Home » Auditing
Category Archives: Auditing
Public Financial Management
The paper examines the auditor’s opinion letter for Major Medical Center and Hospital Support, Inc. The report of the independent auditors seeks to instill confident on the various stakeholders. This paper also analyzes the financial statements and review notes and any concerns. Lastly, the paper will evaluate the financial statement of Major Medical Center and Hospital Support, Inc.
Auditor’s Opinion Letter
Auditing is an independent examination that is used to test the precision and completeness of information presented in a firm’s financial statement. The test enables the independent auditor or Certified Public Accountant (CPA) to give an opinion. According to Finkler, Steven A. et al. (2012), the opinion should check on whether the corporation financial statements denote its true pecuniary position and whether it has complied with the Generally Accepted Accounting Principles. The aim of auditing is to ensure that it offers an assurance to stakeholders on the true and fair view of the company as at a particular period.
To form an opinion, the auditor will request data from persons and institutions to confirm their bank balances, contractual obligations, amount contributed, and money owed to and by the firm. Also, the auditor needs sufficient disclosure in the financial statements through a review of the journal and ledgers, physical assets, and board minutes. In this case, the independent auditors have selected a model of the financial dealings to conclude whether there is appropriate documentation and whether there was correct posting of the transactions in the books. Further, they have interviewed key personnel to ascertain if there is adequate internal control system (ICS).
The auditor has offered unqualified opinion. This means that the firm’s financial records are fairly and suitably presented in accordance with GAAP. The financial statement examined includes changes in net assets, cash flows, and balance sheet. The statement of the Major Medical Statement is free from any material misstatements. There is no disclosure of any material object that would make the auditor offer unqualified report.
Reviewing the Financial Statements
There are unusual items in the statement of financial position. First, the asset limited as to use is an unusual item. They are assets that their use is limited by agreements or contracts with outside parties other than grantors and donors. An example of such unusual items includes funds that are deposited by a trustee. Second, the pledge is unqualified aptitudes to offer cash and other assets as stated at their NPV at the date of receiving the promise. The gifts are classified as either permanent or temporary depending on the restrictions of the donors.
Thirdly, there is use of estimates in the preparation of financial statements in conformism with GAAP. It necessitates the management to make estimates and assumptions that affect the reported amount of liabilities and assets (Finkler, Steven A. et al. 2012). The estimate affects the reported figures of revenue and expenses during a specified reporting period. Further, the management believes that the figures are based on assumptions and estimates are reasonable and actual figure should not have material impact on the financial position of the hospital.
Fourthly, there is the capitation fee in the preparation of healthcare accounting statements. The figure represents a fixed dollar amount of fees per person that is paid periodically by a third-party regardless of the type of services provided. Also there is a contractual adjustment, which is the variance between the gross patient service returns and the discussed payment by third party payers in arriving at net patient service proceeds.
Fifthly, there is an item termed as contingencies. It refers to a legal action that arises out of the usual course of its procedures. The final outcome of the process cannot be determined in exactness. The figure stated is material to the economic position of the Medical Center. The position of the healthcare is of the opinion that ultimate liability does not have a material effect on its financial position.
Review Notes and analyze any Concern
Note No. 9 (Professional Liability Insurance) – The Medical Center has collaborated with other facilities for insurance of professional liability. Captive insurance companies draw $2,000,000 from The Medical Center as deposits. In 2014, this deposit was replaced with an amount of $1,000,000 each. The deposit made by the healthcare is included in other current assets in the accompanying statement of financial statement in the year 2013. The management is accused of malpractices in excess of insurance coverage by numerous claimants. There are additional incidents that have occurred through December 31, 2014 that may lead to assertion of additional claims. The amount of $2,000,000 is material in the financial statement of the company. In case the graft claims are true, it may alter the opinion of the auditor due to its high level of materiality.
Evaluate Major Medical Center’s Financial Status.
The total operating revenue for 2014 is in excess of 2013 by $ 34,730 and there is increase in unrestricted net assets from $ 897 to $ 2,568. In the statement of financial position, the total current asset for the year 2014 has increased from $ 66,315 to $ 72,448. The property, plant, and equipment have also increased from $ 89,777 to $ 98,555. The result shows a significant improvement in the performance of the company. However, the total liabilities have increased from $ 129,509 in the year 2013 to $ 146,263 in the year 2014. In the cash flow system, the cash and cash equivalents at the beginning of the year 2013 is $ 8,201 but the health center closed the year at $ 9,005. Nevertheless, the cash and cash equivalents in the year 2014 has reduced from $ 9,005 to $ 8,065. This may imply that there is a financial misappropriation or simply the financial period was marred with difficulties.
