Management Of Earnings, Auditing Standards, And Cybersecurity - An Overview

Concept of Management of Earnings

Questions:

1. Discuss the risks auditors face when considering management earnings management practices?

2. Are auditing standards important and do they matter?

3. Discuss cyber security, auditing and audit committees. 

4. Discuss these pictures as views of the audit function.

The concept of management of earnings s concerned with the manipulation of the revenues and the expenses so that the amounts of the profits or the earning per share could be inflated or deflated so that a lesser amount of taxes have to be paid and so that the more amount of earning per share could be reported so that the investment could be attracted form the viable investors. This is the way in which the companies use the creative accounting so as to show fake amounts of profits.

(ACCA Global. 2015)

The earnings management involves the following:

1. Revenue recognition
2. Changes in the estimates
3. Abuse of the concept of materiality
4. Capitalisation and deferral of the expenses
5. Non- GAAP measures.

(KPMG, 2015)

The SAS 300 identifies the overall risk of an audit. The APB 1995, defines the auditor as the person who is entrusted with the responsibility of giving a true and a fair view on the financial statements. The following are the components of risk:

Inherent risk which is defined as the susceptibility of a material misstatement, either individually or in a group in the balances and the class of the transactions irrespective of the presence of the internal controls.

Control risk is defined as the risk of the presence of the material misstatement that was incapable of being presented or detected on the timely basis by the accounting and the internal control system.

Detection risk is the risk that the auditors would extend the substantitative procedures but that will fail to material misstatement.

The sum total of all the above stated 3 risks is the audit risk.

(University of Glasgow, 2015)

The following are some of the qualities that an auditor must possess:

1. Professional scepticism: an auditor must possess some professional scepticism so that he can assess the risk and accordingly, extend the audit procedures.

2. Evaluate the accounting policies: an auditor must select and apply the accounting policies when it comes to assessing the risk of the fraudulent financial reporting

3. Assess the completeness of the disclosures

4. The audit report presented must be fair and adequate so as to bring to notice all the issues and the same must be presented and brought to the notice of the stakeholders.

5. The issues must be reported to those charged with governance

6. Other reporting responsibilities: this includes the fact that where a fraud have occurred, the auditor must consider the other reporting responsibilities. These responsibilities could include the communication with the regulatory and the enforcement.

(ACCA Global, 2015)

The accounts of the companies are prepared in order to show the performance of the company and reflect its financial position. The accounts of the company is required to be prepared in accordance with the following:

1. Corporations Act
2. Accounting standards
3. Financial reporting standards

The auditing standards specifies the following:

1. What sort of information is required to be included in the accounts of the company
2. How this information is required to be presented

(Price Water house Coopers, 2015)

Components of Audit Risk

The work of an auditor is to plan, conduct and report the results of an audit in accordance with the requirements of the generally accepted standards of auditing. The standards of auditing measures the quality of the audit and the objectives that are required to be achieved during the process of an audit. The procedures extended during the course of an audit is different from that of the accounting standards. The procedures of an audit must comply with the standards on auditing.

The following are the set of the general standards of auditing:

1. The auditor must have an adequate amount of training and proficiency during the course of an audit
2. The auditor must be independent so that he can work without any ties with the client
3. He must exercise due diligence and professional care while carrying on the procedures of auditing

The following are the standards of the field work:

1. An auditor must plan his work well before and must always supervise his assistants

2. He must gain an understanding of the entity and the environment in which the company operates. This will include the internal control, and an assessment of the risk of the material misstatement that may have taken place in the financial statements due to the presence of an error or a fraud. The nature, timing and extent of an audit must be so designed so that the audit procedures must be carried out.

3. An auditor must obtain appropriate audit evidence with regard to the procedures that may have been undertaken for the purpose of conducting an audit.

The following are the standards of reporting:

1. An auditor must state whether in his opinion, the financial statements represent a true and a fair view of the financial statements and whether they conform with the generally accepted principles of accounting

2. The auditor qualifies his report in the case where he feels that the principles of accounting have not been followed with and they are not infirmity with the figures of the preceding period

3. When an auditor is of the opinions that the disclosures that have been made are not adequate, then he must state the fact in his report

4. An auditor must express an opinion on the financial statements and where the opinion cannot be expressed, he must state the same in his report. He must also state the reasons for his dis-qualification

5. An auditor must state the character of his work and the degree of responsibility that he has been entrusted with during all the times when he has been associated with the work of the client.

