The Association of Certified Fraud Examiners says that there is fraud lurking in all businesses, including not-for-profit organizations. It often goes undetected for years and when uncovered, management and the board may question why an auditor did not identify it. The auditor’s responsibility in a financial statement audit is to assess risk and perform sufficient procedures to obtain reasonable assurance that the financial statements are free from material misstatement due to fraud or error. However, failure to perform an adequate fraud risk assessment and report deficiencies in internal control, such as a lack of segregation of duties, can leave a firm vulnerable.

This course will discuss the audit procedures that should be performed in accordance with AU-C §240 as recently amended, best practices in performing fraud risk assessment procedures, when and how to report control deficiencies noted in an audit, and the most frequent types of fraud found in small to mid-sized entities along with internal controls that could be implemented to help prevent and detect them. We will look at various cyber fraud schemes and how they might be prevented or detected, the use of analytics as fraud risk procedures, and assessments of fraud risk in a Single Audit. This course features case studies.