The paper has examined the auditor’s opinion letter for Major Medical Center and Hospital Support, Inc. The report of the independent auditors seeks to instill confident on the various stakeholders. In the opinion of the auditor, the financial statements have been prepared in accordance with GAAP. There is no material fact that has been misappropriated to render the accounts as being false. Thus, the auditors have provided a clean bill on the reports by giving unqualified report. This paper has also analyzed the financial statements and review notes and any concerns. The notes have highlighted on a claimant about $2,000,000 that is said to have been misappropriated by the management. Lastly, the paper will evaluate the financial statement of Major Medical Center and Hospital Support, Inc.
Finkler, Steven A., Thad Calabrese, Robert Purtell, Daniel Smith (2012). Financial Management for Public, Health, and Not-for-Profit Organizations, 4th Edition. Pearson Learning Solutions. VitalBook file.
|Common Size =||Item of Interest = Inventory||1690||0.0338||2326||0.0498|
|Reference Items Total Assets||49976||46665|
|Current =||Current Assets||72448||0.4953||66315||0.512|
|Quick =||Quick Assets||72448-1690||0.4826||66315-2326||0.4941|
|Days of Cash on hands =||Cash||8065||7.4334||9005||8.9653|
|[(Operating Expense – Depreciation Expense)/365]||(418556-22541)/365=1084.9726||(385474-18856)/365=1004.4329|
|Receivable Turnover =||Net credit Sales||49719||1.2922||47614||1.1971|
|Average Account Receivables||(27232+49719)/2 = 38475.5||(31934+47614)/2 = 39774|
|Debt =||Total liabilities||196239||3.9267||176174||3.7753|
|Debt to Equity =||Total Debt||146263||2.9267||129509||2.7753|
|Times-interest-earned =||Income before Interest and Taxes||2568||0.5763||897||0.1708|
|Operating Margin =||Operating Income||420985||1.0448||386225||1.0452|
|Total Margin =||Net Income * 100||2429*100||0.577||751*100||0.1944|
|Net Income =Total Revenue – Total Expense|
|ROA =||Net Income||2429||0.006||751||0.0019|
|Average Total Sales||403605||403605|
|Average Total Sales = Beginning + Ending Total Assets/2|
|RONA =||Net Income||2429||751|
|Fixed Assets + Net Working Capital||[196239+(72448-130178)]||[176174+(66315-112495)]|
This is the final assignment essay for Ashford University OMM640 Business ethics and social responsibility. The global risk topic must be one of the following: economic, environmental, geopolitical, societal, or technological. I attached the essay assignment requirements. I must have it within 24 hours from the time of this order so that I can make any final adjustments. Turnitin will be used.
Ethics, Compliance, Auditing, and Emerging Issues Essay
Course name and number
Describe an emerging global risk for 2015 and beyond
Technology risk is insofar the greatest challenge facing majority of businesses across the world, yet many remain oblivious to the risks they are exposed to. Technology risk includes cyber attacks, data fraud/theft, critical information infrastructure breakdown and misuse of technologies. Technology risk has the greatest financial impact on a company, in addition to time consumption and loss of trust from customers. The impact and likelihood of a cyber attack in the modern business environment is estimated at above average, and the threats are becoming more each day. This is compounded by the fact that businesses have become more hyper-connected, and sensitive personal and consumer data is currently being stored in cloud where hackers can gain access from any part of the world.
Currently, more businesses continue to lean on technology as an integral part of their daily operations. This is due to the realization that businesses can only remain competitive in the modern world by adopting the latest technologies. This has in turn brought about technology-driven threats in the digital world. Emerging technologies such as data mining and cloud computing has created vast opportunities for businesses in terms of data and information gathering, storing and retrieval. Nonetheless, these new technologies present new threats which are often unknown or unanticipated by businesses. Worse still, most managers do not understand how technology poses serious risks in the business. Since they do not want to appear incompetent in matters to do with technology, they often shy away from talking about it.
