Not performing risk assessment procedures for all significant transaction areas (e.g., risk assessment procedures performed for billing and collections but not for payroll which was significant)
Not retaining the support for opinion wording in the file (especially for modifications)
Specific items tested are not identified (e.g., “tested 25 disbursements, comparing amounts in the check register to cleared checks” — we don’t know which particular payments were tested)
Making general statements that can’t be re-performed based on the information provided (e.g., “inquired of three employees about potential fraud” — we don’t know who was interviewed or what was asked or their responses)
Charles Hall is a practicing CPA and Certified Fraud Examiner. For the last thirty years, he has primarily audited governments, nonprofits, and small businesses.
He is the author of The Little Book of Local Government Fraud Prevention and Preparation of Financial Statements & Compilation Engagements. He frequently speaks at continuing education events.
Charles is the quality control partner for McNair, McLemore, Middlebrooks & Co. where he provides daily audit and accounting assistance to over 65 CPAs. In addition, he consults with other CPA firms, assisting them with auditing and accounting issues.