Читать книгу Wiley Practitioner's Guide to GAAS 2020 - Joanne M. Flood - Страница 94

The auditor should make the following inquiries of management:

 Does management or others within the entity know about actual or suspected fraud?

 Have there been any allegations of actual or suspected fraud from employees, former employees, analysts, regulators, short sellers, and others?

 Does management understand the entity’s fraud risk, including any identified risk factors or account balances or classes of transactions for which a fraud risk is likely to exist? How does management identify, respond to, and monitor those risks?

 What programs and controls does the entity have to help prevent, deter, and detect fraud? How does management monitor such programs?

 When there are multiple locations, how are operating locations or business segments monitored? Is fraud more likely to exist at any one of the locations or business segments?

 Does management communicate its views on business practices and ethical behavior to employees, and, if so, how?

 Has management communicated to those charged with governance how the entity’s internal control prevents, deters, and detects fraud?

(AU-C 240.17–.19)

When evaluating management’s responses to these inquiries, auditors should remember that management is often in the best position to commit fraud. Therefore, the auditor should determine when it is necessary to corroborate those responses with other information. When responses are inconsistent, the auditor should obtain additional audit evidence.