Hacking is the greatest form of technology risk that businesses face today. About 33% of all technology risk aspects comprise of hacking. This is where malicious programs are used to obtain sensitive business information such as customers’ card details and later used to commit fraudulent transactions. The second risk aspect involves system failure. This accounts for about 30% of all the risks associated with technology. Systems failure may be brought about by hardware failure, utility disruptions and software failures. A number of institutions are at risk of experiencing failures in their computer systems from the larger data they process daily from mobile applications, computer applications, and other virtual devices. New applications present a 29% technology risk while deliberate malicious applications stand at 27% (“ACE Group,” 2015).
Some of the companies which have come under cyber attack include Target Company, TalkTalk in the UK, Orange France and others. In all these cases, customer’s personal data was stolen and used to commit fraudulent transactions resulting in huge losses. Surprisingly, about 90% of the cyber attacks originate from employees – this is through irresponsible online behavior, basic error, carelessness when handling their digital devices and loss of work equipment (“ACE Group,” 2015). There is no easy way out of the risks posed by cyber attacks. In most cases, cyber criminals remain anonymous and the business has little chances of apprehending them.
Discuss the key countries that might be associated with the risk
Ironically, technology risks are mostly associated with countries that rely heavily on technology. In that line, the United States is at a high risk of experiencing cyber attacks than any other country. The U.S. lacks an appropriate defense mechanism against cyber threats, making it a haven for cyber attacks. According to Kakutani (2010), the U.S. is more susceptible to cyber attacks compared to minor countries such as China, Russia, and other smaller nations such as North Korea. The U.S. relies heavily on new technology and storage of data in databases making it highly vulnerable to attacks from all over the globe. Countries lagging behind in technology adoption are less susceptible to cyber attacks. Nonetheless, this does not necessarily mean that countries should not adopt modern technologies – the benefits far outweigh the risks.
The banking system and payment systems involving use of credit cards in the U.S. are greatly exposed to cyber attacks. This is documented by the number of cyber attacks targeting banks and other institutions which keep sensitive consumer data during payments. A string of attacks have hit companies such as Target Company, Primera Blue Cross, Anthem, Sony Pictures, JPMorgan Chase, Home Depot, and others. These attacks led to loss of sensitive customer information, and the trend continues. In 2010, the Cyber Command and the Department of Homeland Security were unveiled to fight cyber crime. However, these agencies were formed to protect the federal government, leaving financial institutions and other retail businesses vulnerable to cyber attacks (Kakutani, 2010). The federal government is yet to establish institutions that can defend banks and other institutions during attacks, making them more vulnerable.
Evaluate the role of ethical decision-making in business organizations
Ethical decision making in business organizations has a key role to play in their success. Ethical decision making in business organizations constitute what is right or wrong decisions or behaviors. Ethical decisions can be described as those which are largely acceptable in the eyes of the law and the community. Business ethics involve the application of moral or ethical principles to solve complex problems that arise in business organizations (Gonzalez-Padron, 2015). Ethical decision making is critical to the viability of business organizations in the modern world. Unethical practices have led to heavy penalties, imprisonment and in worst cases failure of business organizations.
Deducing from above, ethical decision making helps to ensure longevity of the business organization, ensures the well-being of employees, suppliers, directors and individual officers, and helps the organization protect the welfare of the consumers and the society at large. The attitude of the top leadership towards ethical decision making sets the tone in the entire organization. Unethical managers often encourage employees to follow in the same steps and to engage in unethical practices (Gonzalez-Padron, 2015). The specific roles ethical decision-making plays among each of the categories will be discussed in the literature below.
Ethical decision making helps individuals in business organizations decide what is wrong or right, avoiding consequences such as sanctions, imprisonment and fines. During ethical reasoning, employees analyze complex business problems by looking at their duty and the possible consequences of their actions (Miller & Jentz, 2010). In this case, consequences are analyzed in terms of what the law dictates, and the punishment for going contrary to the law. Ethical decision making enables business organizations to be socially responsible in their operations. Social responsibility is an important role of business. In maintain corporate social responsibility, business organizations are responsible for their actions to the community at large. Business organizations are expected to give back to community, ensure responsible utilization of resources, minimize on pollution and ensure least negative impact on the environment.
