illegal advantage.

1. Fraud risk factors – Events or conditions that indicate an

incentive or pressure to commit fraud or provide an
opportunity to commit fraud.
Paragraphs 17-19
US President
Ronald Reagan
when discussing
relations with the
Soviet Union.
Creating a Control Environment
What is fraud?
Fraud occurs when:
•An individual or organization intentionally makes untrue
representation about an important fact or event;
•The untrue representation is believed by the victim;
•The victim relies and acts upon the true representations,
and
•The victim suffers loss of money and/or property as a
result of relying upon and acting upon the untrue
representation.
Motive or

Attitude or
 OPPORTUNITY
-Environmental factors
-Victim characteristics

CAPABILITY
MOTIVATION -Knowledge about
- Financial Pressure FRAUD corporate governance/
- Monetary Gain QUADRANGLE economic institutions
- Achievement - Ability to manipulate
DIAMOND
- Manipulation others
-Technical knowledge to
steal victim identities
RATIONALIZATION or exploit software
-Belief that violating weaknesses
rules is acceptable
-Disdain or lack of
respect for others
Why do people commit fraud?

Because they can…

Pressure on Perpetrators
•Undue family/peer pressure to succeed
•Living beyond means or expensive habits
•High personal debt/poor credit rating
•Little recognition for job performance
•Believe pay is too low
•Greed
Why do people commit fraud?

Because they can…

Opportunities
•Placing too much trust in key employees
•No separation of authorization of transactions
from custody of related assets (segregation of duties)
•Lack of independent checks on performance
•Operating on crisis basis
•Failure to discipline violators of company/lack of
company’s policy
Why do people commit fraud?

Rationalization
•I need it more than the organization
•I’m only temporarily borrowing it
•Nobody will get hurt Because they
•It’s for a good purpose can…
•This is what it takes to be successful.
•I was told to do it.
•The boss does it.
•Everybody does it.
•There are no sanctions for violators.
Why do people commit fraud?
Because they can…
Capability
Personal traits & abilities that play a major role in whether
fraud will actually occur or even if the other 3 elements are
not present
The person must have the capability to recognize the open
doorway as an opportunity and to take advantage of it by
walking through, not just one, but time and time again.
So the critical question is, Who could turn an opportunity
for fraud into reality?
Consider this in fraud risk assessment
 In planning the audit, the auditor
should assess the risk that fraud
and error may cause the financial
statements to contain material
misstatements and should
inquire from management as to
any fraud or significant error
which has been discovered.

In addition to weaknesses in the design of the accounting and

internal control systems and non-compliance with identified
internal controls, conditions or events which increase the
likelihood or existence of risk and error.
ERROR

Unintentional misstatements or omissions in F/S including

the omission of an amount or disclosure, such as:

-Mathematical or clerical mistakes in records, gathering &

processing data
-Incorrect accounting estimate due to oversight or mis-
interpretation of facts
-Mistake in application of accounting principles
TYPES OF FRAUD
Embezzlement – theft of funds placed in one’s trust or care
Larceny – involves theft of personal property
Forgery – act of forging or producing a copy of a document,
signature, etc
Bribery – persuading someone to act in one’s favor illegally by a gift
Extortion (blackmail) – obtaining something through force or threats
Conspiracy (collusion) – agreement between 2 or more people
who commit a crime
Earnings management – use of accounting to enhance financial
performance
Income smoothing – a form of earnings management in which
revenues & expenses are shifted between periods to
reduce fluctuations in earnings
 I. Risk Factors Relating to Misstatement Arising
I.A.
from Fraudulent Financial Reporting
INCENTIVES/PRESSURES
1. Threatened financial stability or profitability brought about
by economic, industry or entity operating conditions.

2. Excessive pressure from management to meet the

requirements or expectations of 3rd parties.

3. Threatened personal financial situation of management or

those charged with governance relative to the entity’s
financial performance.
I.B. OPPORTUNITIES
1. Nature of the industry or the entity’s
operations provides opportunities to
engage in fraudulent financial reporting.
2. Ineffective monitoring of management
3. Complex & unstable organizational
structure

4. Deficiency in internal control components

I. C. ATTITUDES and RATIONALIZATION
1. Communication, implementation, support or enforcement of
the entity’s values or ethical standards by management, or the
communication of inappropriate values or ethical standards ,
that are not effective.
2. Non-financial management’s excessive participation in or
preoccupation with the selection of accounting policies or the
determination of significant estimates.
3. Known history of violations of securities laws or other laws
and regulations or claims against the entity, its senior
management, or those charged with governance alleging fraud,
or violations of laws or regulations.
I.C. ATTITUDES and RATIONALIZATION