(AICPA, 2015)

Cybersecurity is one of the main problems today. This is mainly due to the fact that cybersecurity is related with the financial concerns of the companies and internal control. The audit committee is entrusted with the responsibility of looking after the cyber issues. The audit committee also plays a very strong role when it comes to the connection with the financial concerns and the internal controls. The audit committee has to monitor the preparation of the management for and then prepare adequate response to the threats from the cybercrime. The following are some of the questions that the audit committees needs to take into account:

1. the crucial assets of the company and what are the vulnerabilities that are involved
2. how must the risks be disclosed
3. what is the critical infrastructure that must be in place and the regulator requirements that are required
4. what is the overall strategy that is involved
5. what is the plan for protecting the assets from the cyber attacks
6. how robust is the response of the organization and how well are the plans of communication

Qualities of an Auditor

(Deloitte, 2015)

The SEC has again started focussing on the cybersecurity as on March 26, 2014. It suggests that the cybersecurity is very important and the same will be subject to a significant amount of security.

(Deloitte, 2015)

In order to address the issue of cyber security, a number of cyber threat management plans must be in place so as to recognise and account for the 4 major phases of cyber securities that are as follows:

1. the defence and mitigation of the cyber threat
2. the detection of threat, intelligence and analysis
3. the response to the cyber incident
4. the remediation and recovery of the cyber threat

Huge companies do experience a huge amount of thwarted and successful cyber attacked during the year. This leads them to realize the response that will go on to operate under the assumption that there will be certain attacks and that would be successful to a certain degree.

The plan for cyber security must be made with an appropriate culture and must involve the topmost and the senior most management. The involvement of the senior most management will ensure that they are aware of the importance of the security that extends from the C suite and includes the professionals that function since the breach of the cyber security could occur at of the level and at any department. The issue of the cyber security must be made the topmost priority and must be communicated to the board. The compliance of the rules and the regulations must be ensured in tune with the policies and the support to the efforts in order to strengthen the infrastructure and combat the threats.

(Deloitte, 2015)

The responsibilities of an auditor include the fact ensuring that the audit has been conducted in accordance with the generally accepted standards of auditing and obtaining the appropriate audit evidence so as to provide the reasonable audit evidences for the opinion on the financial statements. For the purposes of the audit, the auditor has to ensure independence from the entity whose audit is being conducted. The internal auditors have been entrusted with the responsibility of analysing, evaluating, assuring and making the recommendations and provide the other information to the management of the entity and with those charged with governance. In order to fulfil their responsibility, the internal auditors must maintain objectivity with respect to the activities that are being audited. This is in accordance with the Statement on Auditing Standards number 114.

(AICPA, 2015)

An independent auditors has to give his opinion with regard to the fairness of the financial position as has been indicated in the financial statements. The audit report is used by the lenders and the investors and they rely heavily on the same when making the decision with respect to the investments. An audit is required to be conducted in accordance with GAAS and other relevant ethical requirements that will enable him to form the audit opinion. In order to form an opinion, an auditor is required to gather appropriate and sufficient evidences so as to gain a reasonable assurance with regard to the audit opinion. The auditors then has to form an opinion as to conclude as to whether the financial statements are free from any material misstatement, any error or fraud.

Some of the procedures that are undertaken during the course of audit are as follows:

1. Inquiring into the management and gaining an insight into the operations, financial reporting and known errors and frauds.
2. Evaluating the internal control system and assessing, the adequacy of the same
3. Extending the analytical procedures on the variances in the balances of the accounts and the classes of the transactions
4. Testing the correctness of the transaction and checking its documentation
5. Observing the count of the physical inventories
6. Confirming the accounts receivables and the other accounts with the third parties

On the completion of the audit, the auditor also has to offer some of the objective advices for improving and reporting the internal controls so as to maximise the performance and the efficiency of the company.

(GRFCPA, 2015)

References:

Businesscasestudies.co.uk, (2015). Auditing - The importance of accounting standards - PricewaterhouseCoopers | PricewaterhouseCoopers case studies and information | Business Case Studies. 

Deloitte.wsj.com, (2015). Cybersecurity and the Audit Committee - Deloitte Risk & Compliance - WSJ. 

eprints.gla.ac.uk, (2015). Auditor Independence and Audit Risk: A Reconceptualization. 

Grfcpa.com, (2015). What an Auditor Does and Doesn't Do.