Forensic audit has gained lot of importance recently due to rapidly changing landscape in the field of accountancy involving many online components. It has become important for the business environment to ensure that company’s finances are kept safe. Unlike the regular audit where the objective is to ensure the true and fair presentation of financial statements, forensic audit involves accounting skills to investigate the fraud or embezzlement and to analyze financial information.
Procedure involved in forensic audit investigation:
A forensic audit has additional steps that is needed to be performed in addition to the regular audit procedures. The steps that would be required for the Forensic Audit would be:
Administrative Data:
1. Review of the applicable law and policies of the company
2. Chain of custody forms
3. Digital Evidence collection form
4. Consent form (if required)
5. Evidence tracker and evidence stored
Planning:
1. Gain understanding of the entity / area / process subjected to forensic audit
2. Background of the organization
3. Review of previous audit work (if any)
4. Deliverables
5. Create Analysis Work Plan
6. Create Investigative Plan
Collection of evidence:
1. Collection of evidence as per the Investigative plan.
2. Evidence should determine the period when the fraud occurred
3. Evidence with respect to concealment of fraud
4. Corroborative evidence to prove the fraud
5. Review of logical flow of information
Analysis:
1. Use of substantive techniques like doing reconciliations, review of planned documents
2. Analysis of comparative data of different segments
3. Establishing correlation of various data
4. Analysis of trends over a certain period of time
5. Comparison of the data with a benchmark data
6. Analysis beyond the financial data like the data available in the mail
7. Analysis the emails and identify the source data and transfer of various data
Internal Controls:
1. Understanding the Internal Controls of the organization / process
2. Understand the loopholes which allows fraud to be perpetrated
3. Testing the operational efficiency of the internal control
4. Interviewing of the suspects
5. Use of software for processing in enabling / concealing the fraud
Reporting:
1. Documentation of findings comprehensively
2. Fact based interpretation
3. Remember the requirement / expectation
4. Summary of evidences
5. Explanation for perpetration of fraud
6. Suggestions on improvement of internal control
Conclusion:
To summarize, a forensic audit is a detailed engagement which requires the expertise of not only accounting and auditing procedure but also the knowledge of information technology which has become the integral part of the business. It also requires the knowledge of the legal framework. A forensic auditor is also required to have an understanding of various frauds that can be carried out and of how evidence needs to be collected to unearth the fraud.
CAclubindia
