بررسی محیط زیست کنترلی و مخاطره های تقلب: مجموعه ای از تمرین های آموزشی

Control environment is an abstract concept that can be difficult for students to grasp due to their lack of real-world experience. Recent accounting scandals and the regulatory response of the Sarbanes–Oxley Act of 2002 have highlighted the need for future auditors to be able to recognize red flags indicating the possibility of fraudulent financial reporting (FFR) and misappropriation of assets (MOA). This manuscript contains a set of four instructional exercises. The exercises are designed to promote critical thinking by exposing students to scenarios that require them to assess and integrate evidence regarding hypothetical clients’ control environments. Evidence is collected in realistic working papers (accessed via the web at http://www.pages.drexel.edu/~cpa22/Audit/audit.htm) that are based on evidence-gathering questionnaires from Big Four accounting firms. Using this evidence, students consider the risk of FFR and MOA. Student reaction to using the exercises, from three different institutions, has been positive.

Auditing standards issued in recent years have brought into focus the auditor’s consideration of a client’s control environment and fraud risk assessment. Statement on Auditing Standards (SAS) No. 109 (AICPA, 2006) emphasizes the importance of the control environment for mitigating the risk of fraud. SAS No. 99 (AICPA, 2002) significantly expanded the requirements for gathering information about the risk of fraud and includes a listing of specific risk factors related to fraudulent financial reporting (FFR) and misappropriation of assets (MOA). Sarbanes–Oxley Section 404 requires the external auditors to report on management’s assessment of the effectiveness of internal control. Following this mandate, Public Company Accounting Oversight Board (PCAOB) Auditing Standard No. 5 requires auditors to communicate to both management and members of the audit committee all significant deficiencies and material weaknesses in internal control of which the auditor is aware (PCAOB, 2007). It is, therefore, increasingly important for students to be able to recognize and communicate fraud risk factors. With each of the four instructional exercises presented in this article, students perform a realistic audit task requiring analysis of complex evidence (evaluating a completed Control Environment Questionnaire) and preparation of a professional memo. Students are challenged to put the abstract concept of “control environment” into practice as they evaluate fraud risk from the perspective of an external auditor. These exercises allow instructors to supplement textbook presentations of SAS No. 78 (AICPA, 1995), Consideration of Internal Control in a Financial Statement Audit, SAS No. 99 ( AICPA, 2002), Consideration of Fraud in a Financial Statement Audit, and SAS No. 109 Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatement ( AICPA, 2006). All four exercises contain the same overall structure and require students to analyze a completed Control Environment Questionnaire (CEQ), which they can access via the Internet (http://www.pages.drexel.edu/~cpa22/Audit/audit.htm). The CEQs are structured to emulate those used in practice at each of the Big Four firms. Feedback from audit partners and managers at these firms indicates that the exercise materials are realistic and provide a valuable learning experience for students. Each CEQ presents a different set of client strengths and weaknesses that should lead to specific conclusions regarding risks of FFR and MOA. Each exercise requires students to prepare a professional memo in which fraud risk and the control environment are documented. These exercises are designed to help students integrate complex evidence and become more aware of red flags that indicate the possibility of FFR or MOA.3