4 Excessive interest by management in maintaining or

increasing the entity’s stock price or earnings trend.
5 The practice by management of committing to analysts,
creditors, & other 3rd parties to achieve aggressive or
unrealistic forecasts.
6 Management failing to correct known material weaknesses in
internal control on a timely basis.
7 An interest by management in employing inappropriate means
to minimize reported earnings for tax-motivated reasons.
8 Low morale among senior management.
I. C. ATTITUDES and RATIONALIZATION

9 The owner-manager makes no distinction between

personal and business transactions.
10 Dispute between shareholders in a closely held
entity.
11 Recurring attempts by management to justify
marginal or inappropriate accounting on the basis
of materiality.
12 The relationship between management and the
current or predecessor auditor is strained.
 II. Risk Factors Arising from Misstatements from
Misappropriation of Assets
II.A. INCENTIVES/PRESSURES
1. Personal financial obligations may create
pressure on management or employees with
access to cash or other assets susceptible to
theft to misappropriate those assets.

2. Adverse relationships between the entity and

employees with access to cash or other assets
susceptibel to theft may motivate theose
employees to misappropriate those assts.
II.B. OPPORTUNITIES
1. Certain characteristics or circumstances
may increase the susceptibility of assets
to misappropriation.

2. Inadequate internal control over assets

may increase the susceptibility of
misappropriation of those assets.
II. C. ATTITUDES and RATIONALIZATION
1. Disregard for the need for monitoring or reducing risks
related to misappropriation of assets.
2. Disregard for internal control over misappropriation of
assets by overriding existing controls or by failing to
correct known internal control deficiencies.
3. Behavior indicating displeasure or dissatisfation with
the entity or its treatment of the employee.
4. Changes in behavior or lifestyle that may indicate
assets have been misappropriated.
5. Tolerance of petty theft.
TYPES OF ERRORS & IRREGULARITIES IN THE TRANSACTION
CYCLES OF THE BUSINESS ENTITY & AUDITOR’S RESPONSIBILITY

1. Errors in
sales &
collections

2. Frauds in
Sales &
Collections
I. SALES and Collections Cycle
Frauds in Sales & Collections
a) Fraudulent Financial Reporting
- Fictitious sales
Errors in sales and collections
- Recording 2x
Mechanical errors - Improper cut off
- wrong piece/quantity - Operating leases as sales
- Revenue deferral
- Deposits/consignments as sales
- recording sales in
b) Misappropriation of Assets:
wrong period (cutoff errors) Withholding Cash Receipts
- bookkeeper’s failure to understand - Skimming (theft of cash)
proper accounting for a - Lapping (altering A/R)
transaction - Kiting (forging checks)
II. ACQUISITIONS and Payments Cycle

1. Errors in the
Acquisitions and
Payments Cycle

2. Frauds in the
Acquisitions and
Payments Cycle
II. ACQUISITIONS and Payments Cycle

Errors in the Acquisitions and Frauds in the Acquisitions and

Payments Cycle Payments Cycle

•Failing to record a purchase •Paying for fictitious purchases

•Failing to record cash payment
•Failing to record prepaid as assets •Receiving kickbacks
•Recording 2x •Purchasing goods for personal
•Cutoff errors
•Consignment as purchases use
•Misclassifying purchases of assets
as expenses
III. PAYROLL and PERSONNEL Cycle

1. Errors

2. Frauds
involving
Payroll
 III. PAYROLL and PERSONNEL Cycle
1. Errors
•Paying employees at the wrong
rate
•Paying employees for more
hours than they worked
•Charging payroll expense to the
wrong accounts
•Keeping terminated employees
on the payroll
2. Frauds involving Payroll
• Fictitious Employees
• Excess Payments to
Employees
• Failure to Record Payroll
• Inappropriate Assignment
of Labor Costs to
Inventory
 IV. INVENTORY WAREHOUSING

1. Errors 2. Frauds involving Inventory

•Affecting inventory • Inventory theft – appropriating

– cut-off errors inventory for personal use or
- failure to include items in unauthorized sale
inventory
- mechanical errors (wrong
• Overstatement of Inventory

price & quantity) - putting filler goods

- adding significant amount
Factors that increase inherent
ROMM of investments are as follows:

