ACCG340 Study Guide - Final Guide: Internal Control, Data Integrity, Business Process

13-35 (Objectives 13-3, 13-4) McClain Plastics has been an auditclient of Belcor, Rich, Smith & Barnes, CPAs (BRS&B), forseveral years. McClain Plastics was started by Evers McClain, whoowns 51% of the company’s stock. The balance is owned by about 20stockholders, who are investors with no operationalresponsibilities. McClain Plastics makes products that have plasticas their primary material. Some are made to order, but mostproducts are made for inventory. An example of aMcClain-manufactured product is a plastic chair pad that is used ina carpeted office. Another is a plastic bushing that is used withcertain fastener systems.

McClain has grown from a small, two-product company, when theyfirst engaged BRS&B, to a successful, diverse company. At thetime Randall Sessions of BRS&B became manager of the audit,annual sales had grown to $200 million and profits to $10.9million. Historically, the company presented no unusual auditproblems, and BRS&B had issued an unmodified opinion everyyear.

The audit approach BRS&B always used on the audit of McClainPlastics was a “substantive” audit approach. Under this approach,the in-charge auditor obtained an understanding of internal controlas part of the risk assessment procedures, but control risk wasassessed at the maximum (100%). Extensive analytical procedureswere done on the income statement, and unusual fluctuations wereinvestigated. Detailed audit procedures emphasized balance sheetaccounts. The theory was that if the balance sheet accounts werecorrect at year-end and had been audited as of the beginning of theyear, then retained earnings and the income statement must becorrect.

Part I

In evaluating the audit approach for McClain for the currentyear’s audit, Sessions believed that a substantive approach wasreally only appropriate for the audits of small nonpubliccompanies. In his judgment, McClain Plastics, with sales of $200million and 146 employees, had reached the size where it was noteconomical, and probably not wise, to concentrate all the tests onthe balance sheet. Furthermore, although McClain is not a publiccompany, Sessions recognized that similar public companies arerequired by Section 404 of the Sarbanes–Oxley Act and related PCAOBstandards to have an integrated audit of the financial statementsand internal control over financial reporting. Therefore, hedesigned an audit program that emphasized identifying internalcontrols in all major transaction cycles and included tests ofcontrols. The intended economic benefit of this “reducing controlrisk” approach was that the time spent testing controls would bemore than offset by reduced tests of details of the balance sheetaccounts.

In planning tests of inventories, Sessions used the audit riskmodel included in auditing standards to determine the number ofinventory items BRS&B would test at year-end. Because of thenumber of different products, features, sizes, and colors,McClain’s inventory consisted of 2,450 different items. These weremaintained on a perpetual inventory management system that used arelational database.

In using the audit risk model for inventories, Sessions believedthat an audit risk of 5% was acceptable. He assessed inherent riskas high (100%) because inventory, by its nature, is subject to manytypes of misstatements. Based on his understanding of the relevanttransaction cycles, Sessions believed that internal controls wereeffective. He therefore assessed control risk as low (50%) beforeperforming tests of controls. Sessions also planned to usesubstantive analytical procedures for tests of inventory. Theseplanned tests included comparing gross profit margins by month andreviewing for slow-moving items. Sessions believed that these testswould provide assurance of 40%. Substantive tests of details wouldinclude tests of inventory quantities, costs, and net realizablevalues at an interim date two months before year-end. Cutoff testswould be done at year-end. Inquiries and substantive analyticalprocedures would be relied on for assurance about events betweenthe interim audit date and fiscal year-end.

Required

Decide which of the following will likely be done under both areducing control risk approach and a substantive approach:

Assess inherent risk.

Obtain an understanding of internal control.

Perform tests of controls.

Perform substantive analytical procedures.

Assess planned detection risk.

What advantages does the reducing control risk approach Sessionsplanned to use have over the substantive approach previously usedin the audit of McClain Plastics?

What advantages did the substantive approach have over thereducing control risk approach?

Part II

The engagement partner agreed with Sessions’s recommendedapproach. In planning the audit evidence for detailed inventorytests, the audit risk model was applied with the followingresults:

PDR=AATIR×CR×APR

where:

PDR=PlanneddetectionriskAAR=acceptableauditriskIR=inherentriskCR=controlriskAPR=analyticalproceduresrisk

Therefore, using Sessions’s assessments and judgments asdescribed previously,

PDR=.051.0×.5×.6PDR=.17

Required

Explain what .17 means in this audit.

Calculate PDR assuming that Sessions had assessedcontrol risk at 100% and all other risks as they are stated.

