Part 1: The Initial Audit
1) What additional work could the Internal Audit Department perform prior to issuing the audit report? The internal audit’s work is necessary to the entity. The internal audit can accumulate evidences from different documents, statements and reports. Their reprehensibility is to provided reasonable assurance in entity’s daily operation. In this case, there are some materials has been founded in MCS. From my opinion, the internal audit could pay more attention on the manager’s internal control evaluation. The additional work can be started by evaluating all financial records to ensure the accuracy of the financial statements, and reviewing administrative control with the university policy and regulations to make the operational effectiveness and efficiency. In addition, the internal auditors could make the assessment of risk factors, and identify several evidence to determine which areas should be included and promoted. All these risk factors should be detected based in the dollar materiality and each detailed transactions. In order to identified the risks, the internal audit should review the financial statements carefully and understanding each transactions clearly.
2) What recommendations to the campus computing services director and the university administration would be appropriate for the MCS? I do recommend the campus computing services director and the university administration to focus on promoting the internal control to make the management more effective. The valid internal control is the assurance of daily operation. The effective controls reduce the risk of asset loss and help ensure that plan information is complete and accurate, financial statements are reliable, and that the plan complies with laws and regulations.
Part 2: The Plot Thickens
1) At what point should the Internal Audit Department suspect a fraud? What actions should be considered to ensure that professional auditing standards are met? Whom does the Internal Audit Department need to inform? When doing audit, the auditors should have a professional skepticism on each transaction. In the case, the problem is that some personal use computers’ warranty repair fees are recorded in university’s public library accounts. After receiving the telephone call from a local repair shop owner, the internal audit department could suspect the fraud. As internal auditors, they should follow with GAAP and provide a final audit report to the university. During the period of detecting and investigating the fraud, the internal auditors should take action on reviewing all related transactions and audited financial statements in the university. Besides that, communication with other auditors is also necessary. The discussion can make the work easier to do. After that, they can talk with MSC’s manager to get more useful information for the investigation. The objective of internal is to accumulate enough evidence to identify the fraud. Additionally , the internal audit department needs to inform the CEO, CFO and audit committees.
2) What red flags might have initially tipped off the internal auditors that this employee might be involved in a fraud? A. The MCS manager has left the university
B. The library director said that they had been working with a university employee who owned a consulting company called MCS C. The library director indicated that the library had ordered several personal computers and printers from MCS, as well as the associated software, and had paid the consultant for the products and his fine service.
3) In what ways does the MCS manager fit the profile of the typical fraud perpetrator? To identified the MCS manager as typical fraud perpetrator, we should review the fraud has been founded in the first part. The internal auditor has found that “a billing statement or a purchase order would be missing all related documentation— only a handwritten note by the MCS manager on the billing statement or...
Please join StudyMode to read the full document