1. Economic conditions
2. Changes occurring in the industry
– affects entity’s ability to use its
fixed assets
3. Degree of obsolescence - affects
the ability of the entity to compete
4. Acquisition of assets through
related party transactions
5. Entity’s ability to remain going
concern
 V. INVESTING ACTIVITIES
1. Errors
•recording
failure to follow PFRS in
fixed assets 2. Frauds
•Expensing PPE
•valuation of securities
Misapplication of PFRS to the
-Kickbacks
-Acquiring goods for personal use
•Failure to account financing of -Appropriating assets
asset leasing transaction
-Processing fictitious transactions in
•depreciation
Mechanical inaccuracy –
expense
the acquisition of PPEs,
investment of securities & goods
•Incorrect estimates
 VI. FINANCING ACTIVITIES

Errors

-Failure to record interest accruals

-Recording interest twice
-Cut-off
-Incorrect estimates
-Failure to recognize the entity’s
debt agreement
violation
-Failure to record declared dividends
 VI. FINANCING ACTIVITIES
Irregularities

-Diverting proceeds from issuance

of debt/equity securities
-Covering up failure to meet debt
agreement
-Failure to record obligations
(notes, bonds)
-Failure to record interest
-Paying dividends to inappropriate
parties
 AUDITOR’S
RESPONSIBILITIES

Communications management

Communications with TCWG

VI. FINANCING ACTIVITIES
True or false
1. When performing a F/S audit, auditors are
required to explicityly assess the risk of material
misstatement due to business risk.

2. Discussion among engagement team should include

brainstorming about the manner in which fraud
may be committed on how management could
perpetrate and conceal fraudulent financial
reporting.
3. If the audit team discovers that fraud risk factors
are present on an engagement, it should then
modify procedures to actively search for the
existence of fraud.
4. An auditor has identified a risk of material
mistatement due to fraud related to the inventory
function. His appropriate response is request that
management more closely monitor the inventory
function.
5. Relative to internal controls, the primary risk of
fraud in the client is the risk that management
overrides controls.

6. Fraud is more prevalent in large businesses than

small businesses and obviously not for not-for
profit organizations due to the its goals-mission.
7. Because fraud perpetrators are often
knowledgeable about audit procedures, PSAs
require auditors to incorporate unpredictability
into the audit plan.

8. Auditors have a higher degree of responsibility for

detecting direct-effect illegal acts than indirect-
effect illegal acts.
9. The auditor should not presume that fraud is
present in revenue recognition by management
because the auditor must remain objective and
independent.

10. Amounts involving fraud are usually considered

more important than unintentional errors of equal
amounts.
MULTIPLE
CHOICES
1. What is the best method an auditor may use to detect
fraud in the financial statements?

a. Use of professional skepticism

b. Understand and properly apply PSAs
c. Brainstorm with the client to find the types of fraud
occuring.
d. Actively search for all errors in the financial statements
1. What is the best method an auditor may use to detect
fraud in the financial statements?

a. Use of professional skepticism

b. Understand and properly apply PSAs
c. Brainstorm with the client to find the types of fraud
occuring.
d. Actively search for all errors in the financial statements
2. Which of the following is least likely to uncover
fraud?

a. Internal auditors
b. External auditors
c. Internal controls
d. Management
3. In general, material irregularities perpetrated by
which of the following are most difficult to detect?

a. Internal auditors
b. Keypunch operator
c. Cashier
d. Controller
4. The most common technique used by management
to misstate financial information, and is always
presumed to exist under PSA 315, is:

a. Overstatement of expenses
b. Improper revenue recognition
c. Understatement of liabilities
d. Understatement of assets
5. If the audit team discovers that fraud risk factors are
present on an engagement, it should then:

a. Resign from the client and inform the audit

committee and regulatory authorities
b. Reduce the amount of evidence required and resort
to management inquiry
c. Modify procedures to actively search for the
existence of the fraud
d. Turn the audit over to forensic accountants.
6. When is the assessment of fraud risk on a single
engagement completed by the audit team?

a. Upon completion of the planning stage.

b. Once internal control is understood.
c. Only after the audit risk model has been used to
design tests.
d. Once the audit is complete.
7. Which of the following items might alert the auditor
to the possibility of fraud in the department?

