ACG4401 Exam 1 - Gerard (FSU)

What 3 factors interact to influence the likelihood of fraud?

Financial pressure, Opportunity, Lack of Integrity

How do the 3 factors interact?

When financial pressure is high, opportunity exists due to weak controls, and integrity is low, the likelihood of fraud is very high.

What duties should be segregated in an effort to prevent fraud?

Authorization, Custody of assets, and Recording of transactions

How do fraud perpetrators rationalize their acts?

They often view it as a loan they intend to repay, especially under financial pressure.

What are the red flags discussed in the video?

Financial pressures, personality changes, poor money management, living beyond means, outside business interests, poor internal control, too much trust in key employees

Who is ultimately responsible for Financial Statements and controls?

management

Assess the materialization of risk. (prioritization)

SOX 302 CEO and CFO responsibilities

The CEO and CFO must certify the accuracy of financial reports and internal controls (SOX 302)

SOX 404 responsibilities of management

Establishing and maintaining internal controls, preparing the financial statements, and assessing the effectiveness of internal controls (SOX 404).

SOX 404 Auditor responsibilities

Expressing an opinion on the fairness of the financial statements and, for public companies, evaluating and reporting on the effectiveness of internal controls (also under SOX 404)

Definition of internal control

Process, affected by an entity's board of directors, management, and other personnel, designed to provide reasonable assurance regarding the achievement of objectives relating to operations, reporting, and compliance

COSO Framework [internal control]

Control Environment, Risk Assessment, Control Activities, Information & Communication, Monitoring

COSO Framework Objectives

Operations, Reporting, Compliance

COSO Objective:Operations

Effectiveness and efficiency of operations

COSO Objective: Reporting

reliability of financial and non-financial reporting

COSO Objective: Compliance

adherence to applicable laws and regulations

What are the terms auditors use to describe a company with effective controls versus ineffective?

Effective: unqualified opinion, clean

Ineffective: qualified opinion, control deficiency, significant deficiency, material weakness

Internal controls can't eliminate all risk due to

Human error, collusion, management override, and cost/benefit constraints

Internal controls provide reasonable, not ____ assurance

absolute

Preventative Controls:

Stop errors or fraud before they occur

Detective Controls

Identify issues after they happen

Corrective controls

Fix problems that have been detected.

Segregation of Duties

Segregation of duties separates incompatible tasks—authorization, recordkeeping, and custody—to reduce fraud risk.

(Violations occur when one person can both commit and conceal errors or theft.)

No need to remember answer

Examples of segregation of duties

Warehouse clerk can both hold and dispose of inventory → may cover up theft.

Sales manager approves credit and writes off bad debts → may benefit personally.

Shop foreman handles time cards and paychecks → may pay ghost employees.

Accounting clerk posts and reconciles accounts → can hide embezzlement.

General audit issues with user accounts and groups/roles (NOS & application software)

Auditors look for inappropriate access, unused or dormant accounts, excessive privileges, and lack of role-based controls. Risks include users having access beyond their job needs, poor password policies, and weak user management.

Difference between IT general controls (ITGCs) and application controls (ITACs)

IT General Controls (ITGCs) relate to the overall IT environment supporting all applications, ensuring proper development, security, and operation of systems (e.g., IS policies, staff separation, disaster recovery).

Application Controls (ITACs) are specific to individual applications and focus on ensuring data accuracy, completeness, and authorization within those applications (e.g., input validation, access controls)

No Answer, just study

(from SUA Guide book)

#1- Document

#2- Journal/Ledger Symbol

#3- X

#4- ? - result of manual process

#5- X

#6- Manual Operation or Process

#7- Disk Memory (for data)

#8- Magnetic Tape (for data)

#9- Off-line storage

#10- Decision

#11- X

#12- Flowlines. Solid is document, Dotted is information

#13- X

#14- On-Page Connector

#15- Off-Page Connector

#16- Terminator. Beginning, ending, or interruption of flowchart

**rectangle with the top sloping upwards is a manual input (keyboard inputting data)

Master Files

Permanent file with current status records (e.g., inventory, customer accounts). Continuously updated; like subsidiary ledger; used for reporting.

Transaction Files

Temporary file of similar transactions grouped for processing (e.g., sales transactions)

Transaction files are used to update _____ files after editing for accuracy

I apologize its hard to make this short

Describe the general guidelines for flowcharts

1. Understand the system fully (interview users, observe, read documentation).

2. Identify entities (departments, functions, external parties) and document flows.

3. Use columns to separate entities and label them.

4. Flowchart normal operations; exceptions with annotations.

5. Flow direction: top to bottom, left to right.

6. Clear start and end; show document origins and final destinations.

7. Use standard symbols, drawn neatly or with software.

8. Label all symbols with clear descriptions; use annotations if needed.

9. Number documents on multiple copies, showing numbers on flowcharts.

10. Precede manual process symbols with input and follow with output; show document moves between functions.

11. Use connectors sparingly; label off-page connectors clearly.

12. Use arrowheads on all flow lines for clarity.

13. Keep flowcharts to one page if possible; number pages if multiple.

14. Show documents/reports in the creating functional area first, then transfer.

15. Data entering/retrieved from computer files must go through a processing step.

16. Use lines from documents to files to show filing; no manual process needed for filing.

17. Start with rough sketches; refine through drafts.

18. Review flowchart with knowledgeable people for accuracy and consistency.

19. Redesign to avoid clutter and crossed lines; prepare final clean copy.

20. Include flowchart name, date, and preparer on each page.

no answer

Know the flowchart patterns.

