External Audit
The New Audit Requirements
Under the new standards for audits (CICA Handbook section 5135 - the auditor's responsibility to consider fraud), documentation of the auditor's understanding of information systems and internal controls is now mandatory. Auditors are now responsible for assessing the risk of fraud and error that may exist within their audit clients. If not, your firm is at risk of penalties from the Practice Inspection division of your Provincial Institute and a lawsuit from your clients should you not discharge your fiduciary duties.
The latest Practice Inspection findings have identified critical deficiencies in the working papers of the external auditor in identifying and documenting the risks and controls addressing fraud and error at their clients.
The risk of fraud and error in your client's operations is not remote. A recent PriceWaterhouseCoopers Global Economic Crime Survey found that over half of Canadian companies reported being a victim of economic crime. This fraud cost the companies on average $3.6 million in 2007.
It also appears that companies are not implementing preventive measures that could avoid fraud or error from occurring. The survey found that among Canadian companies:
- 36 percent do not have a whistleblower committee
- 35 percent do not have an audit committee
- 50 percent lack adequate fraud risk management techniques
- 67 percent do not provide fraud-related training to employees
What Can Our Firm do for You
Our firm specializes in the review and documentation of internal controls over fraud and error. We can identify high risk information technology (IT) processes and business processes and recommend controls that mitigate the likelihood of fraud and error.
Why us?
1. Independence. As we are not affiliated with you, the external auditor, there is no risk of conflict of interest in the services that we provide to your client.
2. Experience. Our team of Chartered Accountants and Certified Information System Auditors has many years of experience with internal controls and operations management. Please see the "Our People" tab for more details.
3. Services. We can provide a number of services to your clients, such as:
- Identify high risk fraud and error business and IT cycles
- Recommend preventative and detective controls that mitigate the risks identified
- Document, via narrative, flowcharts and/or walkthrough, your client's processes that address fraud and error
- Prepare policies & procedures that aid management in managing the risk of fraud and error such as a Whistleblower Policy
- Conduct fraud training and awareness courses for your client
- Implement important functions such as a Disclosure Committee or Audit Committee
- Prepare test scripts that identify whether internal controls over fraud and error have been designed, and are operating, effectively
We would be pleased to discuss our services further.
To contact David Trahair please click here or use the Contact Us tab at the left.
|
|