a. A significant portion of the management ‘s

compensation is directly tied up to reported net
income of the department.
b. Sales have increased by 10%
c. The Department is not scheduled for external audit
this year.
d. All of the above
8. John, a fraudster, was ‘trusted completely’ is an
example of

a. Document symptom
b. Situational pressure
c. Opportunity to commit
d. Physical symptom
9. Randy, the employer, was always handling most
urgent… is an example of:

a. Opportunity to commit
b. Analytical symptom
c. Situational pressure
d. Rationalization
10. ‘Difficulties with personal financial problems’ is an
example of:

a. Behavioral symptom
b. Opportunity to commit
c. Situational pressure
d. Rationalization
11. James, the fraudster, felt that he contributed much
more to the success of the company than was
represented by his salary… is an example of:

a. Behavioral symptom
b. Opportunity to commit
c. Situational pressure
d. Rationalization
12. Frank, the fraudster, bought an expensive car and
jointed an expensive golf and country club elite
group… is an example of:

a. Behavioral symptom
b. Lifestyle symptom
c. Physical Symptom
d. Situational pressure
13. When comparing perpetrators who have embezzled
company funds to perpetrators of financial
statements (falsification of F/S), those who falsified
financial statements would be likely to:

a. Have experienced an autocratic management style

b. Be living beyond their obvious means of support
c. Rationalize the fraudulent behavior
d. Use company expectations as justification for the
act.
14. A company hired a highly qualified Accounts Payable
Manager who had been terminated by another
company for alleged wrongdoing. Six months later, the
manager diverted P120,000 by sending duplicate
payments of invoices to a relative. A control that might
have prevented this situation would be to:

a. Adequately check prior employment/backgrounds

b. Not hire individuals who appear over qualified
c. Verify educational background for all employees
d. Check to see if close relatives work for vendors.
15. Which of the following if observed, would not increase
the likelihood of fraud risks?

a. The standard of living of one of the purchasing agents

has increased.
b. The internal control structure has significant
weaknesses.
c. Management, at purchasing agents’ request, has
adopted a policy of paying vendors on a more timely
basis to avoid incurring penalty charges.
d. The cost of goods procured seems to be excessive in
comparison with previous years.
16. Computer fraud is increased when?

a. Audit trails are not available

b. Employees are donot trained
c. Documentation is not available
d. Employee performance appraisals are not given
17. A subsidiary president terminated a controller and hired a
replacedment without the required corporate approvals.
Sales, cash flow and profit statistics were then manipulated by
the new controller and president via accelerated depreciation
and sale of capital assets to obtain larger performance bonuses
for the controller and subsidiary president. An approach that
might detect this fraudulent activity would be+
a. Analysis of overall management control for segration of
duties
b. Required exit interviews for all terminated employees
c. Periodic changes of outside external auditors
d. Regular analytical reviews of operating departments.
18. Which of the following are objectives of a fraud investigation?
I. Identify, gather and protect information
II. Provide accurate and objective facts upon which
judgments concerning discipline, termination or
prosecution may be based
III. Identify patterns of actions and behaviors
IV. Account for and recover losses
V. Notify the audit committee of the facts/circumstances

a. III only c. II and III only

b. I, II, III and V only d. All of the above
19. Which of the following are true about the use of forensic
accounting for fraud investigations?
I. Apply scientific knowledge and legal issues
II. Study and interpretation of accounting evidence for
presentation in legal forum
III. Certain fraud should be referred to forensic specialists
IV. Examination of questioned documents, fingerprint
specialists, and forensic chemists.

a. All of the above c. II and III only

b. I, II, III only d. I , II and IV only
20. Which of the following investigative tools is most
effective when large volumes of evidence need to be
analyzed?

a. Interviews
b. Forensic analysis
c. Computer
d. Questionnaires
21. Under PSAs, an auditor’s responsibility to detect and report
violations of laws and regulations is to
a. Report all violations of laws and regulations to NBI
b. Assess the risk that violations of laws and regulations
may cause materially mistatated F/S and to design the
audit accordingly
c. Detect all violations of laws and regulations, including
those that are neither direct nor material
d. Coordinate the search of violations of laws and
regulations with all the agencies w/c the entity
received financial assistance.
22. Which of the following would most likely be deemed a direct-
effect of illegal act?

a. Violation of employment laws

b. Violation of environmental regulations
c. Violation of income tax laws
d. Violation of civil rights laws
23. The auditors evaluation of the likelihood of material employee
fraud is normally done initially as a part of?

a. Test of controls
b. Understanding the entity’s internal control
c. Test of transactions
d. The assessment of whether to accept the audit
engagement.
24. The auditor’s best defencse when existing material
misstatements in the F/S are not uncovered in the audit is+

a. The client is guilty of fraudulent misrepresentation.