Explain the effect of your answer in requirement b. on theplanned audit procedures and sample size in the audit of inventorycompared with the .17 calculated by Sessions.

Part III

Although the planning went well, the actual testing yielded somesurprises. When conducting tests of controls over acquisitions andadditions to the perpetual inventory, the staff person performingthe tests found that the deviation rates for several key controlswere significantly higher than expected. As a result, the staffperson considered internal control to be operating lesseffectively, supporting an 80% control risk rather than the 50%level used. Accordingly, the staff person “reworked” the audit riskmodel as follows:

PDR=.051.0×.8×.6PDR=.10

A 10% test of details risk still seemed to the staff person tobe in the “moderate” range, so he recommended no increase inplanned sample size for substantive tests.

Required

Do you agree with the staff person’s revised judgments about theeffect of tests of controls on planned substantive tests? Explainthe nature and basis of any disagreement. If BRS&B was alsoissuing a report on internal control over financial reporting,describe the implications of these results on the auditor’sinternal control report.

Robatelli's Pizzeria Case StudyIntroduction On the morning of October 31st, Elaine Black, Chief Information Officer at Robatelli's Pizzeria, was waiting for both Jim Saxton, database administrator, and Peter Greyton, operations manager, to come to her office for a meeting. While waiting, Elaine was thinking about the surge of telephone and Internet orders expected to be received through the company's customer order center within the next 12 hours. Halloween had always been the most popular day of the year for people in the greater Pittsburgh area to order pizza from Robatelli's. There were 53 restaurant locations to serve these customers, but only one location to receive all of the orders and forward them to the right restaurant. Elaine's thoughts were interrupted as Jim and Peter entered her office. The following conversation took place: ELAINE Well, guys, it's here again, our biggest day of the year. Not only is Halloween a busy day, but we have the upcoming day after Thanksgiving, the week before Christmas, and Super Bowl Sunday. Can our current computer system's infrastructure and people keep pace with the orders we expect? JIM I think our systems are all running at peak performance. We shouldn't have any computer concerns for today or those other busy days. PETER Everyone in the customer order center is focused on making sure that our customers get their pizzas as ordered. We have plenty of people scheduled to work tonight, so we're good to go. ELAINE Terrific. But every time we face one of these peak sales days, I start wondering about the long-term capacity and effectiveness of our computer systems. Jim, we need to think long term about our computer system. I was just reading an article that I'd like you to take a look at. It's about Anheuser-Busch Companies and their use of data mining. JIM I do agree with you, Elaine; we should always be thinking about how newer IT systems can help us. Could you e-mail me the link to the article? ELAINE Sure, and I would like you to think about how we might use the same approach in our business. Peter, your order center people are doing a great job, but again there's something I'd like us to think about in the long run. As you know, we now have to manually enter all customer order center sales and store sales into our general ledger (GL). I think we could improve a lot of things if those sales are automatically fed into our GL software. Why don't you think about any advantages you see for an automatic interface, and we'll look at the costs compared to those advantages. How's that sound? PETER I'll do that. I'll give it some thought and work on a report about an automatic interface between our GL software and the point of sale systems in our restaurants as well as the phone and Internet sales. How soon do you want to meet again to look at these issues? ELAINE Let's say, in two weeks at the same time. As Jim and Peter left her office, Elaine continued to think about the features of the company's accounting information systems and whether or not data extracted from these systems could facilitate the multiple needs of the company. The focus had always been on providing accurate financial accounting information from the various locations; however, the company's aggressive growth strategies meant increased emphasis on the system's ability to analyze detailed customer information that could be translated into increased sales opportunities. Elaine knew the challenges they faced could very well affect the company's ability to maintain its competitive advantage. She realized that her department must continually improve the company's information systems to help it achieve growth strategies. Operating state-of-the-art systems was imperative to position the company to execute those growth plans. However, she was concerned about the possibility that restrictions of the current information systems could actually prevent the company from doing what it wanted to do. Allowing restrictive systems to prevent them from achieving business strategies was a risk that Elaine would not tolerate!

Review the Robatelli's Pizzeria Case Study.

Develop an internal controls system in Robatelli's Pizzeria sales and cash business areas.

Prepare a 12- to 16-slide presentation describing the typical activities and outlining an effective system of internal controls for the Sales, Sales Returns, and Cash Collections business areas. Include any associated risks in these areas.

Describe specific internal controls that include authorization of transactions, segregation of duties, adequate records and documentation, security of assets, and independent checks and reconciliation for each business area.