Beruflich Dokumente
Kultur Dokumente
WHAT IS FRAUD?
Fraud is the intentional perversion of truth in order to induce another to part with something of value or to
surrender a legal right. In the business community, the primary goal of fraud is often monetary gain.
Fraud prevention programs are essential to set the right tone for an effective internal control framework. In
addition, strong internal controls provide better opportunities to detect and deter fraud. Because of this, it is
important to assess whether management has implemented formal communication mechanisms, internal controls,
and internal or external oversight processes to effectively prevent or deter fraud. This could include the
identification of fraud risks in an entitywide risk assessment program or establishing a separate risk assessment
program that considers the vulnerability of the company to fraudulent activities.
1 Source: www.knowledgeleader.com
Describe
Specific Describe the
Type of
Activities, New/ Basis for
Does Are Are Deficiency Management
Programs Changed Test Effectiveness
COSO Point of Focus/ This Controls Control Test Documentation Controls Deficiencies (Efficiency, Action Plan
# or in the Workpaper Conclusion
Component Control Objective Control Properly Owner Procedures Reference Operating Noted Fin. to Address
Controls in Current Reference (Including
Exist? Designed? Effectively? Reporting, Deficiencies
Place that Year? Evidence of
Compliance)
Satisfy the Operation)
Objective
1 Control A positive
Environment workplace
environment exists
that minimizes
employees' sense
of feeling abused,
threatened or
ignored.
2 Source: www.knowledgeleader.com
Describe
Specific Describe the
Type of
Activities, New/ Basis for
Does Are Are Deficiency Management
Programs Changed Test Effectiveness
COSO Point of Focus/ This Controls Control Test Documentation Controls Deficiencies (Efficiency, Action Plan
# or in the Workpaper Conclusion
Component Control Objective Control Properly Owner Procedures Reference Operating Noted Fin. to Address
Controls in Current Reference (Including
Exist? Designed? Effectively? Reporting, Deficiencies
Place that Year? Evidence of
Compliance)
Satisfy the Operation)
Objective
outlines a process
to identify and
evaluate the risk of
fraud at both entity
and process levels.
6 Control Management
Environment performs
brainstorming
sessions focused
on different ways
employees could
perpetrate fraud in
the organization.
7 Control A whistleblower
Environment program is in place
and is periodically
reviewed to ensure
that it is designed
and operating
effectively.
Complaints are
reviewed by the C-
level executives,
where appropriate,
and reports are
communicated
directly to the audit
committee.
3 Source: www.knowledgeleader.com
Describe
Specific Describe the
Type of
Activities, New/ Basis for
Does Are Are Deficiency Management
Programs Changed Test Effectiveness
COSO Point of Focus/ This Controls Control Test Documentation Controls Deficiencies (Efficiency, Action Plan
# or in the Workpaper Conclusion
Component Control Objective Control Properly Owner Procedures Reference Operating Noted Fin. to Address
Controls in Current Reference (Including
Exist? Designed? Effectively? Reporting, Deficiencies
Place that Year? Evidence of
Compliance)
Satisfy the Operation)
Objective
misappropriation of
assets,
unauthorized or
improper receipts
and expenditures,
and fraud by senior
management.
• The level at
which the risk is
considered
(company-wide,
business unit and
significant account)
is explicitly
defined.
• The level of
likelihood of fraud
(probable,
reasonably
possible and
remote) is defined.
• The level of
significance of
fraud
(inconsequential,
more than
inconsequential or
material) is
defined.
9 Risk Management
Assessment considers
significant
business units or
significant
processes in the
fraud risk
assessment.
10 Risk Management
Assessment reviews identified
fraud risks with the
audit committee
and seeks
guidance from the
audit committee on
other associated
risks.
4 Source: www.knowledgeleader.com
Describe
Specific Describe the
Type of
Activities, New/ Basis for
Does Are Are Deficiency Management
Programs Changed Test Effectiveness
COSO Point of Focus/ This Controls Control Test Documentation Controls Deficiencies (Efficiency, Action Plan
# or in the Workpaper Conclusion
Component Control Objective Control Properly Owner Procedures Reference Operating Noted Fin. to Address
Controls in Current Reference (Including
Exist? Designed? Effectively? Reporting, Deficiencies
Place that Year? Evidence of
Compliance)
Satisfy the Operation)
Objective
12 Control Management
Activities makes changes to
the organization's
processes to
reduce or eliminate
the risk of fraud.
5 Source: www.knowledgeleader.com
Describe
Specific Describe the
Type of
Activities, New/ Basis for
Does Are Are Deficiency Management
Programs Changed Test Effectiveness
COSO Point of Focus/ This Controls Control Test Documentation Controls Deficiencies (Efficiency, Action Plan
# or in the Workpaper Conclusion
Component Control Objective Control Properly Owner Procedures Reference Operating Noted Fin. to Address
Controls in Current Reference (Including
Exist? Designed? Effectively? Reporting, Deficiencies
Place that Year? Evidence of
Compliance)
Satisfy the Operation)
Objective
6 Source: www.knowledgeleader.com
Describe
Specific Describe the
Type of
Activities, New/ Basis for
Does Are Are Deficiency Management
Programs Changed Test Effectiveness
COSO Point of Focus/ This Controls Control Test Documentation Controls Deficiencies (Efficiency, Action Plan
# or in the Workpaper Conclusion
Component Control Objective Control Properly Owner Procedures Reference Operating Noted Fin. to Address
Controls in Current Reference (Including
Exist? Designed? Effectively? Reporting, Deficiencies
Place that Year? Evidence of
Compliance)
Satisfy the Operation)
Objective
23 Monitoring Management
reports the results
of internal reviews
of internal controls
over financial
reporting, including
noted instances of
fraud, to the audit
committee and
external auditors.
24 Monitoring A conflict of
interest policy
exists regarding
independence
7 Source: www.knowledgeleader.com
Describe
Specific Describe the
Type of
Activities, New/ Basis for
Does Are Are Deficiency Management
Programs Changed Test Effectiveness
COSO Point of Focus/ This Controls Control Test Documentation Controls Deficiencies (Efficiency, Action Plan
# or in the Workpaper Conclusion
Component Control Objective Control Properly Owner Procedures Reference Operating Noted Fin. to Address
Controls in Current Reference (Including
Exist? Designed? Effectively? Reporting, Deficiencies
Place that Year? Evidence of
Compliance)
Satisfy the Operation)
Objective
between
employees and
suppliers.
Violations of this
policy are
investigated.
8 Source: www.knowledgeleader.com