Auditing and Assurance Services: Risks, Controls, and Audit Process

Verified

Added on 2022/08/21

AI Summary

This report provides a comprehensive analysis of auditing and assurance services, focusing on the risks encountered in auditing revenues and procurement processes. It delves into potential issues such as overstating accounts receivables, understating allowances, and external challenges like cloud computing security. The report also identifies risks in procurement, including inadequate needs evaluation, fraud, and poor supply chain management. It then outlines expected key internal controls, categorized as detective, preventive, and corrective measures, to mitigate these risks. The document further details the six-step auditing process, from requesting financial documents to conducting a closing meeting, using the OXL Vietnam case study as an example. The report emphasizes the importance of adhering to generally accepted accounting standards and provides a practical framework for understanding and implementing effective auditing and assurance practices within organizations.

Running head: AUDITING AND ASSURANCE SERVICES 1
Auditing and Assurance Services
Student’s Name
University Affiliation

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

AUDITING AND ASSURANCE SERVICES 2
Auditing and Assurance Services
Financial auditing refers to the procedure of evaluating the accounting entries of an
organization’s financial records to establish if they are in line with the applicable laws and
regulations such as generally accepted accounting standards. On the other hand, assurance
insinuates the process of verifying the accounting records in an organization to determine
whether they are accurate or not. Usually, assurance precedes the auditing process. Despite these
elaborations on auditing and assurance terms, the article proceeds to evaluate the risks
encountered in undertaking auditing of revenues and procurement processes; the anticipated key
control measures in both scenarios, and a step-to-step procedure that can be implemented to test
the case study in question.
Risks in Auditing Revenues and Procurement Processes
Various risks are encountered while auditing the revenues of an organization. For
instance, the company may intentionally overstate the accounts receivables. Overstating the
accounts receivables means that the firm records a higher figure of the income earned during the
entire fiscal period (Zamboni & Litschig, 2018). It should be noted that the top management may
collude with the junior employees to prepare financial reports that indicate the organization is
thriving. However, in the case study presented, OXL Vietnam seems to have understated the
income earned during the entire nine months it has been in operation. The total income recorded
in the income statement is just €779,850 while the expenses are €2,222,117. The case study
indicates that OXL Vietnam is making huge losses within a small period. The notion behind
understating the income levels is for the organization to evade the payment of taxes to the federal
government.

AUDITING AND ASSURANCE SERVICES 3
Besides this, the other risk that an auditor may experience is the understatement of
allowances. The recording of little allowances paid to employees reduces the total expenditure
thus increasing the profit margin (Zamboni & Litschig, 2018). For instance, OXL Vietnam has
recorded only € 411,897 as the amount for compensation and benefits of employees.
Nevertheless, other external risks may hinder the work of auditors. For example, cloud
computing calls for proper training of auditors regarding the security measures of the financial
records of the organization (Zamboni & Litschig, 2018). Therefore, inadequate training may
cause vital financial information of the company to be governed and controlled by a third party
thus causing approval of wrong financial reports
During the auditing of procurement processes, different risks are also encountered by
auditors. For instance, the first risk auditors’ face is the inadequacy in needs evaluation. Many of
the startup firms are unable to tell what they need when they need such products or services, and
a qualified supplier who can deliver timely and at an affordable price (Zamboni & Litschig,
2018). From our case, the income statement of OXL Vietnam records both online and offline
advertisement strategies yet the firm is languishing in losses. OXL Vietnam should devise a way
of reducing its expenses on the advertisement, communication, consultancy services, and travel
and entertainment charges offered to its employees (Zamboni & Litschig, 2018).
Overrepresentation of facts may result in reduced profits alongside hindering the firm from
gaining a competitive advantage in the market place.
Despite inadequate needs analysis, fraud and corruption is also another risk facing the
evaluation of procurement processes. Fraud and corruption stem down to invoice fraud and
embezzlement of funds by a recording of false transactions (Zamboni & Litschig, 2018). An
organization that is composed of a decentralized procurement function is more likely to harbor

AUDITING AND ASSURANCE SERVICES 4
this risk. This is because the organization won't be able to notice red flags during risk analysis as
the employees doctor the records early enough. However, for OXL Vietnam, the procurement
function is centralized. However, losses are realized as a result of double accounting of expenses.
For example, there is an entry of mobile social media costs and at the same time, we have an
entry recorded as internet access.
Thirdly, poor supply chain management has also been identified as a risk in evaluating
procurement processes. Poor supply chain management emanates from a decentralized system
that lacks transparency and contains inaccessible criteria for purchases, approvals, and payments
(Zamboni & Litschig, 2018). As a result of poor supply chain management, the organizations
will be exposed to false invoices and corrupt vendors. For instance, the recording of out of home
advertising and event advertising emanates from poor practices of supply chain management.
Therefore, the staff of such a company will spend most of their time chasing invoices thus
leading to late or duplicate payments.
Expected Key Controls
Internal controls are the policies and guidelines developed by a firm to protect its entire
assets, maximize productivity, and support compliance of its employees to these laws (Turner &
Weickgenannt, 2020). Various control measures can be utilized to curb the risks experienced in
auditing both revenue and procurement processes. There exist three main categories of internal
controls that can be emulated by any organization within any sector of the economy. These
classifications entail detective, preventive, and corrective measures of internal controls.
Detective internal controls are developed by an organization to determine problems after
its occurrence (Turner & Weickgenannt, 2020). These kinds of controls serve as part and parcel