Ethical decision making enables business organizations to maintain trust with shareholders, suppliers and customers. This is because the relationship among shareholders, suppliers, customers and the business is based on trust (Miller & Jentz, 2010). Customers expect the business to perform its duties accordingly, while suppliers also expect the business to fulfill its contractual obligations and to exercise fair dealings. The business is also expected to act to the best interest of the various stakeholders such as shareholders by focusing on stability and maximizing profits. Ethical decision making enables business organizations conform to the law and other written rules and procedures. The law contains gray areas or legal uncertainties. By analyzing whether the consequences of their actions will be right or wrong, employees are able to decide on correct decisions which do not have legal consequences (Miller & Jentz, 2010).
Impact of business ethics on stakeholder relationships
Stakeholders to a business encompass all individuals who have an interest either directly or indirectly in the organization. Thus stakeholders not only include individuals who receive monetary rewards but also those individuals in the community where the business operates. Examples include customers, suppliers, shareholders, investors, employees, the society and the government. Businesses consider the consumers, employees and shareholders as the most important stakeholders. Business ethics have a significant impact on the shareholders. As a result, most businesses have adopted stringent measures to ensure they act ethically.
Proper business ethics are important in establishing good rapport with various stakeholders. Business organizations which act unethically damage their reputation among consumers, who are among the primary stakeholders (Usnick, L., & Usnick, R., 2013). Consumers often change their perception of firms reported to have instances of ethical misconduct. Negative reputation drives sales down resulting to reduced profits. Unethical behavior among business organizations erodes investors’ confidence. Firms which manipulate their financial statements often erode investor confidence. Investors pull out their investment which leads to decline in shareholders’ value. Such actions increase consumer scrutiny which may result in a negative reputation. Business organizations are legally obligated to give a true and fair statement of their financial position to the public.
Unethical behavior that harms the community may result in strained relationship between the community and the organization. Communities are more concerned with the impact of the business organization to the natural environment. For instance in China, there have been violent community protests as people hold demonstrations against construction of companies which are viewed as heavy environmental pollutants (Arredy, 2014). Unethical conduct also attracts sanctions and hefty fines or penalties from the government and other relevant bodies.
It is absolutely necessary for businesses to design an ethics program, conduct training, and engage in compliance auditing. Ethics programs are meant to instill employees with sound decision making skills (Gonzalez-Padron, 2015). Many people are guided by personal morals and values. However, these play a minor role in helping the employee make the right decisions in the complex business environment. Employees find themselves in complex dilemmas involving the need to make decisions on hiring and dismissal, pollution control, pricing, advertising and other challenges. The little ethical knowledge they gained at school, church, and home may not provide them with a sufficient guideline on how to act when confronted with such issues. This necessitates creation of an ethics program.
An ethics program helps employees recognize ethical issues which arise in business (Usnick, L., & Usnick, R., 2013). Training enables the employees know how to solve such issues. Training also enables employees learn how they can cultivate ethical behavior within the business organization. Compliance auditing is important to a business organization since it helps to determine whether employees conform to certain processes or applicable rules. If the auditor detects laxity in employee conformance to rules or procedures established by the organization, the auditor may determine the course of action or put in place mechanisms to ensure employees comply. One of the roles of the auditors is to determine whether transactions or processes adhere to standards.
The following training plan is intended to create a general awareness among employees of the various security threats related to technology risks. The plan details the necessary standards of conduct and compliance to be achieved by all the employees.
The application of modern technology in every aspect of business organizations is inevitable in the current competitive global market. The use of modern technology enables firms to gain a competitive edge in the market. Currently, more businesses are adopting the use of technology in all areas of their business operations – from security, processing transactions, maintaining client files, and other confidential customer data. Data stored in digital format is easy to retrieve, update, search, transfer, erase, and takes less space. Nonetheless, the use of modern technology has exposed businesses to cyber attacks which results in losses worth millions of dollars. Statistics indicate that about 90% of the cyber attacks originate from employees (“ACA Group,” 2015).
Ethics and codes of conduct review
Employees should review the ethics and codes of conduct manual to increase their knowledge. Discussion will take place around the following key areas:
- Basics in the code of conduct
- Ethical behavior
- Fraud and misappropriation
- Conflicts of interest and ethical decision making
- Accountability in individual actions
- Reporting identified policy violations
- Impact of unethical decision making to the employees and the organization
- Common technological risks
The following are the most common aspects of information technology risks that businesses are currently facing.
- Hacking – hacking is one of the most high risk technology risks. Cyber attacks conducted on businesses can cause immeasurable losses within days.
