4 auditors from Glory To Glory (audit firm) were tasked with auditing a restaurant in Melbourne. They had to meet on Zoom, working from home, due to COVID-19 restrictions.
We are doing online delivery now and we are ordering supply from local suppliers.
Seems like your business is going through a difficult time. Do you guys have a plan for the coming months?
ZOOM
The team established that Sushi Tei is a restaurant that specialises in Japanese cuisine. The restaurant was not able to operate normally as the customer were not allowed to dine-in. However, delivery & takeaway were still available.
CONTRACT
APPROVED
ONLINEORDERING SYSTEM
The auditors noticed, through documentation provided by the restaurant, that the sales performance of the restaurant had been dropping since the start of lockdown.
UBER EATS
The auditors recognised that there could be a going concern risk due to:- Prolonged losses- Unstable supply (limited flight/supply chain restrictions during the pandemic)
Shawn contacted the owner, Hailey for further discussion. Hailey claimed that they were doing better as they had just recently started to provide online ordering services and and changed the overseas suppliers to a local company that provided more stable supplies.
Shawn inspected the contract and terms between the new suppliers and the restaurant through their online ordering system to verify the client’s statement on the new changes. Hence, the team determined that the entity could be established as a going concern because of the credible evidence.
Calling Hailey...
Following this, it was found that during COVID-19 times, the entity received more orders through UberEats for delivery and takeaway due to the lockdown restrictions.
To: camila@gmail.comFrom: hailey@gmail.comHi!Here's the list of authorised people to view our customer & supplier information.
The restaurant stored the customer data gathered through UberEats in their system, along with their supplier information. The customer & supplier data is also automatically uploaded onto a cloud as the owner does not know how to stop it and have yet to ask their IT consultant about it.
Ugh, how do I stop it from uploading to the cloud server... It's okay, I'll figure it out later.
UPLOADING 56%
Since the customers & suppliers' data is considered sensitive information, Camila brought up the risk of unauthorized access to this information and she was tasked to gather information about the risk.
I think that there could be a serious cybersecurity risk here.
Hailey, the owner of Sushi Tei mentioned that one of controls (ITGCs) that the entity had in place to prevent unauthorized access to customer & supplier data was that only managers have access to the data and the user access would be terminated if the manager ever left.
We have a list of people authorised to see the customer & supplier data. I'll email it to you, Camila.
Camila received an email from Hailey with the details of the people who were authorized to access the customer & supplier data.
Wait, why is Justin's name here?! And he recently viewed the data...?He shouldn’t be able to...
Justin
Guys, I found out that Justin used to be a manager at Sushi Tei..
WHAT?!
I'm sorry
We should test the entity's account balance and transaction instead of testing their control
Camila discovered that Justin's name was on the list of authorized people and that they had accessed the data on the cloud recent
Cut off assertion Accuracy
First check on the revenues and sales invoices
After investigating, it was found that Justin used to be a manager at the restaurant before quitting & joining Glory To Glory as an auditor.
!! Email from Sushi Tei All receipts, invoices have been included
This email has been encrypted with SFTP.
Selena who was the engagement leader immediately removed Justin from the assignment due to the risk of familiarity. She realised he hadn't fully disclosed his previous experience in his independence declaration.
!! Email from Sushi Tei Stock Sheets, Purchase orders, COGS record, including GL history.
Since there was clear evidence showing the internal control of Sushi Tei is weak, Camila had set a lower control risk and increased the detection risk. The auditors agreed that they were going to spend more time on substantive testing with this control.
Additionally, Selena, who was in charge of assessing assertions, realized that there was a high risk of overstating sales due to the drop in revenue. This would place a higher emphasis on both the accuracy and cut-off assertions.
Selena gathered all relevant invoices and sales dockets, from the UberEats ordering system. She then checked revenues were recorded in the right period, and recorded accurately to the correct amounts. This test of details was performed to ensure revenue and profits were not overstated, or understated for the restaurant to take advantage of government COVID assistant subsidies.
This is great! Looks like there's no major exceptions. Let's start issuing our opinion.
Existence and value and allocation are other assertions that were also considered by Selena. Due to inventory fluctuations and using an online ordering system, it may be hard to keep track of inventory. There needs to be proper checks to ensure the correct inventory exists, and they aren't using cheap local alternatives and overstating it in the balance sheet.
User access was definitely a problem. They need better controls. Let's make some suggestions!
What do you think we should raise in the report?
As the use of a new supplier may lead to a change in creditors and credit terms, Selena realised this could also be a risk to value and allocation, as it needs to be ensured that all liabilities are being recorded accurately, and that they haven't fallen behind on any previous creditors.
To: manager@sushitei.com
I must also check on Sushi's liquidity so that they are able to pay their suppliers and creditors
As a result of being sent through the evidence, the auditors performed one final check, reconciling a sample of invoices and receipts with the cash at bank, sales amounts and other relevant FSLIs in the restaurant's financial statements.
Cash Flow Statements
Bank Statements
Following the reconciliation, the auditors concluded that there were no material exceptions noted from the testing. It was now time to finalise the fieldwork and move into the conclusion stage - to provide Glory to Glory's audit opinion.
The auditors noted that although there were no main exceptions in the testing of the statements themselves, it was important for Sushi Tei to constantly monitor their financial performance going forward. They highlighted that the user access authorisation was a control that needed a better system/approach and it something to work on for next year's audit.
The final audit report highlighted:- the scope of the audit;- the risk and verification of going concern;- key audit matters: relating to FSLI overstatement risk and lack of user access verification;- final audit opinion: unqualified;- and the auditor's responsibility that they had fulfilled during the audit.
AUDIT REPORT2021
Zoom
The End
Group 3Chui Man Cheung (ID: 30161258)Mrinalini Sridhar (ID: 30563577)Thomas Edward Brougham (ID: 28758331)Bry Ann Chan (ID: 30286905)Anthony Horomidis (ID: 29670462)Tutor: Dhayani KirubaharanTutorial Timeslot: Fri 1.30pm
The auditors had one final zoom meeting from the auditor's office (as COVID-19 restrictions had slightly eased) with the restaurant to discuss and share their findings.
The End.
Bolo vytvorených viac ako 30 miliónov storyboardov