Content Frame
Skip Breadcrumb Navigation
Home  arrow Chapter 6  arrow Internet Exercises  arrow SAS 99

SAS 99

SAS 99 requires greater emphasis on fraud detection by auditors and gives them guidance on how to meet their responsibilities to uncover fraud. Read the AICPA's "Statement on Auditing Standards No.99" to get an overview of SAS 99. The new standard requires auditors to investigate for fraud throughout the entire audit process. Two major types of fraud are 1) fraudulent financial reporting and 2) misstatements of assets. Three conditions often associated with the likelihood of fraud include incentives/pressures, opportunities, and attitudes/rationalizations. SAS 99 reiterates the importance of using professional skepticism when conducting an audit.

SAS 99 audit procedures for fraud detection include:

  1. Members of the engagement team, including the auditor-in-charge, are required to meet and discuss the susceptibility of the fraudulent misstatements on the financial statements and the likelihood of management's ability to override controls.
  2. Auditors should use the information gained from developing an understanding of the auditee's business and industry to identify risks of material misstatements due to fraud.
  3. Auditors are required to make inquiries about an entity's management regarding its;
    1. Knowledge of fraud, of suspected fraud;
    2. Awareness of fraud, or allegations of fraud;
    3. Understanding of the entity's fraud risks;
    4. Programs and controls that have been implemented to prevent, deter, and detect fraud and how management monitors the performance of these programs and controls;
    5. Monitoring of multiple locations or business segments; and
    6. Communication on business practices and ethical behavior to employees.
  4. Auditors should consider the results of analytical procedures to identify the risks of fraud.
  5. While gathering information for the audit, the auditor should evaluate if any of the fraud risk factors exist.
  6. The auditor should determine if the auditee has designed and implemented programs and controls to prevent, deter, and detect material misstatements due to fraud.
  7. The assignment of personnel and supervision on specific audit areas should be commensurate with the auditor's assessment of that area's fraud risk.
  8. The auditor should determine if the accounting principles used by the entity, including how they are applied as a whole, create any material misstatements on the financial statements.
  9. The auditor should incorporate an element of unpredictability in the audit procedures to be performed so that it will be more difficult for a fraudster to determine the mechanisms used by the auditor in detecting fraudulent misstatements.
  10. The auditor should perform procedures to determine if management override of internal control has occurred by examining journal entries and adjustments, review estimates for reasonableness, and evaluate other unusual, significant transactions recorded by the entity.
  11. During fieldwork, the auditor should determine whether management's specific responses or actions indicate an increased risk for fraud.
  1. What specific risk of material misstatement is required by SAS 99?

  2. What inquiries are auditors required to make due to SAS 99?

  3. What information does an auditor use to determine fraud risk factors?

  4. Should the auditor ever adjust the initial assessment of fraud risk?

  5. What responsibility does the auditor have regarding the entity's internal control according to SAS 99?

- Leslee Higgins

Pearson Copyright © 1995 - 2010 Pearson Education . All rights reserved. Pearson Prentice Hall is an imprint of Pearson .
Legal Notice | Privacy Policy | Permissions

Return to the Top of this Page