- Systems failure – This may occur in form of software failures, hardware problems and utility disruptions.
- Viruses and other malware programs, prevention and detection – employees play a critical role in malware detection and prevention. Irresponsible and careless use of the internet has been associated with cyber attacks.
- Data theft by staff and third parties – data theft by employees is also common in some institutions. Fraudulent company employees have in the past been associated with incidences of data loss. However with proper internal controls, these incidences can be minimized.
- New technological advancements which disrupt the existing business models – new technology advancements have disrupted business models which most businesses were familiar in. For instance, the rise of Uber has disrupted the traditional taxi model.
Malware and virus prevention
In this section, employees will watch videos of two other employees prowling the internet and discuss the following:
- How can employees differentiate e-mails from authentic senders and those from unknown sources?
- What are the dangers of clicking links and pop ups from unknown sources?
- What are the risks of using social media and online gaming sites to the organization?
- What are the risks of making downloads from the internet?
- Best practices in the workplace
Employees will be trained on the best practices to adopt while using computers in the workplace.
- Importance and need for physical security measures
- Security of passwords
- Virus and spyware protection
- General computer use policy
- Proactive responses to cyber attacks
The final phase of the plan will include detailed training on how employees ought to respond to suspected cyber attacks. Employees will be briefed on common hacking scenarios and the appropriate responses they should make in case of such incidences. This part will cover issues such as reporting, public relations, investigation, initial response and law enforcement.
Explain how the program will be implemented
Training must be carefully implemented so that the goals and objectives can be achieved. Training helps employees gain new knowledge or learn new ways of doing things. The first step in implementation will involve defining the goals and objectives to be achieved in a clear and concise manner. Objectives are derived from needs assessment. The next step is the implementation of the training program which takes into account the educational and experience level of employees. The best option in this case is short term training courses since employees are well educated and can easily grasp the new knowledge. Short term courses can be offered to employees at their workplaces by scheduling training programs preferably in early mornings.
A variety of techniques will be employed during training. Some training sessions will involve direct verbal interaction where employees will take notes. Visual stimuli will also be used in learning to make the program lively and interesting. Videos will be used to show employees how cyber criminals can gain access to computers remotely. Evaluations will be conducted during training though question and answer basis. This will enable the trainers to monitor the progress of employees. At the end of the training program, employees will be expected to sit for a written evaluation to gauge their overall understanding of the issues. At the end of the training, employees should demonstrate the skills learnt through safe use of digital gadgets in the office.
There are a number of considerations which must be in place prior to commencing the training program. These can be divided into institutional and individual considerations. The institutional considerations include systems capacity, supervisory capacity, structural capacity, availability of necessary facilities, and the amount of workload. Individual factors include performance of the employees and their availability for the training program. In addition to the above, relevant teaching materials must be available before teaching can commence. These materials include manuals and guides for both trainers and employees. Instructors conducting the training programs must have adequate knowledge in their respective teaching areas.
Availability of time must also be taken into consideration before training begins. Training should be conducted when employees have less workload at hand. It may not be wise to conduct training at a time when a business organization receives a great number of customers. In some cases, training can be scheduled during Saturdays when employees have less workload.
ACE Group, (2015). Emerging Risks Barometer 2015. Retrieved from http://www.acegroup.com/global-assets/documents/Europe-Corporate/Risk- Briefing/2015-07-07-Emerging-Risks-Barometer-final–PUBLISHED.pdf
Arredy, J. (2014). Police, Villagers Clash in Eastern China Over Waste Incinerator. The Wall Street Journal. http://www.wsj.com/news/articles/SB10001424052702303851804579555673333103480 ?mg=reno64-wsj
Gonzalez-Padron, T. (2015).Business ethics and social responsibility for managers[Electronic version]. Retrieved from https://content.ashford.edu/
Kakutani, M. (2010, April 26). The Attack Coming From Bytes, Not Bombs. The New York Times. http://www.nytimes.com/2010/04/27/books/27book.html?pagewanted=all&_r=0
Miller, R. L. R., & Jentz, G. A. (2010). Fundamentals of business law: Excerpted cases. Mason, OH: South-Western Cengage Learning.
Usnick, L., & Usnick, R. (2013) Compliance program auditing: The growing need to insure that compliance programs themselves comply. Southern Law Journal, 13(3), 1 – 327.