Memo to CFO
Dear CFO,
The audit process is critical in maintaining the integrity of financial records, and for Target, the process is an integral part of the preparing financial reports per the regulations. In summary, the process takes around ten steps, and it starts with the engagement proposal to collaborate with departments for the audit process to commence. The next step is the engagement letter and a planning meeting with the audit staff, legal staff, and collaborating partners. The auditor then sends a planning memo and the audit program to the senior staff. The other steps are conducting client interviews, follow-up, documenting working papers, management comments, and writing a material weakness report to the management (Havelka & Merhout, 2013). The final part is preparing and presenting an audit report.
The actual work starts with the audit program, which contains the detailed set of written instructions that describes the audit procedures and the sequences that the audit process will follow. The program details all the activities that the audit team will undertake to make the process a success. The other important part of the process is the client interviews or fact-gathering interviews with employees. During the stage, the team has to meet with everyone from accounting clerks to the more important employees in the accounting department. All these steps are essential to produce a detailed audit report that captures all facts.
Delegate your assignment to our experts and they will do the rest.
Routine sampling is an important part of the audit process. One sampling the audit team can conduct is obtaining bank reconciliation prepared by the accounting department and then countercheck with the bank to obtain confirmation (Abbott, Parker & Peters, 2012). The process of getting confirmation with the bank is tedious but necessary to ensure no fraud or the books reflects the status of the company. Another additional audit work is reviewing cash receipts and disbursements in each bank for two months prior as well as checking inter-bank transfers. The team can also test the integrity and security of the accounting system as it is critical in the preparation of all records. Such work is justified for the same reason tracing discrepancies that might indicate unethical conduct.
The main risk identified is the reconciliation process, as the audit has identified some significant discrepancies. Those discrepancies might indicate theft or careless recording of transactions. Therefore, I recommend the automation of most transactions so that the system can automatically capture every activity. However, it is also important to reexamine the integrity of the accounting systems.
Memo to the CEO
Dear CEO,
The findings of the audit report have identified weaknesses in the accounting systems access controls. The accounting system used by Target has many users such as data entry clerks, accountants, internal auditors, the management, and other persons involved in the work of preparing the books of accounts. In a large organization, accessing the accounting system from different parts is critical to smooth operations, but it also introduces a security risk. Improper tracking can increase the chances of unauthorized access and tampering with critical data. If the data is interfered with, other mechanisms established to prevent fraud such as separation of duties might fail to work.
Given the risk identified, it is crucial to mitigate the risk. The most important strategy is to harden the system to make it immune from attacks from insiders or outside parties. Investment in tools such as firewalls, both software and hardware, is critical to protect the system, as well as promoting ethical conduct among employees (Klun, Mitja & Tina, 2011). Another strategy is to use artificial intelligence to track behavior within the system and report strange actions or unusual behavior that might indicate the system is compromised.
In terms of implementation, the first step is to adopt the separation of duties for those operating the system. Segregation of duties is vital to ensure that the different aspects of the system are under different people to prevent a single person acting as a gatekeeper. The next step is setting aside more funds to invest in strengthening the system and purchasing the required tools and software. Another strategy is hiring qualified and experienced staff with a proven record of protecting critical software system from attacks emanating from within organizations or from outside (Pongpattrachai, Cragg & Fisher, 2014). The possession of the right technical qualification and experience is crucial because Target is a worthy target for any party that wishes to tamper with its systems for financial gain.
References
Abbott, L. J., Parker, S., & Peters, G. F. (2012). Internal Audit Assistance and External Audit Timeliness. AUDITING: A Journal of Practice & Theory , 31 (4), 3–20. doi: 10.2308/ajpt-10296
Havelka, D., & Merhout, J. W. (2013). Internal information technology audit process quality: Theory development using structured group processes. International Journal of Accounting Information Systems , 14 (3), 165–192. doi: 10.1016/j.accinf.2012.12.001
Klun, M., Dečman Mitja, & Jukić Tina. (2011). The proceedings of the 11th European conference on eGovernment, Faculty of Administration, University of Ljubljana, Slovenia, 16.-17. June 2011 . Reading: Academic Publishing.
Pongpattrachai, D., Cragg, P., & Fisher, R. (2014). IT infusion within the audit process: Spreadsheet use in small audit firms. International Journal of Accounting Information Systems , 15 (1), 26–46. doi: 10.1016/j.accinf.2013.03.001
