BACKGROUND:
Auditors need to use a top-down approach to identify controls to test. This approach starts at the top of an organization (financial statements and entity-level controls) and helps to link the financial statements to significant accounts, relevant assertions, and major classes of transactions. Entity-level controls are included in the control environment or via monitoring components. Examples that have a pervasive effect on internal control include tone at the top, assignment of authority and responsibility, and corporate codes of conduct.
Haun CPA has been asked to do an integrated audit for Gemini Industries, a manufacturer of watches. During the course of their audit, Haun CPA auditors have noted various issues and items. They have observed the Gemini Company’s CEO walking around checking on production and productivity, as she is very concerned about meeting goals and output quantity, seemingly at any cost. Additionally, Haun CPA auditors noted that a new Gemini employee started in accounting during the course of the audit. The manager of the accounting staff asked the employee to sign a form stating that he had reviewed the code of conduct--and then indicated that they would "find" one for him to sign later. Also, Haun CPA auditors observed that in the board minutes, the Gemini IT chair indicated that many employees were collaborating on making changes to their internal software, and as such, their passwords have been removed for the interim until the changeover. The Haun CPA auditors discussed these items in their closing meeting.
1. What could the constant observation of production and productivity by the Gemini CEO indicate?
2. Why would the Haun CPA auditors be concerned about Gemini's HR policy regarding their code of conduct?
3. Why does Gemini's change of passwords in the IT department affect Haun CPA's audit?