1.
Audit
Report
The audit team has gathered and
recorded all the information to improve understanding of Target Corporation and
enable determination and evaluation of risks related to misstatement of
transactions and account balances. Based on the feedback, the following risk
factors were determined.
Risk Factors
After examining the financial statements of Target Corporation, including income statements for the fiscal year 2016 and company procedures, potential risks were linked to the weakness of the internal controls system.
One of the risks of a weak internal control system is that Target’s information can be exposed to unauthorized access and might be manipulated in such a way that applying it in decision-making could result in implementing wrong strategies. Most of Target’s transactions are conducted online, hence, weak internal control could result in a loss of revenue.
Moreover, tracking of the auditing process and structuring of the organization
becomes difficult with a weak internal control system. This may result in poor communication
and improper delegation of duties.
2.
Memos
Memo 1
TARGET CORPORATION
Minneapolis, Minnesota, U.S.,
Target
Corporation
Office of the Auditor General
January
23rd, 2018
MEMO TO: CHIEF FINANCIAL OFFICER
FROM: Chief Auditor
SUBJECT: Strategies for mitigating Risk Factors and Audit Program for achieving Revenue Objectives
The internal audit team at Target Corporation was asked to recommend mitigation strategies for eliminating risks
presenting in the audit and to establish an audit program for achieving this goal.
After conducting further inquiry, observation and inspection, our team realized
that the management team should ensure that the internal control system
structure in place matches international standards to eliminate chances of
misstatement of financial materials.
A stable internal control is
particularly important because Target Corporation is a large company which as
well deals with large amounts of revenue per year. Effectiveness of the
internal control system will also contribute to adoption of reliable checks
needed to secure online transactions, provide clear definition of duties, and
improve revenue generation. The management team will also be required to
regularly review the internal control system and carry out system checks
prevent unauthorized transactional access.
Our internal audit team also
determined a list of revenue objectives which included: ensuring that recorded
transactions are valid and are appropriately valued, classified, and summarized
or reported in the master files. Since most of Target’s are conducted online,
evaluation of effectiveness of general controls caused by changes in program is
necessary to ensure safety of files. Moreover, inquiries and investigation of
documents relevant to changes in programs and master files is important for
sales orders, shipping, billing, and recording. Target Corporation may need to
outsource a system analyst to conduct frequent system checks for smooth running
of the online business and to enable placement of employees who possess
technical ability that match operational demands. The revenue objectives are therefore
achievable through a cycle approach.
Memo 2
TARGET CORPORATION
Minneapolis, Minnesota, U.S.,
Target Corporation Office of the Auditor General
January 23rd,
2018
MEMO TO:
CHIEF FINANCIAL OFFICER
FROM: Chief Auditor
SUBJECT: Communicating Results of Audit Process and Selecting a
Sampling Program for Formulating Field Activities
The internal audit team at Target Corporation
was instructed to find a proper way of communicating results from audit process
and to develop a sampling program for formulating field practices. According to
the International
Standards for Professional Practice of Internal Auditing, the chief audit
executive reviews and approves the channel of communication and legitimate
parties before audit results are issued. When it comes to communicating the
acceptance of risks by management, which may be unacceptable to the
organization, the chief audit executive must meet with senior management to
discuss the results. If the issue fails to be resolved at this level, the chief
audit executive must inform the board. The internal audit team only learns
about the acknowledgement of the risk when the upper management engages in
procedures such as assurance engagement and evaluation of actions recommended
in the audit report.
Generally, auditors possess
knowledge of account balances and transactions that are very likely to contain
misstatements. The knowledge is useful during sampling, to help select other
areas which affect achievement of goals, but auditor needs more information
about. Statistical sampling is particularly important in studying the risk
factors because statistical
theory enables the auditor to quantify the risk factors. This helps in
selection of strategies that can reduce the risks to acceptable levels. The
approach however requires training of auditors, which may result in added
costs.