Study all flowcharts in the given SUA booklet

Chart of Accounts

List of all accounts used by a business in its accounting system.

Ex: Assets, Liabilities, Equity, Revenues, Expenses.

General Journal

Used to record infrequent or unique transactions that do not fit into a special journal

Each entry in the general journal includes:

date, accounts debited and credited, amounts, and a brief explanation.

Special Journals

Used to record routine, repetitive transactions.

Examples of Special journals

Sales Journal

Cash Receipts Journal

Purchases Journal

Cash Disbursements Journal

Payroll Journal

Subsidiary Ledgers and Related Transactions

Accounts Receivable Subsidiary Ledger

Accounts Payable Subsidiary Ledger

Fixed Asset Subsidiary Ledger

Employee Earnings Subsidiary Ledger

How does the subsidiary leger relate to the general ledger?

Column totals from special journals are posted periodically to the General Ledger accounts.

How are financial statements prepared?

Start with a trial balance, make adjusting entries, and use the adjusted trial balance to prepare the income statement, retained earnings statement, and balance sheet.

What is the role of the general ledger?

It records all account activity and holds the data used to create financial statements. Every journal entry is posted here.

What is the Income Summary account for?

It temporarily holds total revenues and expenses during closing to calculate net income, which is then moved to Retained Earnings.

How do closing entries work and when?

Done at the end of the period:

- Close revenues and expenses to Income Summary

- Close Income Summary to Retained Earnings

- Close Dividends to Retained Earnings

What accounts are closed?

Only temporary accounts: revenues, expenses, dividends, and Income Summary. Permanent accounts stay open.

What items are used to prepare a bank reconciliation?

> Bank Statement: Shows the bank's record of deposits, checks, and ending balance.

> Cash Account (General Ledger): The company's version of cash activity.

> Outstanding Checks: Checks written by the company not yet cleared by the bank.

> Deposits in Transit: Deposits recorded in the books but not yet shown on the bank statement.

> Bank Service Charges: Fees deducted by the bank but not yet recorded in the books.

How are cash receipts controlled

> Prelisting of Cash Receipts: Every check or payment received is recorded immediately upon receipt.

> Cash Receipts Journal: All incoming cash is entered here daily.

> Deposit Slips: Used to verify that all cash/checks received were deposited.

> Bank Reconciliation: Confirms that what's deposited matches what's in the bank.

**segregation of duties

[Practice Question]

Which of the following best describes the principle of segregation of duties in internal controls?

a. ensuring that one person is responsible for all aspects of a transaction to maintain accountability

b. dividing responsibilities among different individuals to reduce the risk of error or fraud

c. allowing employees to rotate duties periodically to prevent collusion

d. implementing strict access controls to sensitive information

b. dividing responsibilities among different individuals to reduce the risk of error or fraud

[Practice Question]

Which element of the fraud triangle is most likely to be influenced by an employee's financial difficulties?

a. opportunity

b. pressure

c. rationalization

d. integrity

b. pressure

[Practice Question]

Which of the following is not one of the five components of internal control as defined by the COSO framework?

a. control environment

b. risk assessment

c. information and communication

d. financial reporting

d. financial reporting

[Practice Question]

Which of the following is an example of an input control in an IT application?

a. user access reviews

b. backup procedures

c. edit checks

d. sandbox development environment

c. edit checks

[Practice Question]

A document indicating a reduction in the amount due from a customer because of returned goods or an allowance granted is called a...

a. debit memo

b. sales return and allowances journal

c. credit memo

d. sales invoice

c. credit memo

[Practice Question]

Waren purchased office supplies and immediately paid for them with a check. Where would this transaction be recorded?

a. purchases journal

b. general ledger

c. general journal

d. cash disbursements journal

d. cash disbursements journal

[Practice Question]

Which of the following would not be recorded in Waren's sales journal?

a. cash sale

b. credit sale

c. sales return for credit

d. all the above are recorded in the sales journal

a. cash sale

[Practice Question]

What document does a customer receive when goods are returned?

a. credit memo

b. debit memo

c. purchase order

d. receiving report

a. credit memo

[Practice Question]

Which of the following items on a bank reconciliation require an adjustment to the balance of the cash GL account?

a. outstanding checks

b. deposits in transit

c. errors by the bank

d. service charge

d. service charge

Post-Practice Question Note

Define the following: User Access Reviews, Edit Checks, Sandbox Development Environment

> A user access review is a periodic process where an organization checks who has access to its systems, applications, and data

> Edit checks are automated controls in software that validate input data for accuracy and completeness before it's processed.

> A sandbox development environment is an isolated space where developers can test new features without affecting the live system.

Post-Practice Question Note

Magnetic tapes are recorded/written...

(what is unique about the recording order)

sequentially