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

AUDITING AND ASSURANCE SERVICES 5
of the checks-and-balances as well as providing information on the effectiveness of the stipulated
policies. Examples of detective internal controls that can be utilized under the two processes
include manual counting of inventory, surprise cash counts, internal audits, and enforcement of
job descriptions and expectations (Turner & Weickgenannt, 2020). OXL Vietnam acquires its
revenues from the advertisement of products and services offered by other firms alongside the
listing of those products on their website for easy accessibility by potential customers.
The other internal control measures that can be utilized by organizations include
preventative internal controls. Preventive internal controls aim to bar errors and irregularities
form occurring. Unlike the detective controls, preventive controls are executed regularly (Turner
& Weickgenannt, 2020). Preventive internal controls begin from locking a building before
leaving for home to keying in a password before finalizing a transaction. Nevertheless, other
preventive controls encompass installing a backup system for the organization's information,
employee screening, and training sessions, testing for clerical accuracy, and seeking approval
before performing any particular transaction (Turner & Weickgenannt, 2020).
Besides these two internal control strategies, corrective internal controls also form the
third category of ensuring the safety of assets possessed by an organization. Under this category,
measures are implemented to rectify the errors highlighted by the detective internal controls
(Turner & Weickgenannt, 2020). After an error has occurred, employees should adhere to the set
procedures in arriving at an appropriate solution. For instance, employees may decide to report
the problems arising to their supervisors. Nonetheless, other examples of corrective internal
controls include initiating training programs as well as instilling progressive discipline among
employees within an organization.

AUDITING AND ASSURANCE SERVICES 6
The Auditing Process
Six specific steps should be followed strictly for a successful audit. Firstly, the auditor
should request the financial documents of the organization to be audited (Antipova, 2016). This
step of requesting financial documents is preceded by the auditor notifying the organization of
the upcoming audit to initiate preparations for the same. The financial documents may entail a
copy of the previous audited report, original bank statements, receipts, and ledgers (Antipova,
2016). In the case study provided, the auditor will use the income statement for OXL Vietnam
dating from April 2019 to December 2019. Conversely, OXL Vietnam failed to provide
organizational charts as well as the committee minutes alongside its bylaws for auditing
purposes.
Secondly, the auditor prepares an audit plan indicating how the auditing process will be
conducted. In this stage, the auditor goes through the financial documents and plans how he or
she will carry out the auditing procedure (Antipova, 2016). Moreover, a risk evaluation may be
incorporated to establish possible problems that may be encountered during the entire auditing
procedure. Thirdly, the auditor schedules an open meeting with employees within the
organization under audit. The auditor invites the senior management team as well as the essential
administrative staff in an open meeting. During the meeting, the auditor presents the scope of the
audit to these parties (Antipova, 2016). Moreover, the time required for the auditing to be
complete is agreed-upon alongside department heads being requested to inform their staff of
possible interviews with the auditor.
The fourth step encompasses conducting onsite fieldwork. In this stage, the auditor uses
the collected information from the open meeting in completing the drafting of his or her audit

AUDITING AND ASSURANCE SERVICES 7
plan. After this, fieldwork is executed through face-to-face interviews with staff members
together with evaluating the processes used by the organization (Antipova, 2016). The processes
are evaluated to determine whether they are in line with the set policies and standards.
Additionally, the auditor may proceed to discuss the problems noted while auditing the firm’s
records to provide the organization with the opportunity to react accordingly.
Fifthly, the auditor proceeds to the drafting of the report. After conducting enough
research through interviews with the staff, the auditor is now at liberty to prepare a report that
indicates the findings of the audit. The report contains posting problems, mathematical errors,
and payments made but not received by the other company (Antipova, 2016). The auditor winds
up the report by offering viable recommendations to tackle the problems realized. Finally, the
last step is setting up a closing meeting. During this meeting, the auditor invites the management
and seeks their response regarding the audit report (Antipova, 2016). He then proceeds by
proposing the course of action that can be undertaken by the management in curbing the
financial challenges encountered by the organization as well as the projected date of completion.
References
Antipova, T. (2016). Auditing for financial reporting. In Global Encyclopedia of Public
Administration, Public Policy, and Governance. Springer.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

AUDITING AND ASSURANCE SERVICES 8
Turner, L., & Weickgenannt, A. (2020). Accounting information systems: controls and
processes. Wiley.
Zamboni, Y., & Litschig, S. (2018). Audit risk and rent extraction: Evidence from a randomized
evaluation in Brazil. Journal of Development Economics, 134, 133-149.