b. Consider the relevant facts available.
c. Consider the circumstances of the audit engagement
d. Apply auditor’s relevant knowledge and experience.
25. Sources of information gathered to assess fraud risks usually
do not include…

a. Analytical procedures
b. Inquiries of management and others within the entity
c. Communication among audit team members
d. Review of corporate charter and laws
26. Which of the following is a false statement concerning fraud?

a. Fraud generally involves incentive or pressure to

commit fraud, a perceived opportunity to do so, and
some rationalization of the act.
b. An audit rarely involves the authentication of
documentation; thus, fraud may go undetected by the
auditor.
c. Fraud involves actions of management but excludes
the actions of employees or 3rd parties.
d. None of the above.
27. What is one common way to conceal a theft?

a. By creating cash through inter-bank cash transfers.

b. By charging the stolen item to an expense account.
c. By stealing cash from Juan (customer A) and then
using the account balance of Jessa (customer B) to
pay Juan’s accounts receivable.
d. By the conversion of stolen assets to cash.
28. In payroll fraud, funds can be stolen by

I. Paying a fictious or ghost employee

II. Increasing pay rates without permission
III. Keeping a real but terminated employee on the
payroll.

a. All of the above c. II and III only

b. I and III only d. I and II only
29. If the auditor concludes that the noncompliance has
a material effect on the financial statements, and has
not been properly reflected in the financial
statements, the auditor should express

a. A qualified opinion or an adverse opinion

b. A qualified opinion or a disclaimer
c. A disclaimer of opinion
d. A qualified opinion
30. Audit matters of governance interest to be
communicated to TWCG ordinarily include
I. Audit adjustments, whether or not recorded by the
entity that have, or could have, a material effect on its
financial statements
II. Expected modifications
III. Material uncertainties related to events & conditions
that may cast significant doubt on the entity’s ability to
continue as a going concern.
a. I and II only c. II and III only
b. I and III only d. I, II and III
31. The auditor may identify a risk of material misstatement due
to fraud affecting a number of accounts and assertions. These
may include:
I. asset valuation
II. estimates relating to specific transactions
(such as acquisitions, restructurings, or disposals
of a segment of the business)
III. other significant accrued liabilities (such as
pension and other post-employment benefit
obligations, or environmental remediation liabilities).

a. I and II only c. All of the above

b. II and III only d. None of the above
32. To minimize the opportunities of fraud, unclaimed
cash payrool should be

a. Deposited in a safe deposit box

b. Held by the payroll custodian
c. Held by controller
d. Deposited in a special bank account
33. The purpose of segregating the duties of hiring
personnel and distributing payroll checks is to
separate the
a. Authorization of transactions from the custody of
related assets
b. Operational responsibility from the record-keeping
responsibility
c. Human resources function from the controllership
function
d. Administrative controls from the internal accounting
controls
34. Coverage of shortage in one bank account by means of
unrecorded check drawn on another bank account is
known as

a. Lapping
b. Kiting
c. Reconciling
d. Adjusting
35. An error in which an item is posted to the wrong personal
account, or the incorrect calculation of an amount
constituting an original entry

a. Error of omission
b. Error of commission
c. Error of principle
d. Counter-balancing error
36. Which of the following is not typically included in the
sales and collection cycle?

a. Sales returns and allowances

b. Bad debts
c. Allowance for uncollectible accounts
d. Cash credits from the cash disbursement journal
37. When a primary risk related to an audit is possible
overstated inventory, the assertion most directly related
is:

a. Completeness
b. Clarity
c. Existence
d. Presentation
38. The signing and distribution of the checks must be properly
handled to prevent their theft. Which of the following is
not an important control consideration?

a. The person authorized to sign paychecks should not be

involved otherwise in the preparation of the payroll
b. A check signing machine should not be used to replace a
manual signature
c. Distribution of pay checks should be performed by
someone who is not involved in the other payroll functions.
d. Unclaimed checked should be immediately returned for
redeposit.
39. The failure to capitalize a permanent asset or the
recording of an asset acquisition at the improper
amount, affects the financial position

a. For the current period

b. For the depreiable ife of the asset
c. Until the firm disposes the asset
d. Forever
40. Which of the following activities performed by a
department supervisor most likely would help in the
prevention or detection of a payroll fraud?

a. Distributing paychecks directly to the employees

b. Setting the pay rate for departmental employees
c. Hiring employees & authorizing them to be added to
payroll.
d. Approving a summary of hours each employee